* Mark ESP packets @ 2011-08-12 14:03 Stephen Clark 2011-08-12 14:04 ` Jan Engelhardt 0 siblings, 1 reply; 3+ messages in thread From: Stephen Clark @ 2011-08-12 14:03 UTC (permalink / raw) To: Netfilter Developer Mailing List Hello, Is it possible to mark esp packets so they can be identified when the re-traverse netfilter as unencrypted packets? Thank, Steve -- "They that give up essential liberty to obtain temporary safety, deserve neither liberty nor safety." (Ben Franklin) "The course of history shows that as a government grows, liberty decreases." (Thomas Jefferson) ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Mark ESP packets 2011-08-12 14:03 Mark ESP packets Stephen Clark @ 2011-08-12 14:04 ` Jan Engelhardt 2011-08-12 18:58 ` Stephen Clark 0 siblings, 1 reply; 3+ messages in thread From: Jan Engelhardt @ 2011-08-12 14:04 UTC (permalink / raw) To: Stephen Clark; +Cc: Netfilter Developer Mailing List On Friday 2011-08-12 16:03, Stephen Clark wrote: > Hello, > > Is it possible to mark esp packets so they can be identified when the > re-traverse netfilter as unencrypted packets? It should be, as the skb remains the same. Or you could also use -m policy --dir in --proto esp on unencrypted packets. ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Mark ESP packets 2011-08-12 14:04 ` Jan Engelhardt @ 2011-08-12 18:58 ` Stephen Clark 0 siblings, 0 replies; 3+ messages in thread From: Stephen Clark @ 2011-08-12 18:58 UTC (permalink / raw) To: Jan Engelhardt; +Cc: Netfilter Developer Mailing List On 08/12/2011 10:04 AM, Jan Engelhardt wrote: > -m policy --dir in --proto esp Thanks Jan, This appears to work. -- "They that give up essential liberty to obtain temporary safety, deserve neither liberty nor safety." (Ben Franklin) "The course of history shows that as a government grows, liberty decreases." (Thomas Jefferson) ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2011-08-12 19:21 UTC | newest] Thread overview: 3+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2011-08-12 14:03 Mark ESP packets Stephen Clark 2011-08-12 14:04 ` Jan Engelhardt 2011-08-12 18:58 ` Stephen Clark
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).