[Openswan Users] Misdirected packets and setkey Invalid directions

[Paul Wouters]

On Tue, 3 Nov 2009, John A. Sullivan III wrote:

> Thanks for the corrections.  I didn't realize the SPD and SAD were
> accessible via ip.  I never did like setkey much!
>
> When I do ip xfrm policy, after the expected list of policies I see a
> long list of src 0.0.0.0 / dst 0.0.0.0 policies:

I believe those are the udp 500 holes. And depending on your config
the dns holes for the root nameservers (for OE)

Paul