[Openswan Users] UDP passive keep-alive scenario success.
Paul Wouters
paul at xelerance.com
Wed Oct 27 16:01:55 EDT 2010
On Wed, 27 Oct 2010, sertys at estates.bg wrote:
Thank you for sharing this! Since we have started putting things in a wiki,
I've copied your email to
https://bugs.openswan.org/projects/openswan/wiki/UDPPassiveKeepAliveHack
> iptables -t mangle -A OUTPUT -p udp --sport 4500 -d x.x.0.0/16 -m length --length 29 -j TTL --ttl-set 6
I'm curious why you are matching on length 29?
Is that a determined magic length of these keep-alive packets?
Paul
More information about the Users
mailing list