[Openswan Users] Iptables and Openswan
Walter Willis
walterwn at gmail.com
Tue May 19 13:22:45 EDT 2009
I am using centos 4.7 with openswan the openswan workfine, but the upgrade
kernel for 2.6.18... but the iptables not pass the openswan packets.
the ping net to net work fine, respond
iptables script
#!/bin/sh
iptables -F
iptables -A INPUT -p udp --sport 500 --dport 500 -j ACCEPT
iptables -A OUTPUT -p udp --sport 500 --dport 500 -j ACCEPT
iptables -A INPUT -p udp --sport 50 --dport 50 -j ACCEPT
iptables -A OUTPUT -p udp --sport 50 --dport 50 -j ACCEPT
iptables -A INPUT -p 50 -j ACCEPT
iptables -A OUTPUT -p 50 -j ACCEPT
... rules ...
iptables -A INPUT -j DROP
but run script and the ping of net to net not passed, the iptables -A INPUT
-j DROP is the problem,
compile bad to kernel ??
line the drop fail ???
Thanks!!!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20090519/c9d8103d/attachment.html
More information about the Users
mailing list