Re: NAT Traversal Patches ...
Hi all. On Sat, May 12, 2007 at 01:14:08AM -0500, Matthew Grooms wrote: > Alfred Perlstein wrote: > >Matthew, can you provide links to the patches and surrounding > >discussion. It may just be a matter of integration manpower... > > > > Here is a link to the 6.x patch set. I'm not sure where the most recent > patches are for head. Yvan will probably be willing to point us in the > right direction. > > http://ipsec-tools.sf.net/freebsd6-natt.diff As the file name says, this patch is up to date for FreeBSD6, but does not apply directly for FreeBSD's HEAD (well, it may apply but it won't compile). I just put the up to date patch for HEAD here: http://vanhu.free.fr/patch-natt-freebsd-HEAD-new.diff (thanks to Emmanuel Dreyfus from NetBSD project and Larry Baird from GTA, this patch is a team effort !) but I couldn't re-test it recently (I'll restart a FreeBSD 7 station this evening). > As for the surrounding discussion, I haven't seen anything recently > about why the changes haven't been integrated. I was hoping my post > would seed a new discussion regarding this. I exchanged private mails with Sam Leffler and George V. Neville-Neil some months ago. George told me he was interested in the patch and would have a look at it, but he also told me that he had some other stuff, and looks like we also had some lost mails (I know that at least two of my mails were sent back by some mailer daemons on the way). George, I guess you're reading the thread, if you didn't get my mail with the latest version of the patch... well, you also have the URL, now ! Yvan. -- NETASQ http://www.netasq.com ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: VPNC seems to connect, but cannot ping any IPs
which version had a good source? I tried two versions with similar errors? Thanks, -Jim Stapleton On 5/13/07, Jax <[EMAIL PROTECTED]> wrote: Jim Stapleton wrote: > I'm using VPNC (security/vpnc) to get into my works VPN, but I'm > having an odd problem I do not know where to look next. I am behind a > nat/router, which I unfortantely cannot move out from behind for a > while. While I suspect that may be the issue, I'm not sure what else > to do. > Not problem until you use udp for communication and the ports open on the fw which are required for ipsec. > Since this is $GATE --> $GATE, I suspect that is my problem. > Yeah the new vpncs start script has bugs like this. I also had to remove code from it so I suggest you to rewrite it as you need or put back the previous version from source. Jax ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Current problem reports assigned to you
Current FreeBSD problem reports Critical problems Serious problems S Tracker Resp. Description a kern/38554 netchanging interface ipaddress doesn't seem to work s kern/39937 netipstealth issue s kern/81147 net[net] [patch] em0 reinitialization while adding aliase o kern/92552 netA serious bug in most network drivers from 5.X to 6.X s kern/95665 net[if_tun] "ping: sendto: No buffer space available" wit s kern/105943 netNetwork stack may modify read-only mbuf chain copies o kern/106316 net[dummynet] dummynet with multipass ipfw drops packets o kern/108542 net[bce]: Huge network latencies with 6.2-RELEASE / STABL o kern/109406 net[ndis] Broadcom WLAN driver 4.100.15.5 doesn't work wi o kern/110959 net[ipsec] Filtering incoming packets with enc0 does not 10 problems total. Non-critical problems S Tracker Resp. Description o conf/23063 net[PATCH] for static ARP tables in rc.network s bin/41647netifconfig(8) doesn't accept lladdr along with inet addr o kern/54383 net[nfs] [patch] NFS root configurations without dynamic s kern/60293 netFreeBSD arp poison patch o kern/95267 netpacket drops periodically appear f kern/95277 net[netinet] IP Encapsulation mask_match() returns wrong o kern/100519 net[netisr] suggestion to fix suboptimal network polling o kern/102035 net[plip] plip networking disables parallel port printing o conf/102502 net[patch] ifconfig name does't rename netgraph node in n o conf/107035 net[patch] bridge interface given in rc.conf not taking a o kern/112612 netTraffic via additional lo(4) interface shows up on lo0 11 problems total. ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: VPNC seems to connect, but cannot ping any IPs
Looking at this a bit more, I think I should be able to simply modify a line on here to get it to work... Which of these would work the best? From: $ ifconfig "$TUNDEV" inet "$INTERNAL_IP4_ADDRESS" $ifconfig_syntax_ptp "$INTERNAL_IP4_ADDRESS" netmask 255.255.255.255 mtu 1412 up To: Do I create a loopback at 127.0.0.2 before hand or not? $ ifconfig "$TUNDEV" inet 127.0.0.2 $ifconfig_syntax_ptp "$INTERNAL_IP4_ADDRESS" netmask 255.255.255.255 mtu 1412 up this isntead uses my local net IP instead of a loopback $ ifconfig "$TUNDEV" inet 192.168.1.84 $ifconfig_syntax_ptp "$INTERNAL_IP4_ADDRESS" netmask 255.255.255.255 mtu 1412 up Thanks again, -Jim Stapleton On 5/14/07, Jim Stapleton <[EMAIL PROTECTED]> wrote: which version had a good source? I tried two versions with similar errors? Thanks, -Jim Stapleton On 5/13/07, Jax <[EMAIL PROTECTED]> wrote: > Jim Stapleton wrote: > > I'm using VPNC (security/vpnc) to get into my works VPN, but I'm > > having an odd problem I do not know where to look next. I am behind a > > nat/router, which I unfortantely cannot move out from behind for a > > while. While I suspect that may be the issue, I'm not sure what else > > to do. > > > Not problem until you use udp for communication and the ports open on > the fw which are required for ipsec. > > Since this is $GATE --> $GATE, I suspect that is my problem. > > > Yeah the new vpncs start script has bugs like this. I also had to remove > code from it so I suggest you to rewrite it as you need or put back the > previous version from source. > > Jax > ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
