[strongSwan] does aa3d5bf7916ce8fed0051feadae0b0139d5fbe24 (tun device for charon-nm) affect iptables?

[Tobias Brunner]

Hi Harri,

> ip link shows me a new network interface "tun0" that wasn't there before
> the strongswan upgrade, AFAIR.

Yes, that's the dummy TUN device that's created so systemd-resolved can
associate DNS servers with it (see [1]).

> Do I have to define additional rules in
> iptables for tun0?

I don't think so, the device is not really used and only locally accessible.

Regards,
Tobias

[1] https://wiki.strongswan.org/issues/3615