[Openswan Users] SuSE 9.2 Openswan
Ludwig Nussel
ludwig.nussel at suse.de
Wed Apr 27 10:51:01 CEST 2005
datasis at cantv.net wrote:
> [...]
> These are the firewall settings:
> FW_DEV_EXT="dsl0"
> FW_ROUTE="yes"
> FW_MASQUERADE="yes"
> FW_MASQ_DEV="$FW_DEV_EXT"
> FW_MASQ_NETS="0/0,!192.168.1.0/24"
> FW_PROTECT_FROM_INTERNAL="no"
> FW_AUTOPROTECT_SERVICES="no"
> FW_SERVICES_EXT_TCP="http ssh 80"
> FW_SERVICES_EXT_UDP="isakmp"
> FW_SERVICES_DMZ_TCP="80"
> FW_SERVICES_INT_TCP="80"
> FW_SERVICES_INT_IP="esp"
^^^ should be EXT. Yes, it' a typo in the example
you copied that from :-)
Turn off the log limit then you'll see the esp packets getting
dropped.
cu
Ludwig
--
(o_ Ludwig Nussel
//\ SUSE LINUX Products GmbH, Development
V_/_ http://www.suse.de/
More information about the Users
mailing list