26sec is the name for the IPSec implementation in the Linux 2.6 kernel. It is also known as "NET_KEY" (it's name in .config).
26sec does away with the KLIPS system of having an ipsec0 device to route traffic over and firewall on. Shorewall have some patches to netfilter for matching IPSec traffic using the 26sec API.
There are two sets of userspace tools (and several forks of one of them!) you can use with 26sec: