firewalling / netfilter / iptables / tcpdump on the vpn

Guus Sliepen guus at tinc-vpn.org
Wed May 10 21:48:43 CEST 2006


On Tue, May 09, 2006 at 11:05:46AM -0400, xavier wrote:

[...]
> > isn't that strange to return; without having     send_packet(subnet->owner, packet); ?
> > 
> > is the return necessary ?
> > anyway, i can see the traffic on vpn1 on the vpn server,
> > however it's not visible anymore on host b (the host i'm trying to reach).
> > (no firewalling implied)
> 
> 
> without return, traffic from hosta to b is working, (and i can see it)
> but not from vpn server to host a or b.
> 
> May  9 11:00:41 emris martian source 10.0.2.7 from 10.0.2.1, on dev tunemris

Without the return you duplicate each packet, one going to the local
interface and one is directly forwarded to the destination by tinc. But
I guess that with the return it is not sending packets out anymore...
I'll see if I can create a working patch.

-- 
Met vriendelijke groet / with kind regards,
    Guus Sliepen <guus at sliepen.eu.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20060510/f98c8e8d/attachment.pgp


More information about the tinc mailing list