2008/6/24 Jan Engelhardt <jengelh@xxxxxxxxxx>: > > On Tuesday 2008-06-24 10:36, Gergely Buday wrote: >>> As such -p udp 500 and -p esp will be needed for a firewall; >>> and only -p udp 4500 for a NAT. >> >>Thanks for your help. I made it work by adding "500" after -p udp in >>the first command. Does this make a security risk? > > Rent a security guy who will talk you into it being either > "yeah that's secure" or "well but that opens holes"? :-) Oh, thanks. I thought that it was just me who did not understand security :-) - Gergely -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
