what comes first Cipe or netfilter...
Fri, 18 Jan 2002 10:20:25 -0800
This is a question about a cipe tunnel in conjunction with netfilter. I have
a cipe tunnel working between 2 boxes but only if I disable the packet
In order to adjust my iptables script accordingly I need to know this :
What is the exact running order of things that happen when a packet arrives
from the other end of a cipe tunnel.
I suppose the very first thing that happens is that the cipe daemon
intercepts the packets and decapsulates/decrypts them in order to get the
hidden ip-packets in side the udp-packets before routing/netfilter decisions
are made. Is that correct ?
The thing is that I'm not sure what kind of packets netfilter will see : the
UDP-packets with the real src/dst IP-addresses or the encapsulated packets
inside those with the cipe IP's. This makes a huge difference though cause
netfilter will decide by that whether to jump to the INPUT or FORWARD chain.
Can someone clarify this for me that'd be awesome and I apologize if you
think this doesn't belong to this list.
thx and keep this awesomw list up please !!