[Openswan Users] 26Sec to OpenSwan-1.0.3 dual-subnet routing
problem
Herbert Xu
herbert at gondor.apana.org.au
Tue Jun 15 08:34:50 CEST 2004
On Mon, Jun 14, 2004 at 12:26:17PM -0400, Charles Jones wrote:
>
> What is the path taken by an IPsec packet through the kernel with and
> without NAT?
Since NAT is currently broken wrt IPsec, this may change in future.
The ordering is currently (assuming forwarded packet in tunnel mode)
PREROUTING -> INPUT -> IPsec -> PREROUTING -> FORWARD
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert at gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
More information about the Users
mailing list