ipsec & ipfw: 4.7-release vs -stable

From: Andriy Gapon (agapon@cv-nj.com)
Date: 02/10/03

Date: Mon, 10 Feb 2003 11:43:04 -0500 (EST)
From: Andriy Gapon <agapon@cv-nj.com>
To: freebsd-ipfw@freebsd.org, freebsd-security@freebsd.org

Is there any remedy expected before 4.8 release for the situation with
ipsec & ipfw interaction that was created after 'ip_input.c,
MFC: 1.214' ?

The reason I am asking this question with such a big crosspost is that it
seems that all previous discussions on this topic resulted in nothing. And
this change definetely breaks things for those who use ipsec without extra
stuff like gif tunnels. It definetely doesn't look like a kind of change
welcomed in -stable branch, not mentioning a potential security
vulnaribity for those who can not use gif.

I apologize in the case I have missed any latest developments in this

Andriy Gapon
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message