search for: _updown

I have a plan to make freeswan and shorewall talk to each other. Shorewall doesn''t currently have proper handles to make ipsec and firewall work properly together and I''m planning on building a custom _updown script for freeswan to make it communicate with shorewall. How can I make shorewall work properly with different road warriors with different dynamic ip-addresses and different accesses? I have following plan: have zone for every road warrior not to have zone in hosts or interfaces make updown...

...ach other''s hosts). rw rw ACCEPT rw loc ACCEPT loc rw ACCEPT /etc/shorewall/tunnels ipsec net 0.0.0.0/0 rw Am I missing something? -Tom > > > ------------------------------------------------------------------------ > > Subject: > [Shorewall-devel] Building custom _updown script for freeswan to make it > talk with shorewall > From: > Tuomo Soini <tis@foobar.fi> > Date: > Sat, 21 Sep 2002 22:23:07 +0300 > To: > Shorewall Devel <shorewall-devel@shorewall.net> > > > I have a plan to make freeswan and shorewall talk to each o...

Hello, I use Julian Anastasov ''routes'' (to be more specific: static_routes, alt_routes and nf_reroute) patches on a 2.4.32 kernel. On the same host I run IPSec. I have discovered after a few hours of networking problems that, when IPSec is enabled on that patched kernel, inspecting packets with tcpdump while arping-ing a host from a network physically connected to this

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I''m running systems with openswan and modified _updown script supporting shorewall dynamic hosts. Because on problems with cvs head version of openswan I found a error from shorewall dynamic hosts support. When host is already in zone shorewall aborts adding process with error. This is not good thing(tm). I found out that deleting host from dynamic zo...

...psec net 0.0.0.0/0 gw # # Example 3: # # Host 4.33.99.124 is a standalone system connected # via an ipsec tunnel to the firewall system. The host # is in zone gw. # # ipsec net 4.33.99.124 gw # # Example 4: # # Road Warriors that may belong to zones vpn1, vpn2 or # vpn3. The FreeS/Wan _updown script will add the # host to the appropriate zone using the "shorewall add" # command on connect and will remove the host from the # zone at disconnect time. # # ipsec net 0.0.0.0/0 vpn1,vpn2,vpn3 # # Example 5: # # You run the Linux PPTP client on your firewall and # connec...