From owner-freebsd-security Sun Oct 13 11:46:14 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id LAA00329 for security-outgoing; Sun, 13 Oct 1996 11:46:14 -0700 (PDT) Received: from cs.pdx.edu (root@cs.pdx.edu [204.203.64.22]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id LAA00324 for ; Sun, 13 Oct 1996 11:46:12 -0700 (PDT) Received: from sirius.cs.pdx.edu (root@sirius.cs.pdx.edu [204.203.64.13]) by cs.pdx.edu (8.7.5/CATastrophe-2/10/96-P) with ESMTP id LAA16661; Sun, 13 Oct 1996 11:46:11 -0700 (PDT) for Received: from localhost (jrb@localhost [127.0.0.1]) by sirius.cs.pdx.edu (8.7.5/CATastrophe-9/18/94-C) with ESMTP id LAA24537; Sun, 13 Oct 1996 11:46:09 -0700 (PDT) Message-Id: <199610131846.LAA24537@sirius.cs.pdx.edu> To: fyeung@fyeung8.netific.com (Francis Yeung) cc: security@freebsd.org Subject: Re: IPSec on FreeBSD In-reply-to: Your message of "Sat, 12 Oct 1996 10:59:33 PDT." <9610121759.AA18441@fyeung8.netific.com> Date: Sun, 13 Oct 1996 11:46:09 -0700 From: Jim Binkley Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Your message <9610121759.AA18441@fyeung8.netific.com>: > >Greetings, > > Has anyone ported the NetBSD's IPSec code to FreeBSD ? > > Thx. > > Fran We have taken the code from last june and very painfully ported ONLY the IPSEC part into FreeBSD 2.1R. It is non-trivial to do this (understatement of the century). The NRL release wants you to make both their version of IPv6/IPSEC at the same time, and we don't want or care about IPv6. So what we have is IPv4/IPSEC. (The IPv6 stuff requires even more munges to IPv4, than just IPSEC/IPv4). Also their ipsec stuff is socket based. We have done minimal testing of the socket tied-in code and are beginning to test it in a bigger way. We are also tying the NRL ipsec stuff to routing as that is what we really want (VPNs). If you have any interest, I suggest private email. regards, Jim Binkley jrb@cs.pdx.edu