IPSec Protocol 4 (ipcomp) traffic dropped
pupilla at hotmail.com
Fri Jan 19 09:18:50 CET 2007
Andrew J. Millar wrote:
> Basically, IPtables is seeing, and dropping protocol 4 (IP Payload
> Compression Protocol) packets relating to an OpenSwan IPSec tunnel as
Yes, it a know problem to the netfilter
team since 2.6.16-rcX
> Only when I add a rule to allow protocol 4 on HOST-A as follows, is
> attempt to reach HOST-A:22 successful.
> iptables -A INPUT -s BBB.BBB.BBB.BBB -d AAA.AAA.AAA.AAA -p 4 -j ACCEPT
Yes, this is a good workaround (for now).
More information about the netfilter