On Wed, Jun 30, 2010 at 10:47 AM
<[email protected]>wrote:
>
>
> On Sat, Jun 19, 2010 at 1:57 PM,
> Michael Rash <michael.r...@gm...>wrote:
> > We'll get the beta release posted as soon as we can.
>
> Great Michael! I'm looking forward to the release. Meanwhile, I've
compiled perl (v. 5.10.1) and fwknop (v. 1.9.12 rev. 1533) into an initrd
image for Fedora 13. I have some intermittent issues, though. On occasion,
fwknopd will not create the
> FWKNOP_INPUT chain and related rule in the INPUT chain upon start (or
restart) of the daemon. I attempted a fwknopd --Kill and re-initializing,
but didn't see anything reported to stderr that would cause a problem (even
when issuing with the
> verbose flag set). I've starting digging through the code to see what the
problem may be, but thought I'd post here to see if this symptom has arisen
before and whether a simple configuration fix exists (I didn't see anything
on a search of the maillist
> archive or google). I also tried re-compiling the ChainMgr perl module.
>
> Thanks for any thoughts!
> Wil
D'oh - apologies - this issue was addressed in the thread entitled
"[Fwknop-discuss] No fwknop chains in my iptables." I do not know how I
missed it. If it helps anyone, `fwknopd --debug` revealed that the SPA
packet timestamp used to age the packet exceeded the maximum time
differential permitted by the fwknop daemon (which is really odd, since I
was running both Fedora-based Linux systems in a virtual environment on the
same host, so the timestamps should match on the order of milliseconds). In
any case, fwknop is running properly -- it is an excellent tool!
Best -
Will
------------------------------------------------------------------------------
This SF.net email is sponsored by Sprint
What will you do first with EVO, the first 4G phone?
Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
_______________________________________________
Fwknop-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
