Thanks to everyone who helped with this, Peter, Stil & co.
a mixture of 3 problems all interacting
1. the issue of bastille-netfilter that supplied with the mandrake 8.1
distro is very long in the tooth 0.99-beta7, upgrading to 1.26 allowed
the following additions to work.
2 needed to add to the custom section the following rules
#----------------IPIP tunneling--------------------------------
${IPTABLES} -A PUB_IN -p 93 -i eth1 -j ACCEPT
${IPTABLES} -A PUB_IN -p 4 -i eth1 -j ACCEPT
3. not a bastille problem but one of the tunnels appeared to be using
both ip-protocol 4 & 93, strange thing was tcpdump continually showed it
as proto 93, the bastille fail log showed it as ip proto 4 !!!
there still some minor tweaks needed as the occasional block of data
gets dropped.
thanks
BG Richard
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
