[Openswan Users] Iptables problem (netkey)
Andreas Steffen
andreas.steffen at strongsec.net
Wed Jan 9 12:59:47 EST 2008
Have a look at the following iptables sample for a net2net connection
based on ipsec policies and using the reqid of the tunnel:
http://www.strongswan.org/uml/testresults4/ikev1/net2net-cert/moon.iptables
Here is an _updown script which automatically inserts and removes
ipsec-policy-based iptables rules using environment variables
received from the PLUTO daemon:
http://wiki.strongswan.org/browser/trunk/src/_updown/_updown.in
Best regards
Andreas
Arn Vollebregt wrote:
>> -----Original Message-----
>> From: users-bounces at openswan.org [mailto:users-bounces at openswan.org] On
>> Behalf Of Nicole Hähnel
>>
>> Until now we added iptables rules on interface ipsec0 to accept traffic
>> between networks.
>> Without an ipsec interface it's a little bit difficult to add rules.
>
> You might want to look at the ipsec policy in iptables, which will do what
> you want
>
> Regards,
>
> Arn Vollebregt
=======================================================================
Andreas Steffen e-mail: andreas.steffen at strongsec.com
strongSec GmbH home: http://www.strongsec.com
Alter Zürichweg 20 phone: +41 1 730 80 64
CH-8952 Schlieren (Switzerland) fax: +41 1 730 80 65
==========================================[strong internet security]===
More information about the Users
mailing list