From: <ow...@us...> - 2009-05-29 09:03:10
|
Revision: 2933 http://ipcop.svn.sourceforge.net/ipcop/?rev=2933&view=rev Author: owes Date: 2009-05-29 09:03:08 +0000 (Fri, 29 May 2009) Log Message: ----------- Might as well fix the source port to 500 for IPsec IKE Modified Paths: -------------- ipcop/trunk/src/scripts/puzzleFwRules.pl Modified: ipcop/trunk/src/scripts/puzzleFwRules.pl =================================================================== --- ipcop/trunk/src/scripts/puzzleFwRules.pl 2009-05-29 08:42:53 UTC (rev 2932) +++ ipcop/trunk/src/scripts/puzzleFwRules.pl 2009-05-29 09:03:08 UTC (rev 2933) @@ -1319,10 +1319,10 @@ my $service_4 = ''; if ($p_serviceName eq 'IPCop IPsec') { - # TODO: limit IKE source port to 500. Do we need GRE ? + # TODO: do we need GRE ? $service_1 = "-p esp"; $service_2 = "-p ah"; - $service_3 = "-p udp --dport 500"; + $service_3 = "-p udp --sport 500 --dport 500"; $service_4 = "-p udp --dport 4500"; } elsif ($defaultServices{$p_serviceName}{'PROTOCOL'} eq 'tcpudp') { This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |