[Openswan Users] What about the policy database ?

J. W. Andersen jwa at fasytek.dk
Sat Nov 29 15:40:01 EST 2008


This is related to the ongoing discussion about the need to use KLIPS
instead of NETKEY, in order to make a proper firewall setup on the
box where Openswan is running.

According to what I was able to retrieve from the net, there are (at least)
2 ways to achieve the above - either KLIPS, enabling the IPSECx
interface, or the Security Policy Database.

Here it starts to get serious. I have been searching for days now to find
some documentation about the  Security Policy Database (SPD), but
with precious little luck. I found one example from Paul Hampson, but
I only achieved to block any trafic in and out on the gateway. Obviously
I got something very wrong.

Can anyone direct me to a source of information on this subject ?
Successful coding examples from other users are also most welcome.
Any assistance is very much appreciated.

-- 
Regards

Joern



More information about the Users mailing list