[Openswan Users] Tunnels come up, but not all traffic goesthrough
Michael Richardson
mcr at sandelman.ottawa.on.ca
Fri Jun 11 12:39:03 CEST 2004
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Herbert" == Herbert Xu <herbert at gondor.apana.org.au> writes:
>> Now, if one simply "change all references to ipsec0 to eth1",
>> then one has just permitted traffic from the outside to arrive on
>> eth1, unencrypted.
Herbert> No you haven't. As long as your IPsec connection is
Herbert> routed/up, there will be a policy in the kernel policy
Herbert> engine that says any traffic matching those criteria must
Exactly.
- --
] "Elmo went to the wrong fundraiser" - The Simpson | firewalls [
] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[
] mcr at xelerance.com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys
iQCVAwUBQMnSFYqHRg3pndX9AQGihAP9GKkjqSoAXw1jswJxXHwnrr66/3KE7dqO
0GmytUU+9q/+O4rUiZ7y+VcvGDeZM3WqMmbOGQzvR1akh16SI5hHFio8HQRlJyNa
HBCC8GADSjtSQrFfR9wLQI/eRZ+JtqcmDYOp+hHqVxWq8SbwZSZ75xyTfFdo9NPN
KK7Z5wocx/U=
=Q2Qu
-----END PGP SIGNATURE-----
More information about the Users
mailing list