On Mon, 1 Mar 2004, Mike Noyes wrote: > Everyone, > Here is some relevant news. Can someone take a look at packaging KAME? > > http://www.freeswan.org/ending_letter.html > After more than five years of active development, the FreeS/WAN > project will be coming to an end. > > KAME Project > http://www.kame.net/ >
I fear that Linux IPSEC support is in chaos. The move to support OE in the way advocated by the FreeeS/Wan project resulted in an absurd gateway routing table and rendered Proxy ARP incompatible with FreeS/Wan. The 2.6 kernel implementation of IPSEC threw out the baby with the bath water. - Netfilter is totally broken with respect to IPSEC. - While it makes OE work reasonably, it makes IPSEC tunneling totally different from any other Linux-based tunnel. While there is work going on in the Netfilter project to correct the first problem, the second seems to be here to stay. As things currently stand, Shorewall will have minimal support for IPSEC tunnels under the 2.6 kernels. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] ------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
