Date: Tue, 26 Nov 2002 12:37:41 +0200 From: Ari Suutari <ari.suutari@syncrontech.com> To: Eric Masson <e-masson@kisoft-services.com> Cc: greg.panula@dolaninformation.com, David Kelly <dkelly@HiWAAY.net>, FreeBSD-stable@FreeBSD.ORG Subject: Re: IPsec/gif VPN tunnel packets on wrong NIC in ipfw? Message-ID: <200211261237.41947.ari.suutari@syncrontech.com> In-Reply-To: <86n0nwr6jz.fsf@notbsdems.nantes.kisoft-services.com> References: <200211142157.57459.dkelly@HiWAAY.net> <200211260837.02019.ari.suutari@syncrontech.com> <86n0nwr6jz.fsf@notbsdems.nantes.kisoft-services.com>
index | next in thread | previous in thread | raw e-mail
Hi, On Tuesday 26 November 2002 12:04, Eric Masson wrote: > of explicit routing tables), but what about an esp interface (or > whatever name) on which detunneled packets would pass. Would be better for my purposes than gif. Hopefully someone implements something like this. Another approach could be to add new keyword to ipfw which would match only packets that came from tunnel, this would be easy to add for at least IPFW2 (I mean ipfw engine-wise, don't know how easy it would be to tag packets as coming from tunnel) Ari S. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the messagehelp
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200211261237.41947.ari.suutari>