tinc connection only usable after ping from other side

Guus Sliepen guus at sliepen.eu.org
Fri Jan 16 21:01:22 CET 2004


On Fri, Jan 16, 2004 at 07:25:24PM +0100, uws wrote:

> > Stateful firewall rules?
> 
> You can view my firewall script at [1]. The tinc daemon runs on the same
> machine as the firewall script, so I don't need portforwarding. This box has
> (1) a pptp internet connection to the internet over a (2) dedicated cross
> cable LAN to my ADSL modem and a (3) local area network connection to other
> hosts. Everything works just fine, except for tinc.

The relevant lines from your firewall script are:

$IPTABLES --policy INPUT DROP
$IPTABLES --append INPUT --match state --state ESTABLISHED,RELATED --jump ACCEPT

And remember that tinc's UDP packets are sent and received to and from
$EXTERNALIF.

-- 
Met vriendelijke groet / with kind regards,
    Guus Sliepen <guus at sliepen.eu.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20040116/0a2a6aab/attachment.pgp


More information about the Tinc mailing list