[Openswan Users] Re: uniqueids and multiple clients behind NAT
Paul Wouters
paul at xelerance.com
Thu Apr 27 06:27:07 CEST 2006
On Thu, 27 Apr 2006, wei minghu wrote:
> I have attempted to solve this by modifying code. see attachment.
>
> This patch is based on openswan-2.3.1, wish it can describe my thought.
>
> In the patch, the condition for judging if the new IKE packet come from
> different client is comparing md->sender_port and the st->st_remoteport of
> all the states in statetable.
As I said, that code has been rewritten already and will be in a future major
release of Openswan. So we will not be incorporating any patches for that.
> But when I test this patch, I found the pluto will restart after testing it
> for some times. The log message in /var/log/secure is :
> ipsec__plutorun: Restarting Pluto subsystem...
You segfaulted pluto. Add dumpdir=/tmp and plutorestartoncrash=no to get a
proper core in /tmp.
Paul
More information about the Users
mailing list