On Friday 05 March 2004 11:28 am, Carsten Maass wrote:
> Antony Stone wrote:
> >
> > How did you set up IPsec? Using FreeS/WAN and Linux kernel 2.4.x?
> > Using the new built-in IPsec in kernel 2.6.x? Some other method? It
> > makes a big difference to what you can filter, and how netfilter sees the
> > packets.
>
> Sorry, i should have bin more specific. Both gateways are Linux boxen
> with kernel 2.4.24, using the KAME IPSec-backport from kernel 2.6 in
> tunnel-mode. Both running netfilter on Debian stable with the
> ipsec-tools and racoon coming from testing:
>
> kernel-source-2.4.24 2.4.24-3
> iptables 1.2.6a-5
> ipsec-tools 0.2.2-8
> racoon 0.2.2-8
I have no experience at using Kame (but I have heard that filtering with
netfilter using the limited access to packets in the new implementation under
2.6 is "challenging"...)
Can anyone else help with this configuration?
Antony.
--
G- GIT/E d- s+:--(-) a+ C++++$ UL++++$ P+(---)>++ L+++(++++)$ !E W(-) N(-) o?
w-- O !M V+++(--) !PS !PE Y+ PGP+> t- tv@ b+++ DI++ D--- e++>+++ h++ r@? 5?
!X- !R K--?
Please reply to the list;
please don't CC me.
