Re: [leaf-devel] FreeS/WAN news

Tue, 02 Mar 2004 02:33:17 -0800 

Tom

At 19:08 01.03.2004 -0800, Tom Eastep wrote:
>On Mon, 1 Mar 2004, Mike Noyes wrote:
>
>> Everyone,
>> Here is some relevant news. Can someone take a look at packaging KAME?
>>
>> http://www.freeswan.org/ending_letter.html
>>         After more than five years of active development, the FreeS/WAN
>>         project will be coming to an end.
>>
>> KAME Project
>> http://www.kame.net/
>>
>
>I fear that Linux IPSEC support is in chaos. The move to support OE in the
>way advocated by the FreeeS/Wan project resulted in an absurd gateway
>routing table and rendered Proxy ARP incompatible with FreeS/Wan.
>
>The 2.6 kernel implementation of IPSEC threw out the baby with the
>bath water.

Are you referring to the native 2.6 IPSEC implementation?


>- Netfilter is totally broken with respect to IPSEC.
>- While it makes OE work reasonably, it makes IPSEC tunneling totally
>different from any other Linux-based tunnel.

Even when OE is disabled? I never considered it to be _that_ important. Possibly 
because it is difficult to get a FQDN in Europe nowadays.


>While there is work going on in the Netfilter project to correct the first
>problem, the second seems to be here to stay.
>
>As things currently stand, Shorewall will have minimal support for IPSEC
>tunnels under the 2.6 kernels.

Considering the current 2.4 LEAF distribution (which I doubt will move to 2.6 in a 
short timeframe) would it be most reasonable to go with openswan 1.0?

Thanks 

Erich 

THINK 
Püntenstrasse 39 
8143 Stallikon 
mailto:[EMAIL PROTECTED] 
PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16




-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id56&alloc_id438&op=click

_______________________________________________
leaf-devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-devel

Reply via email to