Tom Eastep wrote: > > Then you would have seen a rule in the vlan4_in chain such as follows: > > xx yyyy rem2fw all -- * * 0.0.0.0/0 > 0.0.0.0/0 policy match dir in pol ipsec > > An traffic entering on vlan4 would have been passed through the rem2fw chain.
That should have read:
And decrypted traffic entering on vlan4 would have been passed
through the rem2fw chain.
Of course, the only decrypted traffic that you expect are the GRE packets.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ [EMAIL PROTECTED]
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
