[strongSwan] StrongSWAN and AVM Fritzbox - Help!

Daniel Mentz danielml+mailinglists.strongswan at sent.com
Sun Feb 13 19:46:01 CET 2011

On 02/13/2011 07:34 AM, Rene Bartsch wrote:
> The "leftfirewall=yes" option adds rules to FORWARD chain automatically at
> IPSec handshake:

Alright. Sorry, I missed that.

> I added a LOG target as last rule in INPUT and FORWARD chains. Trying a
> HTTP request with wget dropped the following packets:
> Feb 13 16:15:30 www kernel: [155830.694973] DROP INPUT:   IN=eth0 OUT=
> MAC=<myMAC>  SRC= DST= LEN=60 TOS=0x00 PREC=0x00
> TTL=63 ID=10640 DF PROTO=TCP SPT=39744 DPT=80 WINDOW=5840 RES=0x00 SYN
> URGP=0

What is the host with IP address Is that your Ubuntu 
server? If yes, then it makes sense that these packets hit the INPUT 
chain. It would be helpful if you could post the output of the following 
commands preferably as an attachment to your mail to avoid line wrapping:

ip -4 a


More information about the Users mailing list