[Openswan dev] Re: [Users] FreeSWAN on SuSE Linux and FreeBSD
with racoon interoperate.
Michael Richardson
mcr at sandelman.ottawa.on.ca
Thu Feb 26 18:27:23 CET 2004
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Alexander" == Alexander Rusinov <alru at dreamtime.net> writes:
>> really requires a recompile. I have a hunch that the compression
>> between KAME-like stacks and KLIPS do not interop. (And I think
>> Michael concluded earlier that this is a KAME bug)
Yes, if 26sec is operating in such a way as to accept the packets that
it creates, then it is likely that is possible for one client to forge
packets coming from another.
Alexander> Can you, please, give a clue, how to turn this off on
Alexander> SuSE linux? I didn't find CONFIG_IPSEC_IPCOMP in original
Alexander> SuSE kernel source. I've downloaded source RPM for
Alexander> FreeSWAN from here:
Fixing pluto never to permit negotiation of IPCOMP ought to be enough.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[
] mcr at xelerance.com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys
iQCVAwUBQD6A2YqHRg3pndX9AQGrugQAg5uU8+RDBTUDy8ZSsFfTwJB8zqTR2rMt
HH5k9veoTQlmd3cvU+yGXBjvvxFGa6p2+meXLZ0iUVqenPSJIkkIcr5lW3cq/GGl
4Zhu1dAHHFn715VqCQn0AAMlQ5bbb5LzE+r0hNhECeFvmlRx+ZyRSePSm6nffEhD
fSwXta6ItIU=
=reCV
-----END PGP SIGNATURE-----
More information about the Dev
mailing list