Revert IPSEC patches.

Revert "Importing pfSense patch IPSEC_sysctl.RELENG_10.diff"

This reverts commit 1a5bcc816de96758225aa0a4d2b5ddc7b88b6b58.

TAG:	IPSEC-HEAD
Issue:	#4841

1 files changed, 4 insertions, 10 deletions

diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c
index 0d6ade9..50334c3 100644
--- a/sys/netinet/ip_input.c
+++ b/sys/netinet/ip_input.c
@@ -97,11 +97,6 @@ SYSCTL_VNET_INT(_net_inet_ip, IPCTL_FORWARDING, forwarding, CTLFLAG_RW,
     &VNET_NAME(ipforwarding), 0,
     "Enable IP forwarding between interfaces");
 
-VNET_DEFINE(int, ipipsec_in_use);
-SYSCTL_VNET_INT(_net_inet_ip, IPCTL_IPSEC_INUSE, ipsec_in_use, CTLFLAG_RW,
-    &VNET_NAME(ipipsec_in_use), 0,
-    "Enable IPSec processing of packets");
-
 static VNET_DEFINE(int, ipsendredirects) = 1;	/* XXX */
 #define	V_ipsendredirects	VNET(ipsendredirects)
 SYSCTL_VNET_INT(_net_inet_ip, IPCTL_SENDREDIRECTS, redirect, CTLFLAG_RW,
@@ -476,7 +471,7 @@ tooshort:
 	/*
 	 * Bypass packet filtering for packets previously handled by IPsec.
 	 */
-	if (V_ipipsec_in_use && ip_ipsec_filtertunnel(m))
+	if (ip_ipsec_filtertunnel(m))
 		goto passin;
 #endif /* IPSEC */
 
@@ -682,7 +677,7 @@ passin:
 		m_freem(m);
 	} else {
 #ifdef IPSEC
-		if (V_ipipsec_in_use && ip_ipsec_fwd(m))
+		if (ip_ipsec_fwd(m))
 			goto bad;
 #endif /* IPSEC */
 		ip_forward(m, dchg);
@@ -729,7 +724,7 @@ ours:
 	 * note that we do not visit this with protocols with pcb layer
 	 * code - like udp/tcp/raw ip.
 	 */
-	if (V_ipipsec_in_use && ip_ipsec_input(m))
+	if (ip_ipsec_input(m))
 		goto bad;
 #endif /* IPSEC */
 
@@ -1528,8 +1523,7 @@ ip_forward(struct mbuf *m, int srcrt)
 		 * If IPsec is configured for this path,
 		 * override any possibly mtu value set by ip_output.
 		 */ 
-		if (V_ipipsec_in_use)
-			mtu = ip_ipsec_mtu(mcopy, mtu);
+		mtu = ip_ipsec_mtu(mcopy, mtu);
 #endif /* IPSEC */
 		/*
 		 * If the MTU was set before make sure we are below the