On Wed, 2012-08-08 at 16:15 +0200, Jan Engelhardt wrote: <snip> > You can probably even use IPsec without StrongSWAN, if you manage to > knit together the pieces using `ip xfrm state` and `ip xfrm policy`. > I guess i'm not clarifying my issue transparently. The client device is far from linux or POSIX etc. Its ip stack does not have IPSEC either. And its a vendor locked thing. We can install userland stuff. nothing else. And to if i'm not wrong ,to enable IPSEC, we need to first port it to the client machine. And its not possible and not feasible. We just want to encrypt the UDP traffic. > > >Just for an example, we used tls for only the initial session > >establishment, not the original data, and it proved very inefficient so > >we had to abandon the thing completely. > > So perhaps you did something really wrong? Not actually, we did standard stuff. But the the poor and brain dead processor could not handle it. The speed is ok if you want to surf web, but its inadequate for real time data. Again i'm talking about a retard processor with retard amount of memory. -- Cheers aft aftnix@xxxxxxxxx -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
