[Openswan Users] NETKEY matching most generic first

Michael H. Warfield mhw at WittsEnd.com
Thu Sep 3 23:04:31 EDT 2009

Say Paul,

On Thu, 2009-08-20 at 17:43 -0400, Paul Wouters wrote:
> On Thu, 20 Aug 2009, Daren Hickman wrote:

> > How do I prevent traffic destined for from entering the
> > tunnel?

> conn bypass
>  	left=
>  	right=
>  	type=passthrough
>  	authby=never
>  	auto=route

	Ah, isn't he going to need that netlink patch for the shunt eroutes for
this?  I see it's in 2.6.23dr3.  I've got to go back and test this out.
Been a little busy lately.  Looking forward to the release.  :-)

> Paul

Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 481 bytes
Desc: This is a digitally signed message part
Url : http://lists.openswan.org/pipermail/users/attachments/20090903/11d6b183/attachment.bin 

More information about the Users mailing list