> # svi ipsec --restart > ipsec_setup: Stopping FreeS/WAN IPsec... > ipsec_setup: stop ordered, but IPsec does not appear to be running! > ipsec_setup: doing cleanup anyway... > ipsec_setup: Starting FreeS/WAN IPsec 1.91... > ipsec_setup: WARNING: ipsec0 has route filtering turned on, KLIPS may > not work > ipsec_setup: (/proc/sys/net/ipv4/conf/ipsec0/rp_filter = `1', should be > 0) > ipsec_setup: WARNING: eth0 has route filtering turned on, KLIPS may not > work > ipsec_setup: (/proc/sys/net/ipv4/conf/eth0/rp_filter = `1', should be > 0) > > What is this route filtering error?
See the FreeS/WAN docs...they talk about it some. There's also some info in the FreeS/WAN (and LRP) list archives. > What can be done about it? Is it a > show stopper? You can disable route filtering on the external interface. Enabling rp_filter is reported to prevent some IPSec tunnels from working (hence the warning), althogh I have never had a problem with subnet-subnet tunnels functioning with rp_filter enabled, so I just leave it on and ignore the warnings. YMMV Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
