Emmanuel Dreyfus <manu@netbsd.org> wrote:

> But when I use telnet or nslookup on the road warrior, the traffic gets
> dropped by the local machine. I added a few printf in the kernel and
> discovered that for privilegied sockets, the source address is
> ${INTERNAL_ADDR}, but for unprivilegied sockets, it is ${LOCAL_ADDR}.
> Because ${LOCAL_ADDR} does not match any SPD, packets get dropped.

More on this topic: It's not a privilegied vs non privilegied socket
problem. In ip_ouput, the source address of an ICMP packet is not set,
and ip_ouput selects ${INTERNAL_ADDR}, while the source address of a TCP
packet has already been set from tcp_ouput.
 
I still wonder if this is a bug to fix or a normal behavior. If it is a
bug, then what should be the right behavior?

-- 
Emmanuel Dreyfus
Il y a 10 sortes de personnes dans le monde: ceux qui comprennent 
le binaire et ceux qui ne le comprennent pas.
manu@netbsd.org