Hello Tobias > It did but this is now done by the kernel-netlink plugin (see [1]). > Pluto still installs the source routes with the _updown script, though. > Now, the kernel-netlink plugin doesn't check if the rule already > exists > and just installs it anyway.
Thanks for your clarification. > In 4.6.0 it actually gets installed up to > three times since the kernel-netlink plugin is now loaded by starter, > pluto and charon. If none of these crashes they also get removed > afterwards. I'm not sure if that's a problem, the kernel at least does > not seem to care about the duplicate rules. You are right, it seems not really to be a problem. I was just confused. > > Strongswan was compiled with “--with-routing-table=254 > > --with-routing-table-prio=100" (254 is “main”). > > Actually, you should set --with-routing-table=0 to install routes into > the main routing table. This way no rule is installed at all and the > source route is simply added to the main table. That did the trick. Thank you very much. Best regards Elmar
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
