Thanks for the quick review! Pushed. --Justin
On Apr 27, 2011, at 7:31 PM, Andrew Evans wrote: > Looks good to me. > > On Apr 27, 2011 7:14 PM, "Justin Pettit" <[email protected]> wrote: > > Some (broken) firewalls do not properly pass UDP fragments, which will > > prevent IKE from completing. This commit enables the racoon option to > > allow application-level fragmenting and allow security associations to > > be created. > > --- > > debian/ovs-monitor-ipsec | 1 + > > 1 files changed, 1 insertions(+), 0 deletions(-) > > > > diff --git a/debian/ovs-monitor-ipsec b/debian/ovs-monitor-ipsec > > index febd569..0a97c88 100755 > > --- a/debian/ovs-monitor-ipsec > > +++ b/debian/ovs-monitor-ipsec > > @@ -83,6 +83,7 @@ path certificate "%s"; > > cert_entry = """remote %s { > > exchange_mode main; > > nat_traversal on; > > + ike_frag on; > > certificate_type x509 "%s" "%s"; > > my_identifier asn1dn; > > peers_identifier asn1dn; > > -- > > 1.7.1 > > > > _______________________________________________ > > dev mailing list > > [email protected] > > http://openvswitch.org/mailman/listinfo/dev _______________________________________________ dev mailing list [email protected] http://openvswitch.org/mailman/listinfo/dev
