[Openswan Users] KLIPS and iptables policy match
Paul Wouters
paul at xelerance.com
Thu Mar 31 03:57:07 EDT 2011
On Wed, 30 Mar 2011, John A. Sullivan III wrote:
> Hello, all. Does the iptables policy match, e.g., "-m policy --strict
> --dir in --pol ipsec --proto esp --mode tunnel," match esp packets using
> KLIPS or just netkey?
AFAIK, it should because it is matching packet content. It will be slightly
different because of the different path of the packet via multiple interfaces
(eth0 vs eth0+ipsec0)
Paul
More information about the Users
mailing list