On Tue, Jul 15, 2008 at 06:28:03PM -0700, PETER EASTHOPE wrote: > Folk, > > In Lenny, "man openvpn" states, > "First, ensure that IP forwarding is enabled on both peers. On Linux, > enable routing: > > echo 1 > /proc/sys/net/ipv4/ip_forward" > > That is an interactive approach whereas in /etc/sysctl.conf I set > net.ipv4.ip_forward=1 This is allow the kernel to do packet forwarding > . > > "man openvpn" continues, > "... enable TUN packet forwarding through the firewall: > > iptables -A FORWARD -i tun+ -j ACCEPT" > > >From this I infer that permission for TUN packet forwarding > is distinct from general packet forwarding. Correct? This is allowing it in iptables (presuming you have diss allow by default) > What would be the conventional way to turn this on > permanently in Lenny? turn which on ? > > Thanks for any help, ... Peter E. > > -- > http://members.shaw.ca/peasthope/ > http://carnot.yi.org/ = http://carnot.pathology.ubc.ca/ > > > > -- > To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org > > -- "We've got hundreds of sites to exploit, looking for the chemical and biological weapons that we know Saddam Hussein had prior to our entrance into Iraq." - George W. Bush 05/02/2003 Santa Clara, CA
Attachment:
signature.asc
Description: Digital signature