Andrew,
Take a look at the GRE & PPTP connection tracker/nat module
that is in netfilter CVS patch-o-matic. It will be in iptables
1.2.7, but it's already working at the moment.
Regards,
Filip
-----Original Message-----
From: Andrew Burgess [mailto:[EMAIL PROTECTED]]
Sent: Mon 29/04/2002 16:24
To: netfilter
Cc:
Subject: Re: GRE tunneling & ipfilters
We are in the process of trying to forward GRE and we decided we needed
a kernel patch
to make it work. The GRE packets apparently have a checksum inside that
includes
the original destination ip address and if you forward without changing
this you
just get checksum errors at the destination.
This is the information we found that includes a link to the patch:
http://www.impsec.org/linux/masquerade/ip_masq_vpn.html
That said, we haven't tried the patch yet so maybe there is a way to
make
it work without.
HTH
Andrew
Title: RE: GRE tunneling & ipfilters
- GRE tunneling & ipfilters Mark Orenstein
- Re: GRE tunneling & ipfilters Ramin Alidousti
- Re: GRE tunneling & ipfilters Ramin Alidousti
- Re: GRE tunneling & ipfilters Ramin Alidousti
- RE: GRE tunneling & ipfilters Joe Patterson
- Re: GRE tunneling & ipfilters Ramin Alidousti
- Re: GRE tunneling & ipfilters Andrew Burgess
- RE: GRE tunneling & ipfilters Joe Patterson
- Re: Re: GRE tunneling & ipfilters Mark Orenstein
- Sneppe Filip
