I am looking at the IPSec-based labeled networking. BTW. I will be at the Tresys Advanced Policy course next week. Is any of this covered there? Thanks, On Wed, Apr 22, 2009 at 6:21 PM, Chad Sellers <csellers@xxxxxxxxxx> wrote: > Josh's article talks about IPSec labeled networking (as well as using > SECMARK which provides firewall-level networking controls), as opposed to > Netlabel labeled networking. I played with the IPSec-based stuff in Fedora 9 > and everything was there, so I'd imagine it's still there in F10. Just make > sure you install ipsec-tools. > > Chad Sellers > > > On 4/22/09 7:26 AM, "Mark Webb" <elihusmails@xxxxxxxxx> wrote: > >> I am interested in experimenting with the labeled networking that SE >> Linux offers. I am reading through Josh Brindle's blog >> >> http://securityblog.org/brindle/2007/05/28/secure-networking-with-selinux/ >> >> My question is, how do I know if my kernel is capable of supporting >> this? I am currently running Fedora 10 with all the latest updates >> but not sure how to check. >> >> Also if I compile a kernel from source, is there anything that needs >> to be done in the configuring of the kernel build to enable the >> labeled networking? >> >> Thanks, >> Mark >> >> -- >> This message was distributed to subscribers of the selinux mailing list. >> If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with >> the words "unsubscribe selinux" without quotes as the message. > > -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
