[Openswan Users] openswan & l2tpd
tgrzelak at wktpolska.com.pl
tgrzelak at wktpolska.com.pl
Fri Dec 31 15:59:20 CET 2004
Dnia pon 20. grudnia 2004 14:14, Peter Stuerzel napisał:
> Hi,
>
> I need some help for openswan & l2tpd.
>
> How can I block cleartext l2tp-packages coming directly from the
> internet, but let decrypted packages from openswan through???
use the MARK target in the iptables script, for example:
$IPT -t mangle -A PREROUTING -i eth1 -p esp -j MARK --set-mark 50
$IPT -A INPUT -i eth1 -m mark --mark 50 -j ACCEPT
then clear l2tp packets from the Internet won't make through, but those from
ipsec will
Tom
More information about the Users
mailing list