From a4aac7d5c03caf4748740c3551d950cab400c67a Mon Sep 17 00:00:00 2001 From: wiz Date: Wed, 4 Sep 2002 00:12:52 +0000 Subject: [PATCH] tunneled with one l only. --- share/man/man4/ipsec.4 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/share/man/man4/ipsec.4 b/share/man/man4/ipsec.4 index d15dbfb74a7a..ffe39dc65a67 100644 --- a/share/man/man4/ipsec.4 +++ b/share/man/man4/ipsec.4 @@ -1,4 +1,4 @@ -.\" $NetBSD: ipsec.4,v 1.17 2002/02/13 08:17:39 ross Exp $ +.\" $NetBSD: ipsec.4,v 1.18 2002/09/04 00:12:52 wiz Exp $ .\" $KAME: ipsec.4,v 1.17 2001/06/27 15:25:10 itojun Exp $ .\" .\" Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -301,7 +301,7 @@ policy against AH tunnel or any IPsec encapsulating policy with AH like .Dq Li esp/tunnel/A-B/use ah/transport/A-B/require .Pc , -tunnelled packets will be rejected. +tunneled packets will be rejected. This is because we enforce policy check on inner packet on reception, and AH authenticates encapsulating .Pq outer