Ipsec and PREROUTING
edspremolla at antel.com.uy
Thu Apr 7 14:08:26 CEST 2005
I'm trying to configure a box with Linux kernel 2.6 native ipsec, that
now works as a firewall with SNAT.
My internal network is 10.1.1.0/24, but the ipsec tunnel need to se part
of it as 10.2.1.0/24, so my question is:
Once the ipsec packets are decrypted them came again from eth1 that is
my external interface, them were market in mangle PREROUTING to let them
in, but them pass again through filter PREROUTING in order to be
And other question : are there any debug tool that allow to sniff
packets as them traverse the different tables? Like tcpdump in the point
between PREROUTING and FORWARD.
Many thanks in advance.
More information about the netfilter