Hi all, Just wondering if there is a known bug with kernel 3.2.0.0 regarding IPSec policy matching? I have a Debian Squeeze based firewall running a backported 3.2 kernel and while it correctly matches inbound packets in the PREROUTING mangle table with 'policy match dir in pol ipsec', if I try to do a similar match in POSTROUTING for outbound packets 'policy match dir out pol ipsec' I get no match. This same logic works fine on another firewall I manage, which has an older 2.6.32 kernel. If it is a known bug, can someone tell me what kernel version I need to upgrade to to fix it? Thanks. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
