hello! On Wed, 2002-04-24 at 00:17, Tobias Ringstrom wrote: > A little bit off-topic perhaps, but I'd like to congratulate you all on an > extremely useable piece of software! When I decicided to make a > light-weight IPsec tunnel implementation some time ago I decided very > early on to use your CryptoAPI, and found it really easy to use. > > I now have a version of my IPsec tunnel implementation that seems to work > just fine, and I think it's time to let you guys have a peek at it. You > can find the code and a first stab at actual documentation at > > http://ringstrom.mine.nu/ipsec_tunnel/ > > Please remeber that this is an early version, and I do not guarantee > anything. It does seem to interoperate with OpenBSD's IPsec though, and I > have been using it for several weeks myself. > > And yes, I've heard about FreeS/WAN... :-) > > I'm interested in any comments or questions! I decided to CC this reply to the lkml, since IMO more people should know about this implementation of yours. I've taken a quick look at your webpage and the source code itself... one thing I saw is, that your implementation doesn't require any modification to the main kernel -- i.e. no patching required -- it's a plugin... just like CIPE... (which btw uses cryptoapi as well in its latest code base) (thus you don't even need to reboot your system in order to enable lightweight IPSEC in your kernel...) -- this fits well with the cryptoapi, which can add modular crypto support without needing to patch or reboot your kernel... I think, some people will like this lightweight IPSEC/IPv4 implementation, since it doesn't have the eroute/route-filtering facility of frees/wan... on the other hand, it's not a complete IPSEC implementation (yet)... it only implements ESP for tunneling purposes, and lacks AH and IKE.... and frees/wan offers some advanced features like compression and icmp handling, which ipsec_tunnel may still lack... regards, -- Herbert Valerio Riedel / Phone: (EUROPE) +43-1-58801-18840 Email: hvr@hvrlab.org / Finger hvr@gnu.org for GnuPG Public Key GnuPG Key Fingerprint: 7BB9 2D6C D485 CE64 4748 5F65 4981 E064 883F 4142
Attachment:
signature.asc
Description: This is a digitally signed message part