[Openswan Users] Firewalling a vpn connection

Fred Strauss stridervc at gmail.com
Fri Aug 19 17:54:19 CEST 2005


On 8/18/05, Paul Wouters <paul at xelerance.com> wrote:
> On Thu, 18 Aug 2005, Fred Strauss wrote:
> 
> > Is there anyway for iptables to distinguish between a packet that came
> > across the vpn and packets that didn't? Or, is there a way to get an
> > ipsec interface somehow, so that I can seperately firewall that
> > interface?
> 
> The easiest way is to use KLIPS instead of NETKEY. KLIPS is the Openswan
> kernel module for IPsec. You can either compile it yourself from source,
> or grab a premade RPM from ftp.openswan.org.

Hi

As far as I know I'm already using KLIPS. I'm running RedHat
Enterprise Linux 4, kernel 2.6.9
Should that give me an ipsec or similiar network interface?

Kind regards
Fred

-- 
Fred Strauss
Obsidian Systems (Pty) Ltd.
http://www.obsidian.co.za - we know xuniL
http://www.strider.co.za/gpg.pub


More information about the Users mailing list