On Wednesday 29 May 2002 8:12 pm, Jorge Sarmiento wrote: > > This is a PREROUTING rule, not a FORWARDING rule. > > > > You need to make sure you are FORWARDING protocol 47 (GRE) through your > > firewall. This is not port 47, this is not TCP, this is not UDP, this > > is a different *protocol* number. > > > > You want something like: > > > > iptables -A FORWARD -p 47 -j ACCEPT > > Could that be done also with ebtables???
I don't think so. I've never used ebtables, however I believe it is like iptables but for the ethernet layer instead of the IP layer. GRE is an IP protocol, in the same way as TCP or UDP are, therefore you couldn't forward it at the ethernet layer - you need to strip off the IP header before you know it's GRE inside. Hope this makes sense. Antony
