[TriLUG] RedHat 8.0 / IPTables / GRE packets?
Jon Carnes
jonc at nc.rr.com
Tue Dec 10 16:49:21 EST 2002
My guess is that you need something compiled into your kernel in order
for it to handle GRE properly (or even at all). I've always had
problems with Red Hat and GRE so I stopped using Red Hat on any server
that needed GRE or IPSec. I use Mandrake Linux or OpenBSD and am a much
happier camper.
On Tue, 2002-12-10 at 16:42, prhodes at vdsinc.com wrote:
>
>
> > I was under the impression that IPTables didn't handle GRE yet, but this
> > link would tend to indicate that it has limited abilities.
>
> >
> http://lists.netfilter.org/pipermail/netfilter-devel/2002-March/006956.html
>
> Yes, I saw that. Interestingly enough, this guy talks about how he
> gets no matches on GRE packets, if his GRE rules are after rules dealing
> with ESTABLISHED connections. I, on the other hand, get not matches on GRE
> packets either way. I even moved my rules around after reading that post,
> just to make sure the GRE stuff came first. No dice.
>
> I'm not sure if the problem I'm having is indicative of a fundamental
> problem
> with netfilter or if I just have something configured incorrectly. Any
> more thoughts or suggestions are definitely appreciated, however.
>
> I guess I could try upgrading to the latest version of netfilter for
> starters.... what could it hurt? :-)
>
> TTYL,
>
> Phillip Rhodes
> Application Designer
> Voice Data Solutions
> 919-571-4300 x225
> prhodes at vdsinc.com
>
> Those who are willing to sacrifice essential liberties for a little order,
> will lose both and deserve neither. - Benjamin Franklin
>
> This country, with its institutions, belongs to the people who inhabit it.
> Whenever they shall grow weary of the existing government, they can
> exercise their constitutional right of amending it, or exercise their
> revolutionary right to overthrow it. - Abraham Lincoln
>
> No citizen shall be denied the right to bear arms, if as a last resort, to
> protect themselves from tyranny in Government. - Thomas Jefferson
>
>
> _______________________________________________
> TriLUG mailing list
> http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ:
> http://www.trilug.org/~lovelace/faq/TriLUG-faq.html
More information about the TriLUG
mailing list