diff options
| author | Jason McIntyre <jmc@cvs.openbsd.org> | 2006-09-13 11:40:02 +0000 |
|---|---|---|
| committer | Jason McIntyre <jmc@cvs.openbsd.org> | 2006-09-13 11:40:02 +0000 |
| commit | d2139f3aa4aaf1e5e623c255a4683b5d17712722 (patch) | |
| tree | cd87d39727756edb4da2d57f37676074db2b7406 /sbin/ipsecctl | |
| parent | 8e5e71f8fa7bd1f965f979245c266cf010f0ee99 (diff) | |
use "proto ipencap" for the gateway filter rules;
pointed out by msf; explained by markus
Diffstat (limited to 'sbin/ipsecctl')
| -rw-r--r-- | sbin/ipsecctl/ipsec.conf.5 | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/sbin/ipsecctl/ipsec.conf.5 b/sbin/ipsecctl/ipsec.conf.5 index 7edbfeea916..74850c09d7b 100644 --- a/sbin/ipsecctl/ipsec.conf.5 +++ b/sbin/ipsecctl/ipsec.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ipsec.conf.5,v 1.92 2006/09/12 15:20:58 jmc Exp $ +.\" $OpenBSD: ipsec.conf.5,v 1.93 2006/09/13 11:40:01 jmc Exp $ .\" .\" Copyright (c) 2004 Mathieu Sauve-Frankel All rights reserved. .\" @@ -688,8 +688,8 @@ and networks 10.0.1.0/24 and 10.0.2.0/24, are permitted. .Bd -literal -offset indent block on enc0 -pass in on enc0 from 192.168.3.2 to 192.168.3.1 -pass out on enc0 from 192.168.3.1 to 192.168.3.2 +pass in on enc0 proto ipencap from 192.168.3.2 to 192.168.3.1 +pass out on enc0 proto ipencap from 192.168.3.1 to 192.168.3.2 pass in on enc0 from 10.0.2.0/24 to 10.0.1.0/24 pass out on enc0 from 10.0.1.0/24 to 10.0.2.0/24 .Ed |