GRE TUNNEL

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

GRE TUNNEL

Postby cth » Sat Apr 22, 2017 1:22 am

I dug myself a gre tunnel between two grsec-linux kernels. The gre packets are reaching both machines, but they can't ping or do anything else via the tunnel. Same setup works fine on two non grsec kernels, so I'm guessing there is some specific sysctl option or something similar I have to change to make it work.

For the doubting crowd: I've had everything I did checked by both the #archlinux and the #netfilter guys. It should work, but somehow it doesn't. And as I said I did exactly the same steps on two non grsec machines and there it worked right away.

If anyone has any idea I'd be delighted, obviously. I've been sitting over this for about seven hours now. The fun of tinkering around left me at about a quarter of that time frame. Please help.
cth
 
Posts: 2
Joined: Sat Apr 22, 2017 1:15 am

Re: GRE TUNNEL

Postby spender » Fri Apr 28, 2017 8:38 am

echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
echo 1 > /proc/sys/net/ipv4/conf/all/accept_redirects

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm

Re: GRE TUNNEL

Postby cth » Fri Apr 28, 2017 9:30 am

Thanks a bunch.
cth
 
Posts: 2
Joined: Sat Apr 22, 2017 1:15 am


Return to grsecurity support