[Swan] update on hidetos=, overridemtu= and fragicmp=
David McCullough
ucdevel at gmail.com
Fri Jun 28 02:05:40 EEST 2013
Paul Wouters wrote the following:
> On Thu, 20 Jun 2013, Paul Wouters wrote:
>
> >Okay, then I will fix these options by adding support for them in
>
> While re-adding support for fragicmp and hidetos I noticed that contrary
> to the man page entries, both of these options were not set.
>
> KLIPS initialises them to 0, and in the openswan days, _realsetup was
> supposed to pass these options to _startklips, but at least since
> openswan 2.0.0 (and possibly openswan 1.x) this was no longer happening.
>
> I've left fragicmp this way, meaning it now defaults to not sending
> ICMPs when fragmentation is needed, as we have been doing that for many
> years apparently. I've re-added support to _stackmanager to enable this
> when adding fragicmp=yes, and changed the man page to reflect reality.
>
> The same is true for hidetos, but here I have changed the default in
> KLIPS itself to be enabled, and re-added support to disable it to
> _stackmanager via hidetos=no.
>
> I've also re-added overridemtu=. It will change all ipsecX/mastX
> interfaces to the specified mtu.
Good calls, completely happy with all of those mods,
Cheers,
Davidm
--
David McCullough, davidm at spottygum.com, Ph: 0410 560 763
More information about the Swan
mailing list