Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

===================================================================
RCS file: /ftp/cvs/cvsroot/src/sys/netinet/ip_input.c,v
rcsdiff: /ftp/cvs/cvsroot/src/sys/netinet/ip_input.c,v: warning: Unknown phrases like `commitid ...;' are present.
retrieving revision 1.256.2.1
retrieving revision 1.263
diff -u -p -r1.256.2.1 -r1.263
--- src/sys/netinet/ip_input.c	2007/12/26 19:57:39	1.256.2.1
+++ src/sys/netinet/ip_input.c	2008/03/27 00:18:56	1.263
@@ -1,4 +1,4 @@
-/*	$NetBSD: ip_input.c,v 1.256.2.1 2007/12/26 19:57:39 ad Exp $	*/
+/*	$NetBSD: ip_input.c,v 1.263 2008/03/27 00:18:56 cube Exp $	*/
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -98,7 +98,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip_input.c,v 1.256.2.1 2007/12/26 19:57:39 ad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip_input.c,v 1.263 2008/03/27 00:18:56 cube Exp $");
 
 #include "opt_inet.h"
 #include "opt_gateway.h"
@@ -417,6 +417,7 @@ ip_init(void)
 	for (i = 0; i < IPREASS_NHASH; i++)
 	    	LIST_INIT(&ipq[i]);
 
+	ip_initid();
 	ip_id = time_second & 0xfffff;
 
 	ipintrq.ifq_maxlen = ipqmaxlen;
@@ -1953,17 +1954,17 @@ ip_forward(struct mbuf *m, int srcrt)
 	case EMSGSIZE:
 		type = ICMP_UNREACH;
 		code = ICMP_UNREACH_NEEDFRAG;
-#if !defined(IPSEC) && !defined(FAST_IPSEC)
-		if ((rt = rtcache_getrt(&ipforward_rt)) != NULL)
-			destmtu = rt->rt_ifp->if_mtu;
-#else
-		/*
-		 * If the packet is routed over IPsec tunnel, tell the
-		 * originator the tunnel MTU.
-		 *	tunnel MTU = if MTU - sizeof(IP) - ESP/AH hdrsiz
-		 * XXX quickhack!!!
-		 */
-		if ((rt = rtcache_getrt(&ipforward_rt)) != NULL) {
+
+		if ((rt = rtcache_validate(&ipforward_rt)) != NULL) {
+
+#if defined(IPSEC) || defined(FAST_IPSEC)
+			/*
+			 * If the packet is routed over IPsec tunnel, tell the
+			 * originator the tunnel MTU.
+			 *	tunnel MTU = if MTU - sizeof(IP) - ESP/AH hdrsiz
+			 * XXX quickhack!!!
+			 */
+
 			struct secpolicy *sp;
 			int ipsecerror;
 			size_t ipsechdr;
@@ -1972,10 +1973,11 @@ ip_forward(struct mbuf *m, int srcrt)
 			sp = ipsec4_getpolicybyaddr(mcopy,
 			    IPSEC_DIR_OUTBOUND, IP_FORWARDING,
 			    &ipsecerror);
+#endif
 
-			if (sp == NULL)
-				destmtu = rt->rt_ifp->if_mtu;
-			else {
+			destmtu = rt->rt_ifp->if_mtu;
+#if defined(IPSEC) || defined(FAST_IPSEC)
+			if (sp != NULL) {
 				/* count IPsec header size */
 				ipsechdr = ipsec4_hdrsiz(mcopy,
 				    IPSEC_DIR_OUTBOUND, NULL);
@@ -2004,8 +2006,8 @@ ip_forward(struct mbuf *m, int srcrt)
 				KEY_FREESP(&sp);
 #endif
 			}
+#endif /*defined(IPSEC) || defined(FAST_IPSEC)*/
 		}
-#endif /*IPSEC*/
 		ipstat.ips_cantfrag++;
 		break;