what comes first Cipe or netfilter...
Fri, 18 Jan 2002 13:58:04 -0500
Content-Type: text/plain; charset=us-ascii
* Alex (email@example.com) wrote:
> The thing is that I'm not sure what kind of packets netfilter will see : =
> UDP-packets with the real src/dst IP-addresses or the encapsulated packets
> inside those with the cipe IP's. This makes a huge difference though cause
> netfilter will decide by that whether to jump to the INPUT or FORWARD cha=
netfilter is going to see both.
The UDP packets from the remote host will come in on your real
external interface (like eth0) and then CIPE will pick up on
them, decrypt them and whatnot, and then you'll see the data
that was encapsulated in that UDP packet come in on your CIPE
interface (like cipcb0).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----