[Openswan Users] Fedora Core 6 and ipsec0 in iptables

Ben Martin monkeyiq at users.sourceforge.net
Thu May 3 02:03:57 EDT 2007


Hi,
  Just to check if my conclusion is correct,
  From digging around it seems that for openswan on Fedora Core 6 to get
ipsec0,1,2 etc to show up in ifconfig and be able to setup packet
filtering with iptables for ipsec0 etc then I have to build a kernel
using the KLIPS patch.

  It would be nice to have the unencrypted traffic arrive on ipsecX
instead of eth1 so I can treat it differently in the firewall instead of
dubiously allowing 192.x traffic (post decryption from openswan) to
arrive on the internet connected network interface.

Thanks for any clarification.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.openswan.org/pipermail/users/attachments/20070503/2db472db/attachment.bin 


More information about the Users mailing list