[Openswan Users] Listen only on one interface
Peter McGill
petermcgill at goco.net
Fri Dec 21 10:33:34 EST 2007
You should be able to block it with your iptables rules.
Ie)
iptables -t filter -A INPUT -i eth0 -p udp --dport 500 -j ACCEPT
iptables -t filter -A INPUT -p udp --dport 500 -j REJECT # or DROP
Peter McGill
> -----Original Message-----
> From: users-bounces at openswan.org
> [mailto:users-bounces at openswan.org] On Behalf Of Paul Wouters
> Sent: December 21, 2007 10:27 AM
> To: Fridtjof Busse
> Cc: users at openswan.org
> Subject: Re: [Openswan Users] Listen only on one interface
>
> On Fri, 21 Dec 2007, Fridtjof Busse wrote:
>
> > I'm running Openswan 2.4.6 and it works quite well. But I
> would like to
> > limit it to only listen on one interface (eth0, which is the
> > defaulroute).
> > Neither interfaces=%defaultroute nor
> interfaces="ipsec0=eth0" helped,
> > 'netstat' still shows me that Openswan listens on all available
> > interfaces on port 500.
> > Any way to stop this?
>
> Currently, there is no way to do that.
>
> Paul
> --
> Building and integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-294632
> 7?n=283155
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-294632
> 7?n=283155
More information about the Users
mailing list