When I set up IPSec tunnels, I need to filter the virtual interfaces (we
want the security of IPSec VPN tunnels, but don't nessecarily want to grant
access to the entire network and all ports without restriction...
Can I add normal "reject all" type rules to those interfaces or will that
break the IPSec setup process somehow?