<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: RE: A few questions
From: "K. David Prince" <kdp,AT,hanhet,DOT,loew,DOT,washington,DOT,edu>
Date: Thu, 27 Dec 2001 19:23:27 +0100
In-reply-to: <9097D3905570D111947E00207810DFE15E60FE@WINTRIX.thermeon.com>

On Thu, 27 Dec 2001 SBNelson,AT,thermeon,DOT,com wrote:

<snip>

> > 2. Can CIPE be bound to 1 and only 1 device?
>       I don't know for sure but I don't think so.  Since CIPE's transports
> its data using UDP,  it simply uses the OS's routing features to route the
> packets.  So, if you want that to happen, you will have to do that outside
> of CIPE (using iproute2 software and/or ipchains/iptables??)
                                                   ========
Scott, do you have example iptable commands that do this?  I'm still
learning firewall chains and I can't seem to get packets to pass through
the cipe interface.  Everything is up and running.  For example, when I
restart cipe, syslog reports:

Dec 27 09:26:54 fw01 ciped-2.4.17-rc1[919]: CIPE daemon vers 1.5.2 (c) Olaf 
Titz 1996-2000
Dec 27 09:26:54 fw01 kernel: cipcb0: alloc
Dec 27 09:26:54 fw01 kernel: cipcb: read_lock(&tasklist_lock) at 
../cipe/device.c:216
Dec 27 09:26:54 fw01 kernel: cipcb: read_unlock(&tasklist_lock) at 
../cipe/device.c:220
Dec 27 09:26:54 fw01 kernel: cipcb0: setpar
Dec 27 09:26:54 fw01 kernel: cipcb0: setpar 0.0.0.0:0 1000 60000 0200 0
Dec 27 09:26:54 fw01 kernel: cipcb0: setkey
Dec 27 09:26:54 fw01 kernel: cipcb0: attach
Dec 27 09:26:54 fw01 kernel: cipcb0: opened
Dec 27 09:26:54 fw01 kernel: cipcb0: cipe_sendmsg
Dec 27 09:26:54 fw01 kernel: cipcb0: cipe_recvmsg
Dec 27 09:26:54 fw01 ciped-2.4.17-rc1[919]: peer configuration info: proto=3, 
crypto=b, version=1.5, correct key parser
Dec 27 09:26:54 fw01 kernel: cipcb0: cipe_recvmsg

running the route command shows cipcb0 as being up.

Thanks,
Dave

<snip>





<< | Thread Index | >> ]    [ << | Date Index | >> ]