| To: | jamal <hadi@xxxxxxxxxx> |
|---|---|
| Subject: | Re: Problem with IPSEC tunnel mode |
| From: | Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> |
| Date: | Fri, 22 Apr 2005 10:54:48 +1000 |
| Cc: | Wolfgang Walter <wolfgang.walter@xxxxxxxxxxxxxxxxxxxx>, netdev@xxxxxxxxxxx |
| In-reply-to: | <1114129099.10572.24.camel@localhost.localdomain> |
| References: | <E1DObFc-0000je-00@gondolin.me.apana.org.au> <200504211640.16742.wolfgang.walter@studentenwerk.mhn.de> <20050421214618.GA29991@gondor.apana.org.au> <1114127419.10572.4.camel@localhost.localdomain> <20050421235802.GB10451@gondor.apana.org.au> <1114129099.10572.24.camel@localhost.localdomain> |
| Sender: | netdev-bounce@xxxxxxxxxxx |
| User-agent: | Mutt/1.5.6+20040907i |
On Thu, Apr 21, 2005 at 08:18:19PM -0400, jamal wrote: > > So i was wondering whether they OUT shouldnt be just a duplicate of > FWD (instead FWD seems to be the dup of IN). Look at that sample i > posted - all his policies look like that. What gives? Why are the IN and > FWD exactly the same? bug in racoon/setkey? FWD checks inbound IPsec policies while OUT determines the outbound IPsec policies. The IN direction is not used at all for forwarded packets. Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: [RFC INTRO 0/5] H-TCP congestion control, Baruch Even |
|---|---|
| Next by Date: | Re: Problem with IPSEC tunnel mode, Herbert Xu |
| Previous by Thread: | Re: Problem with IPSEC tunnel mode, jamal |
| Next by Thread: | Re: Problem with IPSEC tunnel mode, Wolfgang Walter |
| Indexes: | [Date] [Thread] [Top] [All Lists] |