[root@hwdltsaloli ~]# cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j
2011/5/17 Aleksey Tsalolikhin atsaloli.t...@gmail.com:
[root@hwdltsaloli ~]# cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
That's _protocol_ 50 and 51; not ports 50 and 51
% grep '5[01]' /etc/protocols
esp 50 ESP # Encap Security Payload
ah 51 AH # Authentication Header
IPSec traffic.
--
Hi,
On Tue, 2011-05-17 at 11:13 -0700, Aleksey Tsalolikhin wrote:
[root@hwdltsaloli ~]# cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
On Tue, May 17, 2011 at 11:25 AM, Michel van Deventer
mic...@van.deventer.cx wrote:
The -p you are referring to is NOT a port, but a protocol (number), 50
and 51 stand for IPSEC protocols (AH and ESP).
Doh! *facepalm*
Thanks, Stephen, Eero and Michel. I appreciate your help. :)
Best,
5 matches
Mail list logo
