"
<p> ipsec eroute --add --eraf inet --src <a href="http://company.com/24">company.com/24</a> \<br> --dst <a href="http://mail.ngo.org/32">mail.ngo.org/32</a> --transport-proto 6 \<br> --dst-port 110 --said
<a href="mailto:tun.135@mail.ngo.org">tun.135@mail.ngo.org</a></p>
<p> sets up an eroute on on a Security Gateway to protect only TCP traffic on port 110 (pop3) between the subnet com$B!>(B<br> <a href="http://pany.com">pany.com</a> with 24 bits of subnet mask and the host <a href="ftp://ftp.ngo.org/">
ftp.ngo.org</a> via Security Gateway <a href="http://mail.ngo.org">mail.ngo.org</a> using the Security<br> Association with Security Association ID <a href="mailto:tun0x135@mail.ngo.org">tun0x135@mail.ngo.org</a>
. Note that any other traffic bound for<br> <a href="http://mail.ngo.org">mail.ngo.org</a> that is routed via the ipsec device will be dropped. If you wish to allow other traffic to pass<br> through then you must add a %pass rule. For example the following rule when combined with the above will ensure
<br> that POP3 messages read from <a href="http://mail.ngo.org">mail.ngo.org</a> will be encrypted but all other traffic to/from <a href="http://mail.ngo.org">mail.ngo.org</a> will be in<br> clear text.</p>
<p> ipsec eroute --add --eraf inet --src <a href="http://company.com/24">company.com/24</a> \<br> --dst <a href="http://mail.ngo.org/32">mail.ngo.org/32</a> --said %pass<br></p>
<div>"</div>
<div>information upside come from manpage of ipsec_eroute. i want to know that if i have just one enty added like "
<p> ipsec eroute --add --eraf inet --src <a href="http://company.com/24">company.com/24</a> \<br> --dst <a href="http://mail.ngo.org/32">mail.ngo.org/32</a> --transport-proto 6 \<br> --dst-port 110 --said
<a href="mailto:tun.135@mail.ngo.org">tun.135@mail.ngo.org</a></p>" , does any other trffic bound for <a href="http://mail.ngo.org">mail.ngo.org</a> routed via this ipsec device will be droped?</div>