[strongSwan-dev] Strongswan: 4.5.3: Notify Cookies for Half Open Tunnels
jegathesh malaiyappan
mjegakathir at gmail.com
Tue Sep 24 13:12:41 CEST 2013
Hi All,
Strongswan 4.5.4
I am getting the following warning/error message while trying to simulate
the Half open tunnel scenrios.
Could you please help me the reason for the following logs?
<snip>
2004-01-01T02:13:46.278738+00:00 10 [info] charon: 15[NET] received
packet: from 40.40.40.41[500] to 40.40.40.40[500]
2004-01-01T02:13:46.278783+00:00 10 [info] charon: 15[NET] ignoring
IKE_SA setup from 40.40.40.41, peer too aggressive
2004-01-01T02:13:50.185781+00:00 10 [info] charon: 15[NET] received
packet: from 40.40.40.41[500] to 40.40.40.40[500]
2004-01-01T02:13:50.185832+00:00 10 [info] charon: 15[NET] ignoring
IKE_SA setup from 40.40.40.41, peer too aggressive
</snip>
/* check if peer has too many IKE_SAs half open */
if (this->block_threshold &&
charon->ike_sa_manager->get_half_open_count(charon->ike_sa_manager,
message->get_source(message)) >=
this->block_threshold)
{
DBG1(DBG_NET, "ignoring IKE_SA setup from %H, "
"peer too aggressive",
message->get_source(message));
return TRUE;
}
Anyone help the reason for this message?
--
By
Jegathesh,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20130924/e944a7d0/attachment.html>
More information about the Dev
mailing list