From: Andreas Steffen (andreas.steffen_at_strongsec.net)
Date: Mon Dec 30 2002 - 15:16:48 CET
Hi Ken,
I have run into some serious problems with the selectors patch and %hold
eroutes that are automatically set up and don't get deleted correctly
when the matching "broad" IPsec SA comes up. With the help from
Stephen I'm working on a solution to this problem. After studying
the KLIPS code and Pluto's kernel.c, I suspect that the bare_shunt
mechanism must be made aware of ports and protocol selectors in order
for the %hold eroutes to get deleted correctly.
For the time being I have declared versions 0.9.18 and 1.1.1
of the X.509 patch experimental on my home page
http://www.strongsec.com/freeswan
and strongly recommend the stable versions 0.9.15 and 1.1.0, respectively,
for productive use.
Regards
Andreas
======================================================================
Andreas Steffen e-mail: andreas.steffen_at_strongsec.com
strongSec GmbH phone: +41 76 340 25 56
Alter Zürichweg 20 home: http://www.strongsec.com
CH-8952 Schlieren (Switzerland)
==========================================[strong internet security]==
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Tue Dec 31 2002 - 05:21:06 CET