Re: pf rdr statement & ipsec processing interaction

2007-08-14 Thread Eric Masson
"Bjoern A. Zeeb" <[EMAIL PROTECTED]> writes: > ifconfig enc0 | grep UP > > if not, ifconfig enc0 up Ok, this is better as mpd4 receives l2tp packets, thanks :) [EMAIL PROTECTED]:~> sudo /usr/local/sbin/mpd4 Multi-link PPP daemon for FreeBSD process 1586 started, version 4.2.2 ([EMAIL PROTECTED]

Re: pf rdr statement & ipsec processing interaction

2007-08-14 Thread Bjoern A. Zeeb
On Tue, 14 Aug 2007, Eric Masson wrote: "Bjoern A. Zeeb" <[EMAIL PROTECTED]> writes: Hello Bjoern & all, this is expected behavior. You want to read about the IPSEC_FILTERTUNNEL (fka. IPSEC_FILTERGIF) kernel option and enc(4). I've compiled a new kernel with IPSEC_FILTERGIF, tcpdump now can

Re: pf rdr statement & ipsec processing interaction

2007-08-14 Thread Eric Masson
"Bjoern A. Zeeb" <[EMAIL PROTECTED]> writes: Hello Bjoern & all, > this is expected behavior. You want to read about the > IPSEC_FILTERTUNNEL (fka. IPSEC_FILTERGIF) kernel option and > enc(4). I've compiled a new kernel with IPSEC_FILTERGIF, tcpdump now can see unencrypted L2TP packets on extern

netncp/netsmb users please test a patch.

2007-08-14 Thread Jeff Roberson
http://people.freebsd.org/~jeff/select.diff I have redone the select locking. This included changing some cruft in smb/ncp. I have tested smb myself, but would appreciate more feedback. I am not able to test ncp. Please let me know if this works for you. Thanks, Jeff _