[Openswan Users] Firewalling differences between freeswan/2.4 and openswan/2.6

Tue May 24 11:31:03 CEST 2005

I've got a batch of installations which I am planning to upgrade from a
Freeswan 1.99 on 2.4 kernel to Openswan 2.3.x on a 2.6 kernel using the
NETKEY ipsec support.

I don't currently have a good feel for how the ipsec and the netfilter
firewalls interact on 2.6.  On the old system it was pretty simple -
there were separate interfaces for ipsec tunnelled data and the physical
interfaces.  Now this distinction has gone.

Could folks give me some pointers towards information on how this stuff
wriggles its way through the netfilter infrastructure.

Cheers
	Nigel.
-- 
[ Nigel Metheringham           Nigel.Metheringham at InTechnology.co.uk ]
[ - Comments in this message are my own and not ITO opinion/policy - ]