The protocols ESP (50) and AH (51) used in IPSec are
not listed in the firewall rule network protocol list
and are impossible to add/edit.
Furthermore, some Linux's have these protocols defined
by default, which shows the cryptic 50/51 #'s on the
display. (strangely when you press 'revert
configuration', they show up as ESP/AH)
Either way, if you edit the 50/51/ESP/AH entries and
Save, they are incorrectly changed to TCP.
Should be an easy fix, just add to the list pulldown list.
Logged In: YES
user_id=129364
The firewall module gets it's protocol list from
the /etc/protocols file, so you should just add ESP and AH to
that file on your system. In fact, I am surprised they are not
listed by default ..
Logged In: YES
user_id=877440
Odd, the entries for 50/51 are listed as IPv6-Crypt and
IPv6-Auth
ipv6-crypt 50 IPv6-Crypt # Encryption Header
for IPv6
ipv6-auth 51 IPv6-Auth # Authentication
Header for IPv6
When I first installed webmin, the default system IP tables
who an entry where the condition text reads 'If protocol is
50', and after hitting 'Revert Configuration' it reads 'If
protocol is ESP'
The keyword ESP is nowhere in the /etc/protocols file
IPV6-CRYPT and IPV6-AUTH both show up in the rule network
protocols list.
It would seem that it may be getting information from
another location as well as /etc/protocols.
Here was a website I referenced as well about what 50/51 is
used for:
http://docs.hp.com/en/B9901-90021/ch07s04.html
Just trying to provide more useful information...
Fyi, I'm using CentOS 3.4 (RHEL 3 U4 remake)