[Openswan Users] Firewalling a vpn connection
Fred Strauss
stridervc at gmail.com
Fri Aug 19 17:54:19 CEST 2005
On 8/18/05, Paul Wouters <paul at xelerance.com> wrote:
> On Thu, 18 Aug 2005, Fred Strauss wrote:
>
> > Is there anyway for iptables to distinguish between a packet that came
> > across the vpn and packets that didn't? Or, is there a way to get an
> > ipsec interface somehow, so that I can seperately firewall that
> > interface?
>
> The easiest way is to use KLIPS instead of NETKEY. KLIPS is the Openswan
> kernel module for IPsec. You can either compile it yourself from source,
> or grab a premade RPM from ftp.openswan.org.
Hi
As far as I know I'm already using KLIPS. I'm running RedHat
Enterprise Linux 4, kernel 2.6.9
Should that give me an ipsec or similiar network interface?
Kind regards
Fred
--
Fred Strauss
Obsidian Systems (Pty) Ltd.
http://www.obsidian.co.za - we know xuniL
http://www.strider.co.za/gpg.pub
More information about the Users
mailing list