[Openswan Users]

Michael Schwartzkopff misch at multinet.de
Fri Feb 3 15:17:39 CET 2006


Am Freitag, 3. Februar 2006 15:04 schrieb Andreas Stallmann:
> Hello out there,
>
> I have some question, which was probably asked a million of times in
> many different ways before, but for some reasons, I'm blinded, and do
> not find an answer to it, or perhaps I'm just looking in the wrong places.

Hi,

do it with the policy module of iptables. See man iptables. Sample attached:

$IPTABLES -A FORWARD  -m policy --dir in -i eth2 --pol  ipsec  -m state 
--state NEW  -j ACCEPT

Works for me.

-- 
Dr. Michael Schwartzkopff
MultiNET Services GmbH
Bretonischer Ring 7
85630 Grasbrunn

Tel: (+49 89) 456 911 - 0
Fax: (+49 89) 456 911 - 21
mob: (+49 174) 343 28 75

PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B
Skype: misch42
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/users/attachments/20060203/2e1cac3f/attachment.bin


More information about the Users mailing list