[Openswan Users]
Michael Schwartzkopff
misch at multinet.de
Fri Feb 3 15:17:39 CET 2006
Am Freitag, 3. Februar 2006 15:04 schrieb Andreas Stallmann:
> Hello out there,
>
> I have some question, which was probably asked a million of times in
> many different ways before, but for some reasons, I'm blinded, and do
> not find an answer to it, or perhaps I'm just looking in the wrong places.
Hi,
do it with the policy module of iptables. See man iptables. Sample attached:
$IPTABLES -A FORWARD -m policy --dir in -i eth2 --pol ipsec -m state
--state NEW -j ACCEPT
Works for me.
--
Dr. Michael Schwartzkopff
MultiNET Services GmbH
Bretonischer Ring 7
85630 Grasbrunn
Tel: (+49 89) 456 911 - 0
Fax: (+49 89) 456 911 - 21
mob: (+49 174) 343 28 75
PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B
Skype: misch42
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/users/attachments/20060203/2e1cac3f/attachment.bin
More information about the Users
mailing list