Shorewall users - Jul 2003 - GRE tunnel thru shorewall!

Hi 
 
I?ve a multihomed shorewall setup! I want to allow GRE tunnels thru
shorewall in one of the two local zones!
 
In rules I defined to accept everything from net to loc for hosts in net
62.218.28.112/28 (zone loc)! I deleted the default policy ?DROP zone net
to any? and added rule for my second net in zone loc (192.168.50.1/24)
from net to drop any! But it doesn?t work! 
 
Thanks for help
 
Mit freundlichen Gr??en
G?nter Michaeller
print data
A-2700 Wiener Neustadt, Schrattensteingasse 28/42
Tel.: +43 664/1035949  Fax: +43 2622/26448-4
email: g.michaeller@print-data.at <mailto:w.schnelzer@print-data.at> 
www: www.print-data.at

On Tue, 2003-07-08 at 07:18, G?nter Michaeller wrote:
> Hi 
>  
> I?ve a multihomed shorewall setup! I want to allow GRE tunnels thru
> shorewall in one of the two local zones!
>  
> In rules I defined to accept everything from net to loc for hosts in net
> 62.218.28.112/28 (zone loc)! I deleted the default policy ?DROP zone net
> to any? and added rule for my second net in zone loc (192.168.50.1/24)
> from net to drop any! But it doesn?t work! 
>  
a) Reverse all of the horrible hacks that you describe above.
b) Go to http://www.shorewall.net/PPTP.htm#ServerBehind
c) Follow the instructions you find there ignoring the part about TCP
port 1723 (although that part won''t hurt if you include it).

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net