[vpnc-devel] More NAT keepalive packet received

Johan Fischer jfischer at cmss-systems.com
Wed Jun 11 07:50:45 CEST 2008 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi List,

Following the previous patch about some NAT-T keepalive UDP packets received
during the session setup, it seems the netscreen is also sending those packets
when the tunnel is Idle. With the current code, the vpnc is logging in syslog
some alerts messages about packets too short and dropped.

The attached patch will detect the NAT packet and just log an INFO message in
the syslog (you can remove that logging) and reduce the noise of vpnc during
Idle times. the logic is not changed (still returning -1 when seen) and this is
mostly a cosmetic change.

Cheers.
J.

- --
Johan Fischer
Capital Markets Surveillance Services Pty Limited
Level 4, 55 Harrington Street, Sydney NSW 2000
Tel: +61 2 8083 9000   Direct: +61 2 8083 9050
Fax: +61 2 8083 9099   http://www.cmss-systems.com

Capital Markets Surveillance Services Pty Ltd (CMSS) - Confidential
Communication
The information contained in this e-mail is confidential. It is intended
solely for the addressee. If you receive this e-mail by mistake please
promptly inform us by reply e-mail and then delete the e-mail and
destroy any printed copy. You must not disclose or use in any way the
information in the e-mail. There is no warranty that this e-mail is
error or virus free. It may be a private communication, and if so, does
not represent the views of the CMSS and its associates. If it is a
private communication, care should be taken in opening it to ensure that
undue offence is not given.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkhPZ7UACgkQVTWY7Y0+uVqByQCeIjbaw2ZnpTmbmbhK4Hye5jxL
4+0An2AIuPa2xYr/nTBUdaU77PVoJVVi
=QrlV
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: netscreen.nat.patch
Type: text/x-diff
Size: 877 bytes
Desc: not available
Url : http://lists.unix-ag.uni-kl.de/pipermail/vpnc-devel/attachments/20080611/3f6fd5a4/attachment.patch 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: netscreen.nat.patch.sig
Type: application/octet-stream
Size: 72 bytes
Desc: not available
Url : http://lists.unix-ag.uni-kl.de/pipermail/vpnc-devel/attachments/20080611/3f6fd5a4/attachment.obj

More information about the vpnc-devel mailing list