VPN Masquerading support on Kernel 2.4
HI,
Some bad news first, I've seen that a few linux flavors, use ipchains or iptables, and they can't run in the same kernel. The only way you can have a mix of both is recompiling your kernel. By now I'm installing iptables 1.2.4 using iptables NAT features to set up a IPsec tunnel generator. I moved to iptables because ipchains is too hard to handle, the only shaper that works quite good is cipe. But it's a static VPN. As we need a dynamic tunnel generator, I started to develop some iptables scripts. But they are experimental at this time. To set up all the iptables features you have to use version 1.2.4. and of course recompile the kernel. Ipchains handles the packet's header, with no socket handling. With iptables, you can handle the header, socket, and the mac address of the WAN interface at both ends, (some other things like dynamic NAT, and other stuff).
Hope it helps ! 
VPN Masquerading support on Kernel 2.4
There was a patch provided for 2.2.x versions of the Linux kernel to assist with VPN masquerading. (it works with IPCHAINS)
Is there such a patch available for kernel 2.4.x ?
If not is it possible to setup iptables to allow
masquerdaing with VPN ?
Thanks much
Ramdev/-
This conversation is currently closed to new comments.