1 files changed, 77 insertions, 21 deletions
diff --git a/security/skip/files/patch-ba b/security/skip/files/patch-ba
index d9d7779ed51a..6fa0f6c56180 100644
--- a/security/skip/files/patch-ba
+++ b/security/skip/files/patch-ba
@@ -1,21 +1,77 @@
-diff -ur --unidirectional-new-file skipsrc-1.0.orig/libdb/hash/ndbm.c work.new/libdb/hash/ndbm.c
---- skipsrc-1.0.orig/libdb/hash/ndbm.c	Fri Oct 25 13:12:22 1996
-+++ work.new/libdb/hash/ndbm.c	Mon Mar  8 21:33:38 1999
-@@ -180,7 +180,7 @@
- 	HTAB *hp;
- 
- 	hp = (HTAB *)db->internal;
--	return (hp->errno);
-+	return (hp->errnum);
- }
- 
- extern int
-@@ -190,7 +190,7 @@
- 	HTAB *hp;
- 
- 	hp = (HTAB *)db->internal;
--	hp->errno = 0;
-+	hp->errnum = 0;
- 	return (0);
- }
- 
+diff -ur --unidirectional-new-file skipsrc-1.0.orig/doc/README.FreeBSD work.new/doc/README.FreeBSD
+--- skipsrc-1.0.orig/doc/README.FreeBSD	Wed Dec 31 16:00:00 1969
++++ work.new/doc/README.FreeBSD	Mon Jan 24 12:35:38 2000
+@@ -0,0 +1,73 @@
++
++Some notes regarding the FreeBSD port of SKIP
++December 8, 1997
++
++- Much of the non-man page documentation has NOT be patched to reflect
++  the different locations of files, etc. The main difference is that the
++  original version of SKIP puts everything under /usr/skip, whereas the
++  FreeBSD port has put it under @@PREFIX@@. This documentation can be
++  found in @@PREFIX@@/share/doc/skip.
++
++- Thanks to Stephanie Wehner, skiphost now takes a new argument for specifying
++  the source address for encrypted packets. This allows encrypted packets
++  that are being tunnelled between two routers to have source and dest
++  IP addresses of only those two routers. This reduces firewall complexity
++  in many cases. From her description:
++
++    This adds another command line option to skiphost, namely
++    -f <source address> . Every packet going out to the other host
++    will then have this source address in the packet.
++
++- SKIP is applied to packets *after* any ipfw(8) filtering is applied.
++  This is true for both incoming and outgoing packets. Note that SKIP
++  has its own access control functionality.
++
++  One way to deal with this is to do the following:
++
++  - Setup ipfw as you normally would to restrict access to your machine.
++  - Add additional ipfw rules to allow SKIP related traffic:
++    - ipfw add 10 allow 57 from any to any
++    - ipfw add 10 allow 79 from any to any (if using SunScreen mode)
++    - ipfw add 10 allow 50 from any to any (if using raw ESP/AH mode)
++    - ipfw add 10 allow 51 from any to any (if using raw ESP/AH mode)
++    - ipfw add 10 allow udp from any to <your-address> 1640
++    - ipfw add 10 allow udp from <your-address> 1640 to any
++  - Set the default rule for SKIP to be to allow access.
++
++- Skipd will logs via syslog(3) instead of logging directly
++  to /var/log/skip.log as before, using the LOG_DAEMON facility.
++
++  You may want to redirect this output to its own log file.
++  This is done by the following steps:
++
++    1. touch /var/log/skipd.log
++    2. Edit /etc/syslog.conf and add these lines at the end:
++
++       !skipd
++       *.*		/var/log/skipd.log
++
++    3. Edit /etc/newsyslog.conf as appropriate
++    4. Restart syslogd
++
++- Each time skip is started (at reboot time), the skiphost
++  output is written to /var/log/skiphost.log. You may also
++  want to add an entry to /etc/newsyslog.conf for this one
++  as well.
++
++- Users of skip should subscribe to the SKIP mailing list
++  by sending an email to "majordomo@skip.org" containing
++  the line "subscribe skip-info".
++
++- If you have trouble:
++
++  - If there is a problem with the port itself (e.g., it won't
++    compile on your system), use send-pr(1) to send a problem report.
++
++  - If you are having trouble with SKIP configuration, use,
++    compatibility, etc., send your questions to the SKIP
++    mailing list: skip-info@skip.org (you should subscribe
++    to it first).
++
++Thanks,
++-Archie Cobbs  <archie@whistle.com>
++