summaryrefslogtreecommitdiff
path: root/ipmasq/rules/I50ipsec.rul
blob: 8d6e859942d10a62969dfbdadff54a00095a5c44 (plain) 
    

  1. #: Accept packets from remote ipsec networks on ipsec interfaces
    2. 

  2. if [ -n "$IPSECCONN" ]; then
    3. 

  3.     for i in $IPSECCONN; do
    4. 

  4.     eval "IPSEC_IF=\$IPSEC_IF_$i"
    5. 

  5.     eval "IPSEC_HERE=\$IPSEC_HERE_$i"
    6. 

  6.     eval "IPSEC_THERE=\$IPSEC_THERE_$i"
    7. 

  7.         case $MASQMETHOD in
    8. 

  8.         ipfwadm)
    9. 

  9.             $IPFWADM -I -a accept -W ${IPSEC_IF%%:*} -S $IPSEC_HERE
    10. 

  10.             $IPFWADM -I -a accept -W ${IPSEC_IF%%:*} -S $IPSEC_THERE
    11. 

  11.             ;;
    12. 

  12.         ipchains)
    13. 

  13.         $IPCHAINS -A input -j ACCEPT -i ${IPSEC_IF%%:*} -s $IPSEC_HERE
    14. 

  14.         $IPCHAINS -A input -j ACCEPT -i ${IPSEC_IF%%:*} -s $IPSEC_THERE
    15. 

  15.             ;;
    16. 

  16.     netfilter)
    17. 

  17.         $IPTABLES -A INPUT -j ACCEPT -i ${IPSEC_IF%%:*} -s $IPSEC_HERE
    18. 

  18.         $IPTABLES -A INPUT -j ACCEPT -i ${IPSEC_IF%%:*} -s $IPSEC_THERE
    19. 

  19.         ;;
    20. 

  20.         esac
    21. 

  21.     done
    22. 

  22. fi
    23.
generated by cgit v1.2.3 (git 2.46.0) at 2024-11-05 09:49:48 +0000