cipe and netfilter|
Fri, 18 Jan 2002 22:19:28 +0100|
This is a question about a cipe tunnel in conjunction with netfilter. I have
a cipe tunnel working between 2 boxes but only if I disable the packet
In order to adjust my iptables script accordingly I need to know this :
What is the exact running order of things that happen when a packet arrives
from the other end of a cipe tunnel.
I suppose the very first thing that happens is that the cipe daemon
intercepts the packets and decapsulates/decrypts them in order to get the
hidden ip-packets in side the udp-packets before routing/netfilter decisions
are made. Is that correct ?
The thing is that I'm not sure what kind of packets netfilter will see : the
UDP-packets with the real src/dst IP-addresses or the encapsulated packets
inside those with the cipe IP's. This makes a huge difference though cause
netfilter will decide by that whether to jump to the INPUT or FORWARD chain.
So I guess what I need to know is at what exact point does cipe intercept
the packets and decapsulate/decprypt them.
Can someone clarify this for me that'd be awesome.