Hello Brian,
I had only asked for clarification as there is so much legacy information out there. When I first got started with the AMPR stuff, the protocol number for encapsulation really confused me. The answers took me way back in to the history of Cisco IOS, etc. but I digress. I think your web tool is very helpful but giving out old details (the proto 94 lines) only confuses a new user.
--David
(Please trim inclusions from previous messages) _______________________________________________ On Tue, 2013-08-13 at 20:02 -0700, David Ranch wrote:
Just to confirm, if protocol 4 is the only one in use, then the output of N1URO's script needs to be updated a bit?
http://n1uro.ampr.org/cgi-bin/safe-config.cgi
# allow IPIP encapsulation to gate through... iptables -I INPUT 1 -j ACCEPT --proto 4 iptables -I INPUT 1 -j ACCEPT --proto 94 iptables -I OUTPUT 1 -j ACCEPT --proto 4 iptables -I OUTPUT 1 -j ACCEPT --proto 94 iptables -I FORWARD 1 -j ACCEPT --proto 4 iptables -I FORWARD 1 -j ACCEPT --proto 94 # Create a policy to encap forward to your host... ip rule add from 44/8 pref 1 table 1 # Now let's set the routing accordingly... ip route add 44/8 via 69.12.138.16 dev tunl0 onlink src 44.4.10.40 ip route add default via 69.12.138.16 dev tunl0 onlink table 1
Protocol 4 is included, so what's the problem with it? Considering it's a suggestion ONLY output which allows one to copy and paste with a mouse, and it does not control a remote mouse. What the system administrator picks and chooses from it is their responsibility.