Re: IPSec - IPTables issues

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Nico Schottelius <nico-linux-net@xxxxxxxxxxxxxxx>
Subject: Re: IPSec - IPTables issues
From: Patrick McHardy <kaber@xxxxxxxxx>
Date: Wed, 05 May 2004 12:27:32 +0200
Cc: Pablo Neira <pablo@xxxxxxxxxxx>, netfilter@xxxxxxxxxxxxxxxxxxx, gregor-net@xxxxxxxxxxx, linux-net@xxxxxxxxxxxxxxx
In-reply-to: <20040504211557.GA236@schottelius.org>
References: <20040502155538.GD515@schottelius.org> <4096317F.8020609@eurodev.net> <20040504211557.GA236@schottelius.org>
Sender: netfilter-admin@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040122 Debian/1.6-1

Nico Schottelius wrote:

Wouldn't this work fine, if we have the virtual device like freeswan had
or is netfilter broken with this?

I mean I cannot practicly setup an IPSec only access point with the current
netfilter and ipsec in Linux 2.6, or am I deadly wrong?

Check out the ipsec-* patches and the policy match in netfilter pom-ng.

Regards
Patrick

References:
- Re: IPSec - IPTables issues
  - From: Nico Schottelius

Prev by Date: Re: NAT - HELP
Next by Date: Re: Simple question
Previous by thread: Re: IPSec - IPTables issues
Next by thread: Re: IPSec - IPTables issues
Index(es):
- Date
- Thread

[Index of Archives] [Linux Netfilter Development] [Linux Kernel Networking Development] [Netem] [Berkeley Packet Filter] [Linux Kernel Development] [Advanced Routing & Traffice Control] [Bugtraq]

Powered by Linux