On Sun, May 29, 2016 at 02:13:19PM -0400, Paul Wouters wrote: > You can limit the tunnel to only allow port 80 traffic using > leftprotoport=tcp/80 and rightprotoport=tcp/0 > > But then you still need to be sure unencrypted traffic is blocked if that's > what you want to happen.
And of course HTTP traffic on a different port won't work. That would require a much more advanced way to recognize the protocol, and in fact iptables may in fact be the right tool for that. -- Len Sorensen _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
