[Shorewall-users] New style ipsec tunnels in Linux 2.6

Tom Eastep teastep at shorewall.net
Thu Dec 11 19:12:07 PST 2003


On Thu, 11 Dec 2003, Fraser Campbell wrote:

> I am experimenting with the ipsec support built into the linux 2.6 kernel 
> (using a backport of the 2.6 ipsec stack to 2.4.22).  The vpn side of things 
> is working fine but I'm having some problems with shorewall since this ipsec 
> implementation doesn't use a dedicated device for decrypted traffic (i.e. 
> ipsec0 or tun0).
> 

A couple of thoughts:

a) Those who choose to lead the way should lead -- you are running a 2.6 
kernel so you should be telling the rest of us about problem *solutions*.

b) We've visited this problem already in the last couple of weeks -- 
please check the archives.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net



More information about the Shorewall-users mailing list