Menu
▾
▴
Re: [leaf-user] kernel and iptables policy match option
|
From: Erich T. <eri...@th...> - 2019-03-23 00:08:06
|
Hi Jim Am 22.03.2019 um 15:37 schrieb Jim Munro: > Hi all, > > Just doing some vbox exercises in ipsec with strongswan. Do we know if the kernel and iptables are compiled with policy match option. I'm using leaf 6.02 with uClibc 1.0.17 standard release. My shorewall complains when I try to use ipsec in at least zones and hosts options files. > > The shorewall manual kinda mentions that this option is required to use ipsec. Perhaps there is a reason this might not be done? Thanks for your help and the great releases we have had of Leaf over the years. First and foremost, your release is very old. Looking at the kernel source repository as far back as 6.0.7 suggests that policy_match is included. Iptables extensions is what you may want to look at. If I am not mistaken this is in xt_add.lrp. HTH ET |
