Dear all, I have a linux box with suse 9.1 distro and I have set-up an ipsec tunnel using Openswan with a PIX 515. Of course there is no ipsec0 interface because of the 2.6 kernel. I am using my own application which is dealing with tcp sockets. The application is working fine through the ipsec tunnel. The problem I have is that I cannot put any firewalling regarding my tcp ports beacuse there is no ipsec0 interface to apply iptables, which means that if someone puts a linux box on my hub(where my linux box is), he can access my tcp listening ports, even though my tunnel is established. How can I prevent this? What can I do? I have not used at all racoon,setkey etc.. Only Openswan. -- Thanks in advance, Dimitris Stamatoulis