Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports

To: Egerváry Gergely <gergely%egervary.hu@localhost>, gnats-bugs%NetBSD.org@localhost, gnats-admin%netbsd.org@localhost, netbsd-bugs%netbsd.org@localhost
Subject: Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
From: christos%zoulas.com@localhost (Christos Zoulas)
Date: Sun, 9 Jun 2013 12:29:53 -0400

On Jun 9,  6:26pm, gergely%egervary.hu@localhost 
(=?ISO-8859-1?Q?Egerv=E1ry_Gergely?=) wrote:
-- Subject: Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports

| >  Good debugging. Please see:
| >  
| >  
| >  PR/47886: Dr. Wolfgang Stukenbrock: IPSEC_NAT_T enabled kernels may access
| >  outdated pointers and pass ESP data to UPD-sockets.
| >  While here, simplify the code and remove the IPSEC_NAT_T option; always
| >  compile nat-traversal in so that it does not bitrot.
| 
| Now I have a NetBSD-6.99.21 sandbox with yesterday's CURRENT.
| No difference - still UDP/500...
| 
| You can find my racoon debug log here:
|   http://pastebin.com/sNyxeA4V
| 

Can you send me your configuration so I can replicate your setup?

thanks,

christos

References:
- Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
  - From: Egerváry Gergely

Prev by Date: Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
Next by Date: Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
Previous by Thread: Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
Next by Thread: Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
Indexes:

Home | Main Index | Thread Index | Old Index