[Openswan dev] Openswan on uClinux

David McCullough David_Mccullough at securecomputing.com
Sat Dec 15 05:37:42 EST 2007

Jivin aparna.dutta lays it down ...
> We have an RTSP server application running on the ADI Blackfin DSP processor
> BF561, using VDK (Visual DSP Kit) as the operating system, and Lwip for the
> TCP/IP stack. We are able to transfer data successfully over the internet
> Now we need to add VPN/IPSec to the same setup to make the data-transfer
> secure.
> We have already been able to install Openswan IPSec and setup a tunnel
> between 2 linux machines.

Thats a good start :-)

> 1.	Can we follow the same procedure to install openswan and setup a
> tunnel over uCLinux ?

Sort of.

You can follow the same procedure exactly,  but getting the support
under uClinux to do that may take a little more work.

If you want to use the "ipsec ..." scripts you will need quite a few
complex tools and a good shell to get the scripts to run.

Also,  openswan (AFAIK) has never been run on uClinux.  The Freeswan
version in the uClinux-dist has been used under uClinux.

You will need to clean up any "fork" code in openswan as a minimum.

> 2.	How would our embedded application communicate with the IPsec module
> while sending and receiving data? Are there any APIs to get a handle to the
> IPSec module from our application? 

Use the "whack" command to get information from the IKE daemon (pluto).
Other than that,  not sure what kind of info you want.  There are ways
to get most information without writing any fancy new code,


David McCullough,  david_mccullough at securecomputing.com,   Ph:+61 734352815
Secure Computing - SnapGear  http://www.uCdot.org http://www.cyberguard.com

More information about the Dev mailing list