Subject: Re: NAT stops working with IPSEC kernel
To: None <firstname.lastname@example.org>
From: ARIGA Seiji <email@example.com>
Date: 03/30/2000 00:36:21
On Sun, 26 Mar 2000 13:10:02 -0800 (PST)
Paul Newhouse <firstname.lastname@example.org> wrote:
:I compile a kernel with IPSEC the same config files that used to work
:for NAT stop working. I see log messages like:
First, could you tell me,
- Your network topology in which you are using NAT
- Which software are you using for NAT ? IPFilter ?
- What version of NetBSD are you using ? (And maybe, KAME version)
: Mar 26 12:50:45 bigbox /netbsd: ipsec4_set_policy: invalid direction=0
One of KAME guys said that,
"When setsockopt(so, IPPROTO_IP, IP_IPSEC_POLICY, policy, policylen); is used
in user level, ipsec4_set_policy() function in kernel will be called. And if
something wrong is in the policy structure at that time, this log will appear.
I think only rrenumd, traceroute, and racoon will be related to this log."
He is using both IPsec and NAT by IPFilter on FreeBSD3.4+KAME.
ARIGA Seiji <email@example.com>