On Tue, Jul 15, 2008 at 06:28:03PM -0700, PETER EASTHOPE wrote:
> Folk,
>
> In Lenny, "man openvpn" states,
> "First, ensure that IP forwarding is enabled on both peers. On Linux,
> enable routing:
>
> echo 1 > /proc/sys/net/ipv4/ip_forward"
>
> That is an interactive approach whereas in /etc/sysctl.conf I set
> net.ipv4.ip_forward=1
This is allow the kernel to do packet forwarding
> .
>
> "man openvpn" continues,
> "... enable TUN packet forwarding through the firewall:
>
> iptables -A FORWARD -i tun+ -j ACCEPT"
>
> >From this I infer that permission for TUN packet forwarding
> is distinct from general packet forwarding. Correct?
This is allowing it in iptables (presuming you have diss allow by
default)
> What would be the conventional way to turn this on
> permanently in Lenny?
turn which on ?
>
> Thanks for any help, ... Peter E.
>
> --
> http://members.shaw.ca/peasthope/
> http://carnot.yi.org/ = http://carnot.pathology.ubc.ca/
>
>
>
> --
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
>
--
"We've got hundreds of sites to exploit, looking for the chemical and biological weapons that we know Saddam Hussein had prior to our entrance into Iraq."
packet forwarding
