[strongSwan] Blocking a specific resource

[Martin Willi]

Hi,

> I should note that I used the "-I" option to ensure that it is
> installed as the first rule otherwise the rules added by strongswan
> seem to supersede it in precedence (which of course makes sense).

The default updown script shipped with strongSwan also uses -I to insert
rules. If that doesn't work for you, you may change the script, or even
better create a copy that uses -A and refer to it using leftupdown in
your configuration.

Regards
Martin