[Openswan Users] Openswan, iptables (fiaif) and 2.6.16 kernel

Laurent CARON lcaron at apartia.fr
Fri Apr 14 17:00:09 CEST 2006


Marco Berizzi wrote:
> Laurent CARON wrote:
> 
>> 192.168.0.0/24 is my lan subnet (natted so that lan computers can
> access
>> the internet through the public ip address)
>> 192.168.0.192 is a workstation on my lan
>> 192.168.10.0/24 is the other subnet
> 
> try this on the 2.6.16 gateway:
> 
> iptables -t nat -I POSTROUTING -s 192.168.0.0/24
> -d 192.168.10.0/24 -j ACCEPT
> 
> OR
> 
> iptables -t nat -I POSTROUTING -m policy
> --dir out --pol ipsec -j ACCEPT
> 
> PS: you must upgrade to iptables 1.3.5
> 


Is it a normal behavior that it stops working when upgrading from 2.6.15 
to 2.6.16?

Thanks


More information about the Users mailing list