Sam,
May be you can help me on the way.
We are using the Hifn 7955, rev 0, 32KB dram, 64 sessions and when
those sessions are full (or as we have seen if there have been 64
sessions in a short time) the application (racoon) gets ENOMEM. I've
been looking at the openbsd driver (where this seems
Brandon,
Maybe I am missing something, but why not set SO_LINGER to 0 (zero).
This should have the effect of instantaniously cleaning up after a
close. With the disadvantage that there will be no FIN but a simple
RST.
Rene
On Apr 7, 2004, at 0:56, Richard Wendland wrote:
They are not timing
that
network. Hence, why filter?
What are the complex situations you have in mind?
Regards
Kshitij
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Rene de Vries
Sent: Sunday, January 13, 2002 10:32 PM
To: [EMAIL PROTECTED]
Subject: Filtering packets
* IPIP tunnels
(i.e. gif devices) and IPsec transport mode *or* IPsec tunnel mode (and
no gifs). See the KAME IMPLEMENTATION file for details, or
draft-touch-ipsec-vpn-02.txt (shameless plug :-).
--
Rene de Vries [EMAIL PROTECTED]
To Unsubscribe: send mail to [EMAIL PROTECTED
it would be nice to be able to use
ip-filter ( co) on traffic from the tunnel (and also for traffic going
into the tunnel).
I was wondering why this is implemented the way it is. Maybe someone on
this list could shed a light on this?
Rene
--
Rene de Vries [EMAIL PROTECTED]
To Unsubscribe: send mail
