[Openswan dev] disabling compression?
paul at xtdnet.nl
Mon Feb 9 16:33:15 CET 2004
>From the manpage:
compress whether IPComp compression of content is proposed on the
connection (link-level compression does not work on
encrypted data, so to be effective, compression must be
done before encryption); acceptable values are yes and no
(the default). The two ends need not agree. A value of
yes causes IPsec to propose both compressed and uncom-
pressed, and prefer compressed. A value of no prevents
IPsec from proposing compression; a proposal to compress
will still be accepted.
I have a feelings some things might be breaking because the IPCOMP from the 2.6
native stack (26sec) is not compatible with how KLIPS implements it.
Is there a way of completely disabling this with KLIPS, even if the other end
proposes this? If so, the docs need to be fixed. If not, consider it a
As a workaround, I'll compile without IPSEC_COMP, changed in
./linux/net/ipsec/defconfig. (I assume this is the right place, since we no
longer patch /usr/src/linux/.config)
More information about the Dev