Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports

To: gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost,gergely%egervary.hu@localhost
Subject: Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
From: christos%zoulas.com@localhost (Christos Zoulas)
Date: Sun, 9 Jun 2013 16:30:01 +0000 (UTC)

The following reply was made to PR bin/47894; it has been noted by GNATS.

From: christos%zoulas.com@localhost (Christos Zoulas)
To: =?ISO-8859-1?Q?Egerv=E1ry_Gergely?= <gergely%egervary.hu@localhost>, 
        gnats-bugs%NetBSD.org@localhost, gnats-admin%netbsd.org@localhost, 
netbsd-bugs%netbsd.org@localhost
Cc: 
Subject: Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
Date: Sun, 9 Jun 2013 12:29:53 -0400

 On Jun 9,  6:26pm, gergely%egervary.hu@localhost 
(=?ISO-8859-1?Q?Egerv=E1ry_Gergely?=) wrote:
 -- Subject: Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports

 | >  Good debugging. Please see:
 | >  
 | >  
 | >  PR/47886: Dr. Wolfgang Stukenbrock: IPSEC_NAT_T enabled kernels may access
 | >  outdated pointers and pass ESP data to UPD-sockets.
 | >  While here, simplify the code and remove the IPSEC_NAT_T option; always
 | >  compile nat-traversal in so that it does not bitrot.
 | 
 | Now I have a NetBSD-6.99.21 sandbox with yesterday's CURRENT.
 | No difference - still UDP/500...
 | 
 | You can find my racoon debug log here:
 |   http://pastebin.com/sNyxeA4V
 | 

 Can you send me your configuration so I can replicate your setup?

 thanks,

 christos

Prev by Date: Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
Next by Date: PR/47693 CVS commit: [netbsd-5] src/sys/netinet
Previous by Thread: Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
Next by Thread: Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
Indexes:

Home | Main Index | Thread Index | Old Index