|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Dennis Pedersen (mlists
daydreamer.dk)Date: Tue Mar 05 2002 - 03:40:12 CST
----- Original Message -----
From: "Crist J. Clark" <cjcFreeBSD.ORG>
Sent: Tuesday, March 05, 2002 6:28 AM
Subject: Re: ESP + IPFW
> > Now, everything works fine. But I would like to be able to firewall the
> > packets *after* they are translated by IPSec (ESP) with IPFW? How
would I
> > do that? They seem to only pass into IPFW once, not twice.. Can you
run IPF
> > with IPFW to do it, and in that case which firewalling system gets
matched
> > first?
>
> Yep. They go through ipfw(8) once. If you run ipf(8), they go through
> ipf(8) then ipfw(8)... once.
I'm currently running natd,racoon (with gif) and ipfw on the same box. I
can't seem to figure what process to packets go throug right before ipfw (as
in : i don't now what ip number i have to allow the packets from - is it the
peer gif ip, peer wan ip , peer lan , gif?)
Anyone got a hint?
Regards,
Dennis
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]