> ipchains -I forward 2 -s 192.168.0.0/16 -d 192.168.31.0/24 -j ACCEPT > ipchains -I forward 3 -s 192.168.31.0/24 -d 192.168.0.0/16 -j ACCEPT > > Well, this is just in case it can be useful for anyone else. I have no > idea how to do it, but should this be integrated on the image > configuration ?
Just an FYI here.. these rules must occur BEFORE any NAT rules.. As for where they could go.. I would suggest you modify the IPSEC /etc/init.d/ipsec (or whatever it is) script to insert rules before the other rules listed in the FORWARD chain. Obviously the user needs to modify these on a per-setup basis, so the IPSEC package documentation needs to point this out.. P ------------------------------------------------------- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
