From owner-freebsd-hackers Thu Feb 12 14:34:03 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id OAA16038 for hackers-outgoing; Thu, 12 Feb 1998 14:34:03 -0800 (PST) (envelope-from owner-freebsd-hackers@FreeBSD.ORG) Received: from Kitten.mcs.com (Kitten.mcs.com [192.160.127.90]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA15957 for ; Thu, 12 Feb 1998 14:33:54 -0800 (PST) (envelope-from nash@Jupiter.Mcs.Net) Received: from Jupiter.Mcs.Net (nash@Jupiter.mcs.net [192.160.127.88]) by Kitten.mcs.com (8.8.7/8.8.2) with ESMTP id QAA00520; Thu, 12 Feb 1998 16:33:44 -0600 (CST) Received: from localhost (nash@localhost) by Jupiter.Mcs.Net (8.8.7/8.8.2) with SMTP id QAA10694; Thu, 12 Feb 1998 16:33:43 -0600 (CST) Date: Thu, 12 Feb 1998 16:33:43 -0600 (CST) From: Alex Nash To: "Eric J. Schwertfeger" cc: "Matthew N. Dodd" , jra@colltech.com, freebsd-hackers@FreeBSD.ORG Subject: Re: IP tunnels ? once again probably In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, 12 Feb 1998, Eric J. Schwertfeger wrote: > It almost did for me too, but doesn't seem to work on any kernal compiled > with firewalling. Has anyone else seen this behavior, or have I just > tweeked the poor thing all by myself? SKIP uses IP protocol 57 (and IIRC, a couple of UDP ports for key exchange), perhaps your firewall configuration is blocking these? Try adding a deny rule which logs all packets just before the final deny rule: ipfw add 65534 deny log ip from any to any Alex To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe hackers" in the body of the message