|
|
Re: IPSEC diff to test: msg#00021security.firewalls.pfsense.user
Nobody? I've made this easier. Just replace /etc/inc/vpn.inc with the contents of http://www.pfsense.org/~billm/vpn.inc.txt If this doesn't get tested, it won't get commited and it certainly won't be part of 1.0. It's already late for beta 3 and we're not expecting a beta 4, so speak now, or forever hold your peace. --Bill On 4/4/06, Bill Marquette <bill.marquette@xxxxxxxxx> wrote: > Can I get a couple people to try out the following diff? It (I think) > fixes the 'prefer older sa' option that actually prefers newer SA's > issue (the one where we tell you to click that option to prefer it :)) > Before I commit this, I'd like some feedback from people that have > done this to fix ipsec issues as well as people that haven't used this > option (and can confirm it's not breaking anything). If it's > absolutely required, I can post a full version of the file, but the > full install (I know embedded doesn't have it) should have diff and > patch, so this should apply. > > Save to /tmp/vpn.inc.diff and run: > cd / && patch < /tmp/vpn.inc.diff > If there are no "rejected" entries, reboot. If it fails - go to > Diagnostics -> Edit file and update /etc/inc/vpn.inc with > http://cvstrac.pfsense.com/getfile?f=pfSense/etc/inc/vpn.inc&v=1.89.2.18 > > Thanks > > --Bill > > > Index: vpn.inc > =================================================================== > RCS file: /cvsroot/pfSense/etc/inc/vpn.inc,v > retrieving revision 1.112 > diff -u -r1.112 vpn.inc > --- vpn.inc 11 Mar 2006 22:45:22 -0000 1.112 > +++ vpn.inc 29 Mar 2006 14:00:23 -0000 > @@ -118,9 +118,9 @@ > } > > if(isset($config['ipsec']['preferredoldsa'])) { > - mwexec("/sbin/sysctl net.key.preferred_oldsa=0"); > + mwexec("/sbin/sysctl -w net.key.preferred_oldsa=30"); > } else { > - mwexec("/sbin/sysctl -w net.key.preferred_oldsa=-30"); > + mwexec("/sbin/sysctl -w net.key.preferred_oldsa=0"); > } > > $number_of_gifs = find_last_gif_device(); > @@ -1233,4 +1233,4 @@ > return 0; > } > > -?> > \ No newline at end of file > +?> > |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Captive portal help: 00021, Jan-Patrick Perisse |
|---|---|
| Next by Date: | RE: Re: IPSEC diff to test: 00021, John Cianfarani |
| Previous by Thread: | IPSEC diff to testi: 00021, Bill Marquette |
| Next by Thread: | RE: Re: IPSEC diff to test: 00021, John Cianfarani |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |