[strongSwan] Why is strongswan keeping so many enttires in my iptables?????

Pawel Grzesik pawel.grzesik at brainstorm.co.uk
Thu Mar 6 10:07:39 CET 2014 

Hi Adrian,

What do you mean by ‘doesn’t clear them’ ? The counter? Strongswan generate iptables rules each time when you restarted it so you will see the same rules each time. You can disabled it if you want to, it depends on what do you have at the configuration file. There is a special option for that called left firewall.

Can you give me a little bit more details about that?

Thanks,
Pawel

On 6 Mar 2014, at 02:16, Adrian Milanoski <amilanoski at blackberry.com> wrote:

> Any update on why this is happening?
>  
> Regards,
>  
> Adrian Milanoski
> Lab Administrator
> BBOS WiFI VPN. Security Testing – R&D
> Tel.(289) 261-5801 | Cel: (647) 289-261-5801
> Email amilanoski at blackberry.com
>  
>  
> <image003.jpg><image004.jpg>
>  
>  
>  
> From: users-bounces at lists.strongswan.org [mailto:users-bounces at lists.strongswan.org] On Behalf Of Adrian Milanoski
> Sent: Tuesday, March 04, 2014 5:50 PM
> To: users at lists.strongswan.org
> Subject: [strongSwan] Why is strongswan keeping so many enttires in my iptables?????
>  
> HI list,
>  
> I have 300+ entries in my iptables –L and restarting strongswan doesn’t clear them and it is a production GW that I cannot simple restart. How can I resolve this? And why is it happening so I can resolve it for the future?
>  
> Thanks in advance
>  
> Regards,
>  
> Adrian Milanoski
> Lab Administrator
> BBOS WiFI VPN. Security Testing – R&D
> 4715 Tahoe Blvd, Mississauga, ON, Canada, L4W 0B5
> Tel.(289) 261-5801 | Fax.(905) 629-7836 
> Email  amilanoski at blackberry.com
>  
>  
> <image005.jpg><image006.jpg>
>  
>  
>  
> ---------------------------------------------------------------------
> This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.
> ---------------------------------------------------------------------
> This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20140306/ccef7cd2/attachment.html>

More information about the Users mailing list