projects / strongswan.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a8142a1) | patch
kernel-wfp: Install outbound ALE connect rules for IPsec
authorMartin Willi <martin@revosec.ch>
Fri, 28 Nov 2014 08:39:40 +0000 (09:39 +0100)
committerMartin Willi <martin@revosec.ch>
Thu, 4 Dec 2014 10:10:48 +0000 (11:10 +0100)
commite1a448314ffcf2fc7dd8db7382c734794e9fe633
tree4848fa1598db5dd0cbaf636464368eabba5bfdb0tree | snapshot
parenta8142a17cff1a420599b30c13568bda1fa0a6653commit | diff
kernel-wfp: Install outbound ALE connect rules for IPsec

Similar to the inbound rules, the ALE filter processes IP-in-IP packets for
outbound tunnel mode traffic. When using an outbound default-drop policy,
Windows does not allow connection initiation without these explicit rules.
src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c diff | blob | history
strongSwan - IPsec VPN