Greetings I am trying to configure IPtables on a strongswan-installed ppp gateway (ppp1 ipaddress = $pppIP). I have tunnelled ssh packets to FORWARD to a host ( call this IP $SOMEHOST_IP},
--question:: on the gateway firewall, do I need these:- iptables -A INPUT \ -i ppp1 \ --match policy \ --pol ipsec \ --dir in \ -s $pppIP \ -d $SOMEHOST_IP \ iptables -A OUTPUT \ -o ppp1 \ --match policy \ --pol ipsec \ --dir out \ -d $pppGW \ -s $SOMEHOST_IP \ Now, because the packets are to be fowarded can I leave out the following:- --match-policy \ --pol ipsec \ --dir out/out ?? And ALSO because the packets are to be fowarded do I need prerouting rules and if I do what might this be to preroute tunneled ssh to $SOMEHOST_IP thanks in advance sincerely luxInteg ps and another thing:- this requid 1 reauid 2 I see cropping up in strongswan IPtables scripts -how is this determined ? (and I have read the manpage of iptables ) sincerely LuxInteg _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
