On Sat, 2012-06-23 at 12:08 -0700, Steven Ihde wrote: > The attached patch adds support for a "--dtls-source-port" option to > set the source port for DTLS datagrams. For example, to ease firewall > configuration. Comments welcome. Have you tested this with DTLS reconnection, or DPD kicking in? Try *temporarily* firewalling the UDP traffic until OpenConnect detects that the peer is dead and tries to remake the connection. Does it *work*, when it tries to use the same local port again for a second connection? You may want a further patch to close the old DTLS socket *first*, rather than trying to keep it around until the new one is up and running. -- dwmw2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 6171 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20120628/b074b807/attachment.bin>
