Subject: Re: IPsec policy cache hint
To: Jason Thorpe <firstname.lastname@example.org>
From: Jonathan Stone <email@example.com>
Date: 03/16/2004 16:04:36
A couple of weeks ago, Jason committed his back-port of the KAME PCB
policy-cache code to sys/netipsec a cpiu[l. All the changes to
sys/netipsec were inside #ifdef __NetBSD__.
I'm in the midst of merging that into my own copy, which contains
other FreeBSD-derived code (including the TCP-md5 check, and various
baby-steps towards INET6.) and I'd I'd like to change all the
PCB-cache related ``#ifdef __NetBSD__'' tests to ``#ifdef
IPSEC_PCBCACHE'', to separate them from truly NetBSD-specific code and
so the PCB cache can be turned on for FreeBSD.
On NetBSD, sys/netipsedc/ipsec_osdep.h would define IPSEC_PCBCACHE;
IPSEC_PCBCACHE can later be garbage-collected.
If anyone objects to this idea, please yell now.