[Openswan Users] Firewalling a vpn connection

[Fred Strauss]

Hi All

I have a vpn running using openswan, thanks to some kind people here
that helped :)
The vpn connects to our firewall, and I'd like to allow vpn-ed clients
to connect to certain things, without allowing non-vpned spoofed ips
the same access. I've heard mention of an ipsec interface, but I don't
have one.

Is there anyway for iptables to distinguish between a packet that came
across the vpn and packets that didn't? Or, is there a way to get an
ipsec interface somehow, so that I can seperately firewall that
interface?

Kind regards
Fred

-- 
Fred Strauss
Obsidian Systems (Pty) Ltd.
http://www.obsidian.co.za - we know xuniL
http://www.strider.co.za/gpg.pub