From owner-freebsd-security Sun Apr 1 16:11:13 2001 Delivered-To: freebsd-security@freebsd.org Received: from nameserver.austclear.com.au (nameserver.austclear.com.au [192.83.119.132]) by hub.freebsd.org (Postfix) with ESMTP id 4E0B637B719 for ; Sun, 1 Apr 2001 16:11:09 -0700 (PDT) (envelope-from ahl@austclear.com.au) Received: from tungsten.austclear.com.au (tungsten.austclear.com.au [192.168.70.1]) by nameserver.austclear.com.au (8.9.3/8.9.3) with ESMTP id JAA82379; Mon, 2 Apr 2001 09:11:08 +1000 (EST) Received: from tungsten (tungsten [192.168.70.1]) by tungsten.austclear.com.au (8.9.3/8.9.3) with ESMTP id JAA00720; Mon, 2 Apr 2001 09:11:08 +1000 (EST) Message-Id: <200104012311.JAA00720@tungsten.austclear.com.au> X-Mailer: exmh version 2.1.1 10/15/1999 To: "Ian Cartwright" Cc: freebsd-security@FreeBSD.ORG Subject: Re: IPSec VPN Client behind Firewall In-Reply-To: Message from "Ian Cartwright" of "Sun, 01 Apr 2001 13:25:39 MST." Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 02 Apr 2001 09:11:08 +1000 From: Tony Landells Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org ian351c@home.com said: > Dave (the author of this patch) apparently has written an IPSec proxy > module for ipfilter. Is there any way to incorporate this code into > ipfw, which (if my understanding is correct, a small but real > possibility ;-) is based on ipfilter source? If so, would this be the > forum to put this request to? I am tempted to try to hack this in > myself, but I don't understand how (if?) the ipfilter code relates to > the ipfw code in the source tree. Ipfilter and ipfw are related in much the same way as Fortran and C (read "they're not"). However, as ipfilter is supported on FreeBSD you could quite happily change from ipfw to ipfilter and then apply the patches. Note that this will also require changing your NAT daemon as well. Both packages are excellent, so don't be concerned about losing out in some way by switching. Cheers, Tony -- Tony Landells Senior Network Engineer Ph: +61 3 9677 9319 Australian Clearing Services Pty Ltd Fax: +61 3 9677 9355 Level 4, Rialto North Tower 525 Collins Street Melbourne VIC 3000 Australia To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message