[Openswan Users] MODVERSIONS & interfaces

Carlos G Mendioroz tron at huapi.ba.ar
Wed Oct 6 07:49:32 CEST 2004

thanks for quick answer.
Regarding flow/routes, I'm not trying to get rid of them, just to 
understand them.
I know about the theory on ipsec, but not on how it is implemented in 
openswan, so knowing how/where you apply filters to decide on passing on 
the clear or securing the traffic would help me "get the picture" and 
design security (rest of it). Any idea of the name or place of such 
diagram ?

Thanks again,

Paul Wouters wrote:
> On Tue, 5 Oct 2004, Carlos G Mendioroz wrote:
>> I've just downloaded 2.2.0 to try some stuff.
>> In so doing I run into a problem, that seems to be caused by the 
>> ipsec.o Makefile (.../linux/net/ipsec/Makefile) assuming kernel is 
>> compiled with MODVERSIONS.
>> (Mine is not because a hardware provider provides drivers w/o them :-()
> This is a known bug, and Michael is fixing this in CVS.
>> On another track, is there a doc or some place to read info on the 
>> flow packets take throw interfaces ? I'm trying to understand what 
>> rules (iptables) should be changed and how when implementing ipsec.
> There is a diagram of this floating around somewhere, either on 
> sandelman or
> freeswan.ca.
>> Some info on routing would be helpful too! I noticed some split 
>> default tricks on some configs (route to and to 
>> ipsec0) and would like to understand them...
> That is Opportunistic Encryption. Just include 
> /etc/ipsec.d/examples/no_oe.conf
> in /etc/ipsec.conf if you don't want that.
> Paul

Carlos G Mendioroz  <tron at huapi.ba.ar>  LW7 EQI  Argentina

More information about the Users mailing list