Le dim 11/04/2004 à 22:34, Antony Stone a écrit : > Why would a connection tracking module need to know about the addreses inside > the packets, rather than the addresses in the headers? And if you want to deal with inner packet, then you just terminate the tunnel on your firewall and see what's in through tun0/gre0/whateveryoulike0 interface. And you build another tunnel with destination and you're done. -- http://www.netexit.com/~sid/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE >> Hi! I'm your friendly neighbourhood signature virus. >> Copy me to your signature file and help me spread!
