[Openswan Users] openswan & l2tpd

tgrzelak at wktpolska.com.pl tgrzelak at wktpolska.com.pl
Fri Dec 31 15:59:20 CET 2004

Dnia pon 20. grudnia 2004 14:14, Peter Stuerzel napisał:
> Hi,
> I need some help for openswan & l2tpd.
> How can I block cleartext l2tp-packages coming directly from the
> internet, but let decrypted packages from openswan through???

use the MARK target in the iptables script, for example:

	$IPT -t mangle -A PREROUTING -i eth1 -p esp -j MARK --set-mark 50
	$IPT -A INPUT -i eth1 -m mark --mark 50 -j ACCEPT

then clear l2tp packets from the Internet won't make through, but those from 
ipsec will


More information about the Users mailing list