On Tue, 2019-04-09 at 17:32 +0300, David Woodhouse wrote: > FWIW I can't ping 172.16.0.2 from my client either, which is odd. But > everything else, including netperf, is working over that link. And I > *can* ping 172.16.0.1 (the client) from the server side.
Oh, haha that's because the incoming response is eaten by the GPST
protocol's udp_catch_probe() function.
This makes client→server ping work, but don't bother because it isn't
important for our tests.
diff --git a/esp.c b/esp.c
index 289c6ebe..98a400d3 100644
--- a/esp.c
+++ b/esp.c
@@ -195,7 +195,8 @@ int esp_mainloop(struct openconnect_info *vpninfo, int
*timeout)
}
vpninfo->dtls_times.last_rx = time(NULL);
- if (vpninfo->proto->udp_catch_probe) {
+ if (vpninfo->proto->udp_catch_probe &&
+ vpninfo->dtls_state == DTLS_SLEEPING) {
if (vpninfo->proto->udp_catch_probe(vpninfo, pkt)) {
if (vpninfo->dtls_state == DTLS_SLEEPING) {
vpn_progress(vpninfo, PRG_INFO,
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ openconnect-devel mailing list [email protected] http://lists.infradead.org/mailman/listinfo/openconnect-devel
