[Openswan Users] Misdirected packets and setkey Invalid directions

Paul Wouters paul at xelerance.com
Wed Nov 4 04:09:01 EST 2009

On Tue, 3 Nov 2009, John A. Sullivan III wrote:

> Thanks for the corrections.  I didn't realize the SPD and SAD were
> accessible via ip.  I never did like setkey much!
> When I do ip xfrm policy, after the expected list of policies I see a
> long list of src / dst policies:

I believe those are the udp 500 holes. And depending on your config
the dns holes for the root nameservers (for OE)


More information about the Users mailing list