[Olsr-dev] Asymmetric ipip not working
Markus Kittenberger
(spam-protected)
Mon Apr 26 10:06:04 CEST 2010
imho the freifunkfirmware smartgwserver should add some frewall rules, to
protect itself against the tunl0 interface
to accept only ipip packets from the mesh, and also allow traffic from tunl0
to go to the ADSL
as the smartgwtunl is (by the client) (in theory) only used to reach the
internet,..
Markus
On Mon, Apr 26, 2010 at 9:25 AM, Henning Rogge <
(spam-protected)> wrote:
> On Mon April 26 2010 08:57:27 Sven-Ola Tuecke wrote:
> > And one more: I need to re-check the security implications. Suppose you
> do
> > a telnet 127.0.0.1 which is encapsulated in ipip or something similar.
> > Your firewall may be surprised (even if that simple telnet does not
> > work)...
> Maybe there should be an additional firewall rule for traffic coming out of
> the
> generic tunnel-endpoint to block this ?
>
> Henning Rogge
>
> --
> Diplom-Informatiker Henning Rogge , Fraunhofer-Institut für
> Kommunikation, Informationsverarbeitung und Ergonomie FKIE
> Kommunikationssysteme (KOM)
> Neuenahrer Straße 20, 53343 Wachtberg, Germany
> Telefon +49 228 9435-961, Fax +49 228 9435 685
> mailto:(spam-protected) http://www.fkie.fraunhofer.de
> GPG: E1C6 0914 490B 3909 D944 F80D 4487 C67C 55EC CFE0
>
> --
> Olsr-dev mailing list
> (spam-protected)
> http://lists.olsr.org/mailman/listinfo/olsr-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.olsr.org/pipermail/olsr-dev/attachments/20100426/b7ae19a2/attachment.html>
More information about the Olsr-dev
mailing list