similar to: [Bug 98] state ESTABLISHED allow ipip tunnels

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=98 ------- Additional Comments From elacour@easter-eggs.com 2003-06-11 19:32 ------- I forget: If I insert a drop on protocol 4 before "ESTABLISHED" rules, ip in ip is really denied. ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

Hi, Does anyone tried to get ipip or gre tunnel behind NAT environments. ? i''m trying to make both side tunneling with ipip or gre with private address just like belows.. A -------------------FIRWWAL -------------------INET ------------------- B PRIVATE PUBLIC PUBLIC (10.100.0.1) (211.xxx.xxx.xxx) (

Hi guys, I''m trying to setup an IPIP tunnel between a Cisco router and a firewall running Debian GNU/Linux Sarge with Shorewall 2.0.13. I''ve read and implemented the http://shorewall.net/IPIP.htm document, but I don''t understand why there should be at the same time a "tunnel" and a "tunnels" script. Shorewall still refuses to let the

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=464 ------- Additional Comments From netfilter@linuxace.com 2006-07-15 18:38 MET ------- Jurgen: you are behind a box which doesn't understand the SACK option. From your trace: 02:52:32.237095 IP 134.76.88.65.11064 > 84.132.150.225.32805: P 237274514:237275954(1440) ack 372631662 win 181 <nop,nop,timestamp 229942196

I was trying the following setup with IPIP tunnels, one that used to work through another ISP, but no longer... Internal network | Linux box 1 (kernel 2.2.24) iif=10.0.0.1, extf=a.b.c.d, tunf=172.16.0.1 | |local metropolitan network | Another Linux box 2 (kernel 2.2.17, or 2.4.19, same result) iif=irrelevant, extf=x.y.z.v,

After carefull reading (LARTC) and experimentation, I am in a dead end... I am using several IPIP tunnels (linux ipip module, IP protocol 4). I''d like to filter packets going through these tunnes to different classes, on the ingress device, based on source and destination IP _INSIDE THE TUNNEL_. First I tried the nexthdr bit. As explained in LARTC, nexthdr jumps to the next header

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=517 ------- Additional Comments From netfilter@linuxace.com 2006-09-26 03:44 MET ------- *** Bug 519 has been marked as a duplicate of this bug. *** -- Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are

Hi, I''m trying to do some horrible private address routing between networks. Is there a way to handle the following? I''m guessing policy routing *might* be the way, but anyway... Two networks, accessible via public addresses -- a /29 on each. Each network, however, has more machines than this, so one also has 192.168.0.0/24 and the other has 192.168.1.0/24. I have an IPIP

Hi I am trying to setup an ipip tunnel to another linux router and am having serious problems. A bit of background first though because we may be going at this from the wrong angle. I have a router that runs bering firewall of a CF flash card that is going to act as a gteway for the amateur radio amprnet network. Heres what I need from it- I have an internal network 192.168.1.1 etc and a

Hi, I''ve a gateway host (cali), connected to the Internet via ADSL and a PPTP tunnel (ppp0). I also have a IPIP tunnel to another host over the Internet (mytun), nothing fancy. This is working perfectly. But I want to give more priority to the IPIP packets coming OUT of the PPP (PPTP connection) interface. And I can''t get this to work. Class 2:21 is the one with high

Typically (or at least somewhat occasionally) after a reboot of my shorewall[-lite] machine I find that I end up with conntrack table entries for unNATted connections such as: # conntrack -L -p udp --dport 5060 -d 99.232.11.14 udp 17 59 src=10.75.22.8 dst=99.232.11.14 sport=5060 dport=5060 packets=5472 bytes=3031488 [UNREPLIED] src=99.232.11.14 dst=10.75.22.8 sport=5060 dport=5060 packets=0

Hello Gurus, I am a small problem with routing and here are the details. Interfaces on my server: * ipsec0 - 172.19.58.94 * tunl0 - 172.19.58.94 * eth0 - 172.19.58.94 Now, the problem is that there is another host 172.19.58.200. All communication to 172.19.58.200 should be through tunl0, and all the data should be secured using IPSec (tunnel mode - because there are more machines on my

Hi! I am currently follwoing this howto: http://www.samba.org/samba/docs/man/guide/happy.html#ch6-nss02 and i am stuck with: (..)You must compile the mkntpasswd tool and then install it into the /var/lib/samba/sbin directory, as shown here(...) Where can i get the mkntpasswd sources from? Or is there a rpm package for it? Thanks, Mario -- "Sie haben neue Mails!" - Die GMX Toolbar

Hello, Looking here http://lartc.org/howto/lartc.tunnel.ip-ip.html It says to load a new_tunnel.o module. There is no such module on 2.6.9, so where would I find up-to-date documentation on ip tunnels in the Linux kernel? Thanks, Mike -- Michael P. Soulier <michael_soulier@mitel.com>, 613-592-2122 x2522 "Any intelligent fool can make things bigger and more complex... It takes a

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=498 cfilin@intermedia.net changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |chip@innovates.com -- Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email ------- You are

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=40 ------- Additional Comments From netfilter@linuxace.com 2004-12-30 20:16 MET ------- Any further word on this? Bug report is getting stale... -- Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching

Hello I have /25 addressed on a box (virtual devices on eth0) and I want to tunnel some of these addresses to my home network. One address to my gateway (a.b.c.d, external IP) and one address to my internal network (192.168.0.0/24-style). I will use the tunnels for irc, smtp and surfing. What protocol and which technique is easiest and best to use? One more thing. I don''t want to set up

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=40 netfilter@linuxace.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |netfilter@linuxace.com ------- Additional Comments From netfilter@linuxace.com 2004-11-01 06:15 MET ------- This could

https://bugzilla.netfilter.org/show_bug.cgi?id=792 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED CC| |netfilter at linuxace.com Resolution|

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=90 netfilter@linuxace.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |netfilter@linuxace.com Status|ASSIGNED |RESOLVED Resolution|