Date: Tue, 25 Oct 2005 11:57:45 +0200 From: VANHULLEBUS Yvan <vanhu_bsd@zeninc.net> To: freebsd-pf@freebsd.org Subject: Filtering IPSec traffic ? Message-ID: <20051025095745.GA2581@zeninc.net>
next in thread | raw e-mail | index | archive | help
Hi all. When setting up IPSec gates with traffic filtering (using pf, of course), I didn't find any solution / informations about how to filter IPSec traffic, except when using gif interfaces. On OpenBSD, it looks like all IPSec traffic comes from enc0, on Linux/Netfilter, they have for example the --mode tunnel to ensure the current packet comes from an IPSec tunnel, but how can I set up a filtering rule on FreeBSD, with pf, which specifies that a packet can only match if it was encapsulated ? Yvan.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051025095745.GA2581>