Hello John, iptables rules for UDP ports 500 and 4500 as well as ESP protocol 50 are not set by strongSwan but must be configured externally.
strongSwan's _updown script just inserts and deletes INPUT, OUTPUT and FORWARD IPsec policy rules to allow plaintext traffic that is being tunneled. http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/_updown/_updown.in;h=2c742c0103f9309fbbb1674d20fc3cebc10f383b;hb=HEAD Regards Andreas On 12/14/2010 01:12 AM, John Parker wrote: > Hi folks > > can you point me to where in StrongSwan the iptables rules are set, in > particular the rule which limits the src port to 500. > > I've poured over the source with grep etc and got no where. > > Many thanks > > John ====================================================================== Andreas Steffen [email protected] strongSwan - the Linux VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[ITA-HSR]== _______________________________________________ Dev mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/dev
