[Openswan Users] Openswan, iptables (fiaif) and 2.6.16 kernel
Marco Berizzi
pupilla at hotmail.com
Fri Apr 14 16:24:17 CEST 2006
Laurent CARON wrote:
> 192.168.0.0/24 is my lan subnet (natted so that lan computers can
access
> the internet through the public ip address)
> 192.168.0.192 is a workstation on my lan
> 192.168.10.0/24 is the other subnet
try this on the 2.6.16 gateway:
iptables -t nat -I POSTROUTING -s 192.168.0.0/24
-d 192.168.10.0/24 -j ACCEPT
OR
iptables -t nat -I POSTROUTING -m policy
--dir out --pol ipsec -j ACCEPT
PS: you must upgrade to iptables 1.3.5
More information about the Users
mailing list