[strongSwan] Iptables mark packet problem
nima chavooshi
nima0102 at gmail.com
Sun Dec 25 17:32:49 CET 2011
Hi
In our scenario, I need to mark packets so that those marked packets to be
transmitted via one tunnel. But I do not want set rightsubnet or leftsubnet.
my config is:
conn net-net
left=30.0.2.2
leftcert=peer1.crt
#leftsubnet=0.0.0.0/0
#rightsubnet=50.0.2.0/24
rightsubnet=0.0.0.0/0
right=30.0.2.1
leftid="xxxxxxx"
rightid="xxxxxxxxxx"
type=tunnel
auth=ah
auto=start
ike=3des-sha1-md5-modp1024
esp=3des-md5-modp1024
dpddelay=10s
dpdaction=restart
mark=20
Unfortunately I could not up channel with this config without any error.Of
course I have set related iptables rules.
Thanks for any help or guidance
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20111225/eb67cd2a/attachment.html>
More information about the Users
mailing list