Re: RFC: ipsec(4) pseudo interface

2018-01-10 Thread Kengo NAKAHARA
Hi, On 2017/12/26 17:31, Kengo NAKAHARA wrote: > Hi, > > On 2017/12/25 23:14, Christos Zoulas wrote: >> On Dec 25, 4:54pm, k-nakah...@iij.ad.jp (Kengo NAKAHARA) wrote: >> -- Subject: Re: RFC: ipsec(4) pseudo interface >> >> | Here is the updated patch series an

Re: RFC: ipsec(4) pseudo interface

2017-12-26 Thread Kengo NAKAHARA
Hi, On 2017/12/25 23:14, Christos Zoulas wrote: > On Dec 25, 4:54pm, k-nakah...@iij.ad.jp (Kengo NAKAHARA) wrote: > -- Subject: Re: RFC: ipsec(4) pseudo interface > > | Here is the updated patch series and unified patch. > | - https://www.netbsd.org/~knakahara/if_ipse

Re: RFC: ipsec(4) pseudo interface

2017-12-25 Thread Christos Zoulas
On Dec 25, 4:54pm, k-nakah...@iij.ad.jp (Kengo NAKAHARA) wrote: -- Subject: Re: RFC: ipsec(4) pseudo interface | Here is the updated patch series and unified patch. | - https://www.netbsd.org/~knakahara/if_ipsec/if_ipsec4.tgz | - https://www.netbsd.org/~knakahara/if_ipsec/if_ipsec4

Re: RFC: ipsec(4) pseudo interface

2017-12-24 Thread Kengo NAKAHARA
Hi, On 2017/12/23 9:05, Christos Zoulas wrote: > In article , > Kengo NAKAHARA wrote: >> Hi, >> >> Thank you for your reviewing. > > > Thanks for fixing; more nit-picking: > 1. there is a variable called err instead of

Re: RFC: ipsec(4) pseudo interface

2017-12-22 Thread Christos Zoulas
In article , Kengo NAKAHARA wrote: >Hi, > >Thank you for your reviewing. Thanks for fixing; more nit-picking: 1. there is a variable called err instead of error why (all the rest are called error)? 2. I prefer fewer lines

Re: RFC: ipsec(4) pseudo interface

2017-12-21 Thread Kengo NAKAHARA
Hi, I'm sorry, I send mail while editing by mistake. On 2017/12/20 22:40, Thor Lancelot Simon wrote: > On Mon, Dec 18, 2017 at 06:49:44PM +0900, Kengo NAKAHARA wrote: >> Hi, >> >> We implement ipsec(4) pseudo interface for route-based VPNs. This pseudo >> interface manages its security

Re: RFC: ipsec(4) pseudo interface

2017-12-21 Thread Kengo NAKAHARA
Hi, Thank you for your reviewing. On 2017/12/20 21:08, Christos Zoulas wrote: > In article <75925357-8e16-0f0f-b7a0-78155c865...@iij.ad.jp>, > Kengo NAKAHARA wrote: >> Hi, >> >> On 2017/12/19 2:54, Christos Zoulas wrote: >>> In article

Re: RFC: ipsec(4) pseudo interface

2017-12-20 Thread Thor Lancelot Simon
On Mon, Dec 18, 2017 at 06:49:44PM +0900, Kengo NAKAHARA wrote: > Hi, > > We implement ipsec(4) pseudo interface for route-based VPNs. This pseudo > interface manages its security policy(SP) by itself, in particular, we do > # ifconfig ipsec0 tunnel 10.0.0.1 10.0.0.2 > the SPs "10.0.0.1 ->

Re: RFC: ipsec(4) pseudo interface

2017-12-20 Thread Christos Zoulas
In article <75925357-8e16-0f0f-b7a0-78155c865...@iij.ad.jp>, Kengo NAKAHARA wrote: >Hi, > >On 2017/12/19 2:54, Christos Zoulas wrote: >> In article <02c36311-2fcd-08cf-cc71-b472e7c01...@iij.ad.jp>, >> Kengo NAKAHARA wrote: >>> Hi, >>> >>> We

Re: RFC: ipsec(4) pseudo interface

2017-12-19 Thread Kengo NAKAHARA
Hi, On 2017/12/19 11:07, Christos Zoulas wrote: > In article <20171218184400.ga27...@britannica.bec.de>, > Joerg Sonnenberger wrote: >> On Mon, Dec 18, 2017 at 06:49:44PM +0900, Kengo NAKAHARA wrote: >>> (a) Add if_ipsec.4 >>> (b) move current ipsec.4(for ipsec protocol)

Re: RFC: ipsec(4) pseudo interface

2017-12-19 Thread Kengo NAKAHARA
Hi, On 2017/12/19 2:54, Christos Zoulas wrote: > In article <02c36311-2fcd-08cf-cc71-b472e7c01...@iij.ad.jp>, > Kengo NAKAHARA wrote: >> Hi, >> >> We implement ipsec(4) pseudo interface for route-based VPNs. This pseudo >> interface manages its security policy(SP) by

Re: RFC: ipsec(4) pseudo interface

2017-12-18 Thread Christos Zoulas
In article <20171218184400.ga27...@britannica.bec.de>, Joerg Sonnenberger wrote: >On Mon, Dec 18, 2017 at 06:49:44PM +0900, Kengo NAKAHARA wrote: >> (a) Add if_ipsec.4 >> (b) move current ipsec.4(for ipsec protocol) to ipsec.9, and then >> add ipsec.4(for ipsec

Re: RFC: ipsec(4) pseudo interface

2017-12-18 Thread Joerg Sonnenberger
On Mon, Dec 18, 2017 at 06:49:44PM +0900, Kengo NAKAHARA wrote: > (a) Add if_ipsec.4 > (b) move current ipsec.4(for ipsec protocol) to ipsec.9, and then > add ipsec.4(for ipsec pseudo interface) > (c) any other I'd call it either ifipsec(4) or ipsecif(4). Joerg

Re: RFC: ipsec(4) pseudo interface

2017-12-18 Thread Christos Zoulas
In article <02c36311-2fcd-08cf-cc71-b472e7c01...@iij.ad.jp>, Kengo NAKAHARA wrote: >Hi, > >We implement ipsec(4) pseudo interface for route-based VPNs. This pseudo >interface manages its security policy(SP) by itself, in particular, we do ># ifconfig ipsec0 tunnel

RFC: ipsec(4) pseudo interface

2017-12-18 Thread Kengo NAKAHARA
Hi, We implement ipsec(4) pseudo interface for route-based VPNs. This pseudo interface manages its security policy(SP) by itself, in particular, we do # ifconfig ipsec0 tunnel 10.0.0.1 10.0.0.2 the SPs "10.0.0.1 -> 10.0.0.2"(out) and "10.0.0.2 -> 10.0.0.1"(in) are generated automatically and