IPSEC documentation
VANHULLEBUS Yvan
vanhu_bsd at zeninc.net
Fri Jan 20 14:21:27 PST 2006
On Fri, Jan 20, 2006 at 09:53:33PM +0000, Brian Candler wrote:
> > On Thu, Dec 29, 2005 at 09:50:47AM +0300, Alexey Popov wrote:
> > > If we would also have NAT-T support, FreeBSD would be the best choice
> > > of VPN concentrator.
>
> I just saw this patch posted on the ipsec-tools-devel list:
> http://ipsec-tools.sf.net/freebsd6-natt.diff
I already posted the URL of this patch here some months ago, it's
integration is being discussed with various people (and I never took
time to send a PR).
There are still some things to do from this patch, including sync with
NetBSD recent features, NAT-T support for FAST_IPSEC, and provide a
cleaner to help racoon's configure guess if there is kernel NAT-T
support.
I won't have time to work on that before next month.
> It's for FreeBSD 6 but also seems to apply cleanly to 5.4, apart from one
> file which I think needs this instead:
I first ported FreeBSD 4's patch to FreeBSD 5, then I ported it to
FreeBSD 6, and fixed some various things. FreeBSD5 to FreeBSD6 was
really more a cleanup and a rediff (lines numbers changed, etc...)
than a "port".
Except the indentation changes you reported (introduced between
FreeBSD6-RELEASE and FreeBSD6-STABLE), it should work without problems
on FreeBSD5, but I don't really want to maintain a separate FreeBSD5
patch, unless there is really some important needs for it !
Yvan.
--
NETASQ - Secure Internet Connectivity
http://www.netasq.com
More information about the freebsd-net
mailing list