diff options
| author |   jmc <jmc@openbsd.org> | 2006-09-13 11:40:01 +0000 |
|---|---|---|
| committer | jmc <jmc@openbsd.org> | 2006-09-13 11:40:01 +0000 |
| commit | b0594927c90965f9f23d3bd15b198d047b14ee2c (patch) | |
| tree | 9c2d50d71b6489ca84a21ec5808eba0732eec11b | |
| parent | missing word; from matthew clarke (diff) | |
| download | wireguard-openbsd-b0594927c90965f9f23d3bd15b198d047b14ee2c.tar.xz wireguard-openbsd-b0594927c90965f9f23d3bd15b198d047b14ee2c.zip | |
use "proto ipencap" for the gateway filter rules;
pointed out by msf; explained by markus
| -rw-r--r-- | sbin/ipsecctl/ipsec.conf.5 | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/sbin/ipsecctl/ipsec.conf.5 b/sbin/ipsecctl/ipsec.conf.5 index 7edbfeea916..74850c09d7b 100644 --- a/sbin/ipsecctl/ipsec.conf.5 +++ b/sbin/ipsecctl/ipsec.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ipsec.conf.5,v 1.92 2006/09/12 15:20:58 jmc Exp $ +.\" $OpenBSD: ipsec.conf.5,v 1.93 2006/09/13 11:40:01 jmc Exp $ .\" .\" Copyright (c) 2004 Mathieu Sauve-Frankel All rights reserved. .\" @@ -688,8 +688,8 @@ and networks 10.0.1.0/24 and 10.0.2.0/24, are permitted. .Bd -literal -offset indent block on enc0 -pass in on enc0 from 192.168.3.2 to 192.168.3.1 -pass out on enc0 from 192.168.3.1 to 192.168.3.2 +pass in on enc0 proto ipencap from 192.168.3.2 to 192.168.3.1 +pass out on enc0 proto ipencap from 192.168.3.1 to 192.168.3.2 pass in on enc0 from 10.0.2.0/24 to 10.0.1.0/24 pass out on enc0 from 10.0.1.0/24 to 10.0.2.0/24 .Ed |