[strongSwan] SA establishment is trigerred by icmp traffic, when the rule is added for udp
divya mohan
m.divya.mohan at gmail.com
Tue Apr 24 09:15:49 CEST 2012
Hi,
> The reason is that the ping utility binds a UDP socket to probe for a source address.
> While no traffic is actually sent, this is sufficient to trigger an acquire by the kernel.
Thanks for the information.
However, I noticed that the behaviour is same the other way also.
i.e, if rule is added for ICMP, and UDP traffic is sent, then also SA
entry is getting created (but not being used).
What could be causing this?
Regards,
Divya
More information about the Users
mailing list