Andy Gay wrote:
Since 2.6.16 it's been necessary to add an ACCEPT rule for IPIP (protocol 4) in the INPUT chain, otherwise IPsec tunnel mode packets get dropped (if your INPUT policy is DROP).I was wondering if that's the intended behavior.
No it isn't the desired behaviour. It is a know issue. - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
