[Bug 98] New: state ESTABLISHED allow ipip tunnels
bugzilla-daemon@netfilter.org
bugzilla-daemon@netfilter.org
Wed, 11 Jun 2003 19:29:16 +0200
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=98
Summary: state ESTABLISHED allow ipip tunnels
Product: netfilter/iptables
Version: linux-2.4.x
Platform: i386
OS/Version: Debian GNU/Linux
Status: NEW
Severity: normal
Priority: P2
Component: connection tracking
AssignedTo: laforge@netfilter.org
ReportedBy: elacour@easter-eggs.com
CC: netfilter-buglog@lists.netfilter.org
I saw that just using those rules:
iptables -I INPUT -m state --state ESTABLISHED -j ACCEPT
iptables -I OUTPUT -m state --state ESTABLISHED -j ACCEPT
with everything else dropped allow an ip in ip tunnel to pass, without
explicitely allow protocol 4.
iptables v1.2.6a
kernel 2.4.20
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.