[Openswan Users] Status of NAT-T

David McCullough David_Mccullough at securecomputing.com
Tue Jan 13 18:38:48 EST 2009

Jivin Paul Wouters lays it down ...
> On Tue, 13 Jan 2009, David McCullough wrote:
> > Either way.  if there are no better ideas I can generate a linux-2.6.26
> > patch for use with openswan-2.6.20dr2 (and some earlier ones) without
> > too much problem.
> That would be nice.

Ok, here is what I amusing,  but it isn't going to work out of the box
for anyone else.

I am not sure how openswan normally does the Kconfig and build system
updates,  so the very first part of the patch for linux/net/Kconfig
will almost certainly be wrong.

The rest will be OK I think.  This patch is against vanilla linux-2.6.26.
I am fairly sure a different patch is needed for older kernels (and I
probably have those if needed).

> Also, people might want to test this patch, which still needs some work, but
> will remove the need to patch udp.c on recent kernels:
> ftp://ftp.openswan.org/openswan/testing/nat-t/

Any idea what work it still needed or is it pretty much expected to work ?


David McCullough,  david_mccullough at securecomputing.com,   Ph:+61 734352815
Secure Computing - SnapGear  http://www.uCdot.org   http://www.snapgear.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openswan-2.6.20dr2-nat-t.patch
Type: text/x-diff
Size: 7287 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/users/attachments/20090114/0b3120c8/attachment.bin 

More information about the Users mailing list