From owner-freebsd-security@FreeBSD.ORG  Fri Oct  5 11:46:13 2007
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 37C7116A418
	for <freebsd-security@freebsd.org>;
	Fri,  5 Oct 2007 11:46:13 +0000 (UTC)
	(envelope-from rea-fbsd@codelabs.ru)
Received: from pobox.codelabs.ru (pobox.codelabs.ru [144.206.177.45])
	by mx1.freebsd.org (Postfix) with ESMTP id D297113C467
	for <freebsd-security@freebsd.org>;
	Fri,  5 Oct 2007 11:46:12 +0000 (UTC)
	(envelope-from rea-fbsd@codelabs.ru)
DomainKey-Signature: a=rsa-sha1; q=dns; c=simple; s=one; d=codelabs.ru;
	h=Received:Date:From:To:Cc:Message-ID:References:MIME-Version:Content-Type:Content-Disposition:In-Reply-To:Sender:X-Spam-Status:Subject;
	b=NbdikSJzlKVes1Rgg5+rQcKBnu8oeN4141Ni8xGXxFg5LtPFtgRJdhR7VZ4/vT1lHJcrws1bZ9IAT+Y2U1wXJct+auc/ZWYP9rRgz53CH8Urw7awW6cDE4wse+hfH1MNF24bukJ9HsvVz4fsyHM+xck4/ekDZPNqCJ0lHAbHx88=;
Received: from void.codelabs.ru (void.codelabs.ru [144.206.177.25])
	by pobox.codelabs.ru with esmtpsa (TLSv1:AES256-SHA:256)
	id 1IdldC-0009cF-5P; Fri, 05 Oct 2007 15:46:10 +0400
Date: Fri, 5 Oct 2007 15:46:05 +0400
From: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
To: Bubble Reading <bubblereading@gmail.com>
Message-ID: <20071005114605.GP971@void.codelabs.ru>
References: <a65132710710050251k46c049a4u73f7364be544c8f7@mail.gmail.com>
	<20071005101720.GI971@void.codelabs.ru>
	<a65132710710050426i4665f802re8542e31c8d90800@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
In-Reply-To: <a65132710710050426i4665f802re8542e31c8d90800@mail.gmail.com>
Sender: rea-fbsd@codelabs.ru
X-Spam-Status: No, score=-2.2 required=4.0 tests=ALL_TRUSTED,AWL,BAYES_20
Cc: freebsd-security@freebsd.org
Subject: Re: FastIPSec and OCF
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Oct 2007 11:46:13 -0000

Fri, Oct 05, 2007 at 12:26:15PM +0100, Bubble Reading wrote:
> Can I use Fast-IPSec as a tool to run a crypto command ?

If you mean by 'Fast-IPSec' the implementation of the IPSec made
by George Neville-Neil (used to be FAST_IPSEC, but in the 7-CURRENT
old KAME stack was thrown away, so now it is named just IPSEC),
then no, it is the kernel-level implementation of the IPSEC protocol.

But maybe you will be interested in the setkey utility and the
ipsec_set_policy manual page.  And the FreeBSD Handbook IPSec section,
    http://www.freebsd.org/doc/en/books/handbook/ipsec.html
is worth to be read too.
-- 
Eygene