mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-09 18:45:54 +02:00
cda384a280
When an on-demand VPN connection is not up, the packets will traverse the firewall and be rejected by the IPSECBLOCK chain which will cause that an ICMP error message will be sent to the client. If that does not happen and the packet is being silently dropped, the client will retransmit and by then the VPN connection will hopefully be up. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>