head	1.4;
access;
symbols
	RELEASE_6_1_0:1.3
	RELEASE_5_5_0:1.3
	RELEASE_6_0_0:1.3
	RELEASE_5_4_0:1.3
	RELEASE_4_11_0:1.3
	RELEASE_5_3_0:1.3
	RELEASE_4_10_0:1.3
	RELEASE_5_2_1:1.3
	RELEASE_5_2_0:1.3
	RELEASE_4_9_0:1.3
	RELEASE_5_1_0:1.3
	RELEASE_4_8_0:1.3
	RELEASE_5_0_0:1.3
	RELEASE_4_7_0:1.3
	RELEASE_4_6_2:1.3
	RELEASE_4_6_1:1.3
	RELEASE_4_6_0:1.3
	RELEASE_5_0_DP1:1.3
	RELEASE_4_5_0:1.3
	RELEASE_4_4_0:1.3
	RELEASE_4_3_0:1.3
	RELEASE_4_2_0:1.3
	RELEASE_4_1_1:1.3
	RELEASE_4_1_0:1.3
	RELEASE_3_5_0:1.3
	RELEASE_4_0_0:1.3
	RELEASE_3_4_0:1.2
	RELEASE_3_3_0:1.2
	RELEASE_3_2_0:1.2
	RELEASE_3_1_0:1.1.1.1
	RELEASE_2_2_8:1.1.1.1
	RELEASE_3_0_0:1.1.1.1
	RELEASE_2_2_7:1.1.1.1
	RELEASE_2_2_6:1.1.1.1
	ARCHIE_1:1.1.1.1
	WHISTLE_ARCHIE:1.1.1;
locks; strict;
comment	@# @;


1.4
date	2006.04.06.13.54.44;	author archie;	state dead;
branches;
next	1.3;

1.3
date	2000.01.26.01.55.09;	author archie;	state Exp;
branches;
next	1.2;

1.2
date	99.03.10.22.27.52;	author archie;	state Exp;
branches;
next	1.1;

1.1
date	98.01.09.23.23.47;	author julian;	state Exp;
branches
	1.1.1.1;
next	;

1.1.1.1
date	98.01.09.23.23.47;	author julian;	state Exp;
branches;
next	;


desc
@@


1.4
log
@Remove the skip port. Created before there was an IPSec implementation on
FreeBSD, it is now extremely obsolete. In any case it doesn't compile. Earlier
version of this port can still be used on older versions of FreeBSD of course.
@
text
@diff -ur --unidirectional-new-file skipsrc-1.0.orig/doc/README.FreeBSD work.new/doc/README.FreeBSD
--- skipsrc-1.0.orig/doc/README.FreeBSD	Wed Dec 31 16:00:00 1969
+++ work.new/doc/README.FreeBSD	Mon Jan 24 12:35:38 2000
@@@@ -0,0 +1,73 @@@@
+
+Some notes regarding the FreeBSD port of SKIP
+December 8, 1997
+
+- Much of the non-man page documentation has NOT be patched to reflect
+  the different locations of files, etc. The main difference is that the
+  original version of SKIP puts everything under /usr/skip, whereas the
+  FreeBSD port has put it under @@@@PREFIX@@@@. This documentation can be
+  found in @@@@PREFIX@@@@/share/doc/skip.
+
+- Thanks to Stephanie Wehner, skiphost now takes a new argument for specifying
+  the source address for encrypted packets. This allows encrypted packets
+  that are being tunnelled between two routers to have source and dest
+  IP addresses of only those two routers. This reduces firewall complexity
+  in many cases. From her description:
+
+    This adds another command line option to skiphost, namely
+    -f <source address> . Every packet going out to the other host
+    will then have this source address in the packet.
+
+- SKIP is applied to packets *after* any ipfw(8) filtering is applied.
+  This is true for both incoming and outgoing packets. Note that SKIP
+  has its own access control functionality.
+
+  One way to deal with this is to do the following:
+
+  - Setup ipfw as you normally would to restrict access to your machine.
+  - Add additional ipfw rules to allow SKIP related traffic:
+    - ipfw add 10 allow 57 from any to any
+    - ipfw add 10 allow 79 from any to any (if using SunScreen mode)
+    - ipfw add 10 allow 50 from any to any (if using raw ESP/AH mode)
+    - ipfw add 10 allow 51 from any to any (if using raw ESP/AH mode)
+    - ipfw add 10 allow udp from any to <your-address> 1640
+    - ipfw add 10 allow udp from <your-address> 1640 to any
+  - Set the default rule for SKIP to be to allow access.
+
+- Skipd will logs via syslog(3) instead of logging directly
+  to /var/log/skip.log as before, using the LOG_DAEMON facility.
+
+  You may want to redirect this output to its own log file.
+  This is done by the following steps:
+
+    1. touch /var/log/skipd.log
+    2. Edit /etc/syslog.conf and add these lines at the end:
+
+       !skipd
+       *.*		/var/log/skipd.log
+
+    3. Edit /etc/newsyslog.conf as appropriate
+    4. Restart syslogd
+
+- Each time skip is started (at reboot time), the skiphost
+  output is written to /var/log/skiphost.log. You may also
+  want to add an entry to /etc/newsyslog.conf for this one
+  as well.
+
+- Users of skip should subscribe to the SKIP mailing list
+  by sending an email to "majordomo@@skip.org" containing
+  the line "subscribe skip-info".
+
+- If you have trouble:
+
+  - If there is a problem with the port itself (e.g., it won't
+    compile on your system), use send-pr(1) to send a problem report.
+
+  - If you are having trouble with SKIP configuration, use,
+    compatibility, etc., send your questions to the SKIP
+    mailing list: skip-info@@skip.org (you should subscribe
+    to it first).
+
+Thanks,
+-Archie Cobbs  <archie@@whistle.com>
+
@


1.3
log
@Bash this port until it compiles under -current again.
@
text
@@


1.2
log
@Build SKIP port as a KLD instead of an LKM.
@
text
@d1 77
a77 21
diff -ur --unidirectional-new-file skipsrc-1.0.orig/libdb/hash/ndbm.c work.new/libdb/hash/ndbm.c
--- skipsrc-1.0.orig/libdb/hash/ndbm.c	Fri Oct 25 13:12:22 1996
+++ work.new/libdb/hash/ndbm.c	Mon Mar  8 21:33:38 1999
@@@@ -180,7 +180,7 @@@@
 	HTAB *hp;
 
 	hp = (HTAB *)db->internal;
-	return (hp->errno);
+	return (hp->errnum);
 }
 
 extern int
@@@@ -190,7 +190,7 @@@@
 	HTAB *hp;
 
 	hp = (HTAB *)db->internal;
-	hp->errno = 0;
+	hp->errnum = 0;
 	return (0);
 }
 
@


1.1
log
@Initial revision
@
text
@d1 5
a5 6
diff -ur --unidirectional-new-file skipsrc-1.0.orig/skip/bdcmod/simplecrypt/simplecrypt.c skipsrc-1.0/skip/bdcmod/simplecrypt/simplecrypt.c
--- skipsrc-1.0.orig/skip/bdcmod/simplecrypt/simplecrypt.c	Fri Oct 25 13:12:38 1996
+++ skipsrc-1.0/skip/bdcmod/simplecrypt/simplecrypt.c	Mon Dec 15 17:41:14 1997
@@@@ -335,7 +335,7 @@@@
 	register char		*s = keyp->buf;
 	register char		*e = keyp->buf + keyp->len;
d7 14
a20 2
-	*payload_type = IPPROTO_ENCAP;
+	*payload_type = IPPROTO_IPIP;
a21 2
 	/*
 	 * exclusive-or the key over the buffer
@


1.1.1.1
log
@Add a package for the SKIP package from Sun Microsystems,
for making secure pipes across the internet (etc.)
@
text
@@
