Hi Walter, > With the patch, I hope to be able to see if it's one of "our" clients failing > to connect because > of e.g. fragments being dropped, or it's some scan attempt "from far away".
Enabling the `ike_name` option for the configured logger(s) might also help as you could then correlate the "... is initiating an IKE_SA" message with this one via the IKE_SA's unique identifier. > If the patch is considered useful, feel free to add it. It doesn't hurt and the IP is also logged when an established IKE_SA is deleted, so I've added it to master. Thanks, Tobias _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
