How to recognize tinc TCP connection with iptables
Guus Sliepen
guus at tinc-vpn.org
Sat Aug 31 22:43:06 CEST 2013
On Sat, Aug 31, 2013 at 01:05:43PM -0700, Nikolaus Rath wrote:
> >> So I think as long as my rule is specific enough to distinguish tinc and
> >> TLS, I should be good.
> >
> > In that case, you can just match the "0 " at the start of the connection, you
> > don't have to look further.
>
> Hmm. It seems it's a bit more complicated than that. Unless I'm
> mistaken, a tinc client waits for the tinc server to send his greeting
> before it sends his own
You are mistaken. Luckily, otherwise sslh wouldn't work either :)
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20130831/94bf2d7b/attachment.sig>
More information about the tinc
mailing list