On Tue, Dec 12, 2023 at 07:38:30AM +0100, Sebastian John wrote:
> Hello,
>
> I installed (not upgrade) OpenBSD 7.4 (amd64) on a brand new
> machine. I put the isakmpd.conf from the old maschine (7.3) on the
> new one. Also some other configurations (interfaces, pf...). All
> works fine but the incomming IPSec packets are not tagged anymore.
>
> [.. isakmpd.conf ..]
> PF-Tag= IPSEC_FOOBAR
> [..]
>
> [.. pf.conf ..]
> pass out quick on em0 inet tagged IPSEC_FOOBAR
> [..]
>
> On the 7.3 maschine this works. Since OpenBSD 7.4 this does not work
> anymore. I didn't find any information in the upgrade instructions.
> There are a known bug? Or any other ideas?
Thanks for the report.
It looks like this was broken when we added sec(4) support in 7.4.
I just committed a fix.
>
> Sebastian
>
>
>
> --
>
No comments:
Post a Comment