Usually we check ipsec_in_use as shortcut to avoid IPsec lookups,

Usually we check ipsec_in_use as shortcut to avoid IPsec lookups,
but that does not work when coming from tcp_output() as inp != NULL.
This seems to be done to block packets from sockets with options
in inp_seclevel.  But instead of doing the route lookup, go directly
to ipsp_spd_inp() where the socket policy checks are done.  Calling
rtable_l2() before the shortcut also costs a bit, do it when needed.
OK tobhe@