tinc connection only usable after ping from other side
Guus Sliepen
guus at sliepen.eu.org
Fri Jan 16 21:01:22 CET 2004
On Fri, Jan 16, 2004 at 07:25:24PM +0100, uws wrote:
> > Stateful firewall rules?
>
> You can view my firewall script at [1]. The tinc daemon runs on the same
> machine as the firewall script, so I don't need portforwarding. This box has
> (1) a pptp internet connection to the internet over a (2) dedicated cross
> cable LAN to my ADSL modem and a (3) local area network connection to other
> hosts. Everything works just fine, except for tinc.
The relevant lines from your firewall script are:
$IPTABLES --policy INPUT DROP
$IPTABLES --append INPUT --match state --state ESTABLISHED,RELATED --jump ACCEPT
And remember that tinc's UDP packets are sent and received to and from
$EXTERNALIF.
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at sliepen.eu.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20040116/0a2a6aab/attachment.pgp
More information about the Tinc
mailing list