Windows client not honorring the Port directive?
Jeroen Vriesman
linuxificator at gmail.com
Fri Feb 1 09:41:15 CET 2008
I've seen the mangling of packets before in windows based firewalls.
Is does that with protocols like DNS or SMTP, there might be some content
checking in there, somehow some windows firewalls assume that "an extra CR
never hurts" :) (handy if you want to send the key negotiation directly to
an old matrix printer...)
Anyway, either get a normal firewall or experiment with other port numbers,
maybe port 515 or some other ports don't get the extra CR's.
On Feb 1, 2008 9:25 AM, Guus Sliepen <guus at tinc-vpn.org> wrote:
> On Fri, Feb 01, 2008 at 08:21:25AM +0100, Albi Rebmann wrote:
>
> > > packets from random port numbers, there is a NAT somewhere in your
> > > network. You can add "TCPOnly = yes" to tinc.conf to tunnel everything
> > > via TCP.
> >
> > If you use TCPonly, you may have to use
> > BlockingTCP=yes
> > too. Thats my conclution.
>
> In tinc 1.0.8, the BlockingTCP option doesn't do anything anymore, since
> tinc now does its own buffering. It can grow its buffers dynamically,
> and when the buffer is filled by a certain amount of bytes it stops
> sending tunneled packets to the other side until it had time to catch
> up.
>
> --
> Met vriendelijke groet / with kind regards,
> Guus Sliepen <guus at tinc-vpn.org>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
>
> iD8DBQFHotdrAxLow12M2nsRAoU0AKCON1WYJ9HbO4gn0hjc+fQ1Y0T5rgCgpryT
> zu6RijmlCBFYWIfkhW/etbA=
> =QieD
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.tinc-vpn.org/pipermail/tinc/attachments/20080201/10de20c8/attachment.htm
More information about the tinc
mailing list