17 Aug
2013
17 Aug
'13
10:45 a.m.
Hello Brian,
I had only asked for clarification as there is so much legacy
information out there. When I first got started with the AMPR stuff,
the protocol number for encapsulation really confused me. The answers
took me way back in to the history of Cisco IOS, etc. but I digress. I
think your web tool is very helpful but giving out old details (the
proto 94 lines) only confuses a new user.
--David
(Please trim inclusions from previous messages)
_______________________________________________
On Tue, 2013-08-13 at 20:02 -0700, David Ranch wrote:
Just to confirm, if protocol 4 is the only one in
use, then the output
of N1URO's script needs to be updated a bit?
http://n1uro.ampr.org/cgi-bin/safe-config.cgi
--
# allow IPIP encapsulation to gate through...
iptables -I INPUT 1 -j ACCEPT --proto 4
iptables -I INPUT 1 -j ACCEPT --proto 94
iptables -I OUTPUT 1 -j ACCEPT --proto 4
iptables -I OUTPUT 1 -j ACCEPT --proto 94
iptables -I FORWARD 1 -j ACCEPT --proto 4
iptables -I FORWARD 1 -j ACCEPT --proto 94
# Create a policy to encap forward to your host...
ip rule add from 44/8 pref 1 table 1
# Now let's set the routing accordingly...
ip route add 44/8 via 69.12.138.16 dev tunl0 onlink src 44.4.10.40
ip route add default via 69.12.138.16 dev tunl0 onlink table 1
Protocol 4 is
included, so what's the problem with it? Considering it's
a suggestion ONLY output which allows one to copy and paste with a
mouse, and it does not control a remote mouse. What the system
administrator picks and chooses from it is their responsibility.