[Openswan Users] What about the policy database ?
J. W. Andersen
jwa at fasytek.dk
Sat Nov 29 15:40:01 EST 2008
This is related to the ongoing discussion about the need to use KLIPS
instead of NETKEY, in order to make a proper firewall setup on the
box where Openswan is running.
According to what I was able to retrieve from the net, there are (at least)
2 ways to achieve the above - either KLIPS, enabling the IPSECx
interface, or the Security Policy Database.
Here it starts to get serious. I have been searching for days now to find
some documentation about the Security Policy Database (SPD), but
with precious little luck. I found one example from Paul Hampson, but
I only achieved to block any trafic in and out on the gateway. Obviously
I got something very wrong.
Can anyone direct me to a source of information on this subject ?
Successful coding examples from other users are also most welcome.
Any assistance is very much appreciated.
--
Regards
Joern
More information about the Users
mailing list