Filtering IPSec traffic ?
Eric Masson
e-masson at kisoft-services.com
Tue Oct 25 05:23:37 PDT 2005
VANHULLEBUS Yvan <vanhu_bsd at zeninc.net> writes:
Hi Yvan,
> That's the problem: enc0 doesn't seems to exists, at least on my
> FreeBSD6 gate (perhaps I missed something in the configuration, or
> perhaps this is not a "real" interface ?) !!!
The enc(4) interface doesn't exist in FreeBSD.
Atm, I use gif tunnels and transport mode beetween gateways, so I'm able
to filter on gifs. The other main advantage in my case is that routing
is explicit (no SPD inspection to check how packets are treated by the
stack)
Éric Masson
--
C'est chiant cette règle de blague obligatoire. En ce moment j'ai plutôt
envie de voir des os pilés. Mais ça va passer : hop un mon gros noeud
sur /dev/null et ça va mieux.
-+- GNA in : <http://www.le-gnu.net> - L'a pété un neunuerone -+-
More information about the freebsd-pf
mailing list