Hi, >>>>> On Sun, 02 Nov 2003 15:49:35 +0200 >>>>> Kostyuk Oleg <[EMAIL PROTECTED]> said:
cub> Problem is in order of starting /etc/rc.d/ipsec. cub> It must start BEFORE any network interaction, cub> may be even before configuring interfaces. cub> But I not sure in case with diskless mashines. cub> -# BEFORE: DAEMON cub> +# BEFORE: NETWORK It is not sufficient. There is setkey(8) in /usr/sbin. It means that we cannot protect NFS exported /usr by IPsec. If there is no objection, I wish to move setkey(8) into /sbin like NetBSD did. Sincerely, -- Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED],jp.}FreeBSD.org http://www.imasy.org/~ume/ _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "[EMAIL PROTECTED]"