Bug 103736

Summary: Netfilter policy match not available in Beta 1 Kernel
Product: [openSUSE] SUSE LINUX 10.0 Reporter: Tom Eastep <teastep>
Component: KernelAssignee: Olaf Kirch <okir>
Status: RESOLVED FIXED QA Contact: E-mail List <qa-bugs>
Severity: Major    
Priority: P5 - None    
Version: Beta 1   
Target Milestone: ---   
Hardware: i386   
OS: Other   
Whiteboard:
Found By: Beta-Customer Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Tom Eastep 2005-08-10 03:43:05 UTC 
SuSE kernels since 9.2+ have included Patrick McHardy's IPSEC policy match
extension (and the requisite IPSEC-NAT patches) as have iptables. The
2.6.13-rc5-git3-3-default kernel and iptables 1.3.3 included with SuSE 10 Beta 1
does not include this extension. This is a significant functional regression
from earlier releases since policy match is the only mechanism currently
available to rigorously configure Netfilter to work with the native IPSEC
facility included with the 2.6 kernels.
Comment 1 Kurt Garloff 2005-08-19 18:18:41 UTC 
Hmm, we should include it, I think. 
Olaf, can someone in your team (Jiri) look at this?
Comment 2 Olaf Kirch 2005-08-19 18:43:18 UTC 
They will be in the upcoming beta. I'm closing as resolved/fixed; 
if you find any problems with the code, please file a new report, Tom! 
Thanks!