Re: [44net] How to make traffic coming in on the tunnel interface get answered from that interface?

On 27-12-14 12:00, Marius Petrescu wrote: Right. the firewall was the problem. I had gone over the firewall script over and over again, to look for the problem. Couldn't find a problem. I was convinced that the problem must be somewhere else, e.g. creation of the tunnel interface, of a kernel thing, or whatever. I did not dare completely disabling the firewall because the server is doing a lot of other things apart from being the ampr Gw. But when I finally disabled the firewall anyway, and everything related to the tunnel worked. The INPUT policy was set to DROP and I already had these 2 lines in the firewall script: /usr/sbin/iptables -A INPUT -p ipip -j ACCEPT /usr/sbin/iptables -A INPUT -p udp --dport 520 -j ACCEPT But apparently that was not enough. It all worked after adding this two lines also. /usr/sbin/iptables -A INPUT -s 169.228.66.251 -j ACCEPT # amprgw.sysnet.ucsd.edu /usr/sbin/iptables -A INPUT -s 213.222.29.194 -j ACCEPT # gw-44-137-ext.ampr.org It really helps to have this mailinglist. Of course because of the responses, but it also helps to yourself to get your thoughts straight while describing the problem. Thanks Marius and others for all your help. 73 PE1ICQ //Arno