I've seen the mangling of packets before in windows based firewalls.<br><br>Is does that with protocols like DNS or SMTP, there might be some content checking in there, somehow some windows firewalls assume that "an extra CR never hurts" :) (handy if you want to send the key negotiation directly to an old matrix printer...)<br>
<br>Anyway, either get a normal firewall or experiment with other port numbers, maybe port 515 or some other ports don't get the extra CR's.<br><br><div class="gmail_quote">On Feb 1, 2008 9:25 AM, Guus Sliepen <<a href="mailto:guus@tinc-vpn.org">guus@tinc-vpn.org</a>> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div class="Ih2E3d">On Fri, Feb 01, 2008 at 08:21:25AM +0100, Albi Rebmann wrote:<br><br>> > packets from random port numbers, there is a NAT somewhere in your<br>
> > network. You can add "TCPOnly = yes" to tinc.conf to tunnel everything<br>> > via TCP.<br>><br>> If you use TCPonly, you may have to use<br>> BlockingTCP=yes<br>> too. Thats my conclution.<br>
<br></div>In tinc 1.0.8, the BlockingTCP option doesn't do anything anymore, since<br>tinc now does its own buffering. It can grow its buffers dynamically,<br>and when the buffer is filled by a certain amount of bytes it stops<br>
sending tunneled packets to the other side until it had time to catch<br>up.<br><div><div></div><div class="Wj3C7c"><br>--<br>Met vriendelijke groet / with kind regards,<br> Guus Sliepen <<a href="mailto:guus@tinc-vpn.org">guus@tinc-vpn.org</a>><br>
</div></div><br>-----BEGIN PGP SIGNATURE-----<br>Version: GnuPG v1.4.6 (GNU/Linux)<br><br>iD8DBQFHotdrAxLow12M2nsRAoU0AKCON1WYJ9HbO4gn0hjc+fQ1Y0T5rgCgpryT<br>zu6RijmlCBFYWIfkhW/etbA=<br>=QieD<br>-----END PGP SIGNATURE-----<br>
<br>_______________________________________________<br>tinc mailing list<br><a href="mailto:tinc@tinc-vpn.org">tinc@tinc-vpn.org</a><br><a href="http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc" target="_blank">http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc</a><br>
<br></blockquote></div><br>