Date: Mon, 02 Apr 2001 09:11:08 +1000 From: Tony Landells <ahl@austclear.com.au> To: "Ian Cartwright" <ian351c@home.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: IPSec VPN Client behind Firewall Message-ID: <200104012311.JAA00720@tungsten.austclear.com.au> In-Reply-To: Message from "Ian Cartwright" <ian351c@home.com> of "Sun, 01 Apr 2001 13:25:39 MST." <FCEJJHIBHGNJPCHBDMACEEBDCAAA.ian351c@home.com>
next in thread | previous in thread | raw e-mail | index | archive | help
ian351c@home.com said: > Dave (the author of this patch) apparently has written an IPSec proxy > module for ipfilter. Is there any way to incorporate this code into > ipfw, which (if my understanding is correct, a small but real > possibility ;-) is based on ipfilter source? If so, would this be the > forum to put this request to? I am tempted to try to hack this in > myself, but I don't understand how (if?) the ipfilter code relates to > the ipfw code in the source tree. Ipfilter and ipfw are related in much the same way as Fortran and C (read "they're not"). However, as ipfilter is supported on FreeBSD you could quite happily change from ipfw to ipfilter and then apply the patches. Note that this will also require changing your NAT daemon as well. Both packages are excellent, so don't be concerned about losing out in some way by switching. Cheers, Tony -- Tony Landells <ahl@austclear.com.au> Senior Network Engineer Ph: +61 3 9677 9319 Australian Clearing Services Pty Ltd Fax: +61 3 9677 9355 Level 4, Rialto North Tower 525 Collins Street Melbourne VIC 3000 Australia To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200104012311.JAA00720>