[Openswan Users] iptables -d dilema for ipsec(ed) firewall question
sibu
sibxol at btconnect.com
Fri Mar 29 22:27:01 UTC 2013
Greetings,
Suppose I have a computer with network-interfaces ppp+ and eth0 of fixed
address say 172.16.0.1 ,
I have IPsec traffic coming through the ppp0 interface which I want to send to
another network. to which eth0 is attached. Suppose this other network sits
on a 10.10.10.0 subnet. In my IPtables script (for the computer with the ppp+
interface ), could I have a line such as the following therein:-
iptables \
--append INPUT \
--match policy \
--pol ipsec \
--dir in \
--in-interface ppp0 \
--destination 10.10.10.10
though I do not have the 10.10.10.0 subnet on this machine ?
Alternatively If this is not possible is there a way to mark the packets to
identify their destination prior to sending them on?
Advice would be appreciated
sinserely
Sibu
More information about the Users
mailing list