diff options
author | Tobias Brunner <tobias@strongswan.org> | 2016-04-01 16:41:05 +0200 |
---|---|---|
committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2016-04-09 16:51:00 +0200 |
commit | 9c12635252080af3fad7d4d8e02813d479b6ffdf (patch) | |
tree | 17fa63341f6c7a55ada10cd5f2ae59669ccdb0b4 /src/libcharon/plugins/kernel_netlink | |
parent | c4387e991ac1efb7cd0293ebc57b8372046cf944 (diff) | |
download | strongswan-9c12635252080af3fad7d4d8e02813d479b6ffdf.tar.bz2 strongswan-9c12635252080af3fad7d4d8e02813d479b6ffdf.tar.xz |
child-sa: Install "outbound" FWD policy
If there is a DROP shunt that matches outbound forwarded traffic it
would get dropped as the FWD policy we install only matches decrypted
inbound traffic. That's because the Linux kernel first checks the FWD
policies before looking up the OUT policy and SA to encrypt the packets.
Diffstat (limited to 'src/libcharon/plugins/kernel_netlink')
0 files changed, 0 insertions, 0 deletions