[strongSwan] strongSwan and FireHOL - conflicting use of marks?
Noel Kuntze
noel.kuntze+strongswan-users-ml at thermi.consulting
Wed Sep 27 02:01:33 CEST 2017
That can only be solved by making some code changes and adding options.
The solution to that would be to enable the configuration of a fixed range and a mask for the netfilter marks.
That way charon and FireHOL can store information in different bits of the mark field.
A workaround is not possible.
Kind regards
Noel
On 24.09.2017 17:43, Whit Blauvelt wrote:
> There's a well-detailed exploration of apparently conflicting use of the
> Netfilter mangle table by strongSwan and FireHOL by unki at
> https://github.com/firehol/firehol/issues/130.
>
> Are there any opinions here on how to resolve that conflict without
> impairing the functionality of either? With both increasingly used, it will
> be good if any necessary workarounds in combining them can be documented.
>
> Thanks,
> Whit
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170927/ff30c436/attachment.sig>
More information about the Users
mailing list