[Shorewall-users] UDP ports

Simon Turvey turveysp@ntlworld.com
Wed, 17 Apr 2002 17:13:01 +0100

> On Wed, 17 Apr 2002, Simon Turvey wrote:
> > Aha, my apologies.  Thanks for the quick response.
> >
> > Any thoughts on the e-mail I accidentally sent to your personal address
> > night regarding the display at startup of the fact that UDP 500, ESP,
and AH
> > are permitted when tunnels are configured?  At the moment this is a bit
> > hidden behind-the-scenes.
> >
> I guess that I have to wonder what you thought Shorewall was doing with
> the tunnel information if it wasn't using it to allow the tunnel to work?

Ah, you see, I prefer not to automatically assume that or that I have
configured everything correctly.  With this in mind I wanted to confirm that
Shorewall was handling this correctly as opposed to me just having
misconfigured something and allowing everything through.  I figured it was
quicker to ask you this than trawl through an iptables -L manually.