Date: Sat, 1 Mar 2003 16:32:55 -0500 (EST) From: Alwyn Goodloe <agoodloe@saul.cis.upenn.edu> To: freebsd-security@FreeBSD.ORG Subject: IPSEC port filtering Message-ID: <Pine.GSO.4.44.0303011624500.771-100000@saul.cis.upenn.edu>
next in thread | raw e-mail | index | archive | help
In performing the setup for an experiment I have the following command: setkey -c <<EOF spdadd 192.168.4.2/32[any] 192.168.3.2/32[3322] udp -P out ipsec esp/tunnel/192.168.5.1-192.168.7.2/require esp/tunnel/192.168.5.1-192.168.5.2/require Unfortunately, it doesn't seem to be filtering out UDP the packets heading to that port. They just pass over the wire in the clear. Using tcpdump I can watch them heading for 192.168.3.2.3322 If I remove the port ([3322]) the packets are put in the tunnel. Is there something wrong with the port filtering here. Alwyn Goodloe agoodloe@gradient.cis.upenn.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.44.0303011624500.771-100000>