Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
Re: [suse-security] SuSEFirewall2, FreeS/WAN and VPN
  • From: Nadeem Hasan <nhasan@xxxxxxxxx>
  • Date: Fri, 18 Jan 2002 11:55:24 -0500
  • Message-id: <3C48537C.AAA1CD7D@xxxxxxxxx>
Nadeem Hasan wrote:
> Just make sure you have added "ipsec0" to the FW_DEV_EXT variable
> in the /etc/rc.config.d/firewall2.rc.config. This will make sure
> that rp_filter is not turned on for any interface.

Please also note that to see any effect of above, you need to reboot
or manually turn off rp_filter for all the interfaces. this is because
when you started the firewall without ipsec0 listed, it turned on
rp_filter on all the interfaces. With ipsec0 present, the script does
not change the rp_filter flag. It retains its previous value, which
is "1" as set by SuSEfirewall2 the first time.

Nadeem Hasan

< Previous Next >
Follow Ups