As I mentioned before, at this moment IPsec blowfish support is rather
	unstable.
	- 1.5 branch has old IPsec ESP engine, and netbsd-current has new IPsec
	  ESP engine
	- they emit different ciphertext against the same plaintext, with
	  blowfish only (other algorithm has no change)
	- i'm convinced the new code is right, but there are other people
	  who tells me the opposite

	so for now, please refrain from using blowfish in mission-critical
	application.  I hope to sort it out very soon, and repair either 1.5
	or netbsd-current as soon as possible.

itojun