Windows client not honorring the Port directive?

Hans Voss hans.voss at gmail.com
Fri Feb 1 20:53:09 CET 2008


Nah, it was just a botched up copy job (I did a copy/paste job on it
and selected the region too small and had to copy in some characters,
apparently wrong. It just took me a couple of days to remember that,
then it was obvious all along....)

On Feb 1, 2008 9:41 AM, Jeroen Vriesman <linuxificator op gmail.com> wrote:
> I've seen the mangling of packets before in windows based firewalls.
>
> Is does that with protocols like DNS or SMTP, there might be some content
> checking in there, somehow some windows firewalls assume that "an extra CR
> never hurts" :)   (handy if you want to send the key negotiation directly to
> an old matrix printer...)
>
> Anyway, either get a normal firewall or experiment with other port numbers,
> maybe port 515 or some other ports don't get the extra CR's.
>
>
>
> On Feb 1, 2008 9:25 AM, Guus Sliepen <guus op tinc-vpn.org> wrote:
>
> >
> >
> >
> >
> > On Fri, Feb 01, 2008 at 08:21:25AM +0100, Albi Rebmann wrote:
> >
> > > > packets from random port numbers, there is a NAT somewhere in your
> > > > network. You can add "TCPOnly = yes" to tinc.conf to tunnel everything
> > > > via TCP.
> > >
> > > If you use TCPonly, you may have to use
> > > BlockingTCP=yes
> > > too. Thats my conclution.
> >
> > In tinc 1.0.8, the BlockingTCP option doesn't do anything anymore, since
> > tinc now does its own buffering. It can grow its buffers dynamically,
> > and when the buffer is filled by a certain amount of bytes it stops
> > sending tunneled packets to the other side until it had time to catch
> > up.
> >
> >
> >
> >
> > --
> > Met vriendelijke groet / with kind regards,
> >     Guus Sliepen <guus op tinc-vpn.org>
> >
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.6 (GNU/Linux)
> >
> > iD8DBQFHotdrAxLow12M2nsRAoU0AKCON1WYJ9HbO4gn0hjc+fQ1Y0T5rgCgpryT
> > zu6RijmlCBFYWIfkhW/etbA=
> > =QieD
> > -----END PGP SIGNATURE-----
> >
> >
> > _______________________________________________
> > tinc mailing list
> > tinc op tinc-vpn.org
> > http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
> >
> >
>
>
> _______________________________________________
> tinc mailing list
> tinc op tinc-vpn.org
> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>
>



-- 
----
Met vriendelijke groeten / With kind regards
Hans Voss
---------------------------------------
* Senior Consultant Open Source, Networking and Security
* General Open Sourcerer
* google talk enabled
* blog: http://jazzterdaily.blogspot.com - Tech and other news that
caught my attention.
* Shared News feed:
https://www.google.com/reader/public/atom/user/02723796534474865919/state/com.google/broadcast


More information about the tinc mailing list