Penguin

FreeS/WAN, for Free Secure Wide Area Network, was the first project bringing IPSec to Linux.

The program was initially written to reach the goal of OpportunisticEncryption by first "securing 5% of the Internet traffic against passive wiretapping in 1996 [..] we can secure 20% the next year, against both active and passive attacks; and 80% the following year. Soon the whole Internet will be private and secure."

As the method they used was a general purpose IPSec daemon, it became far more popular for VPN tunnels across public networks such as the Internet.

Unfortunately, come 2004, the 5% goal wasn't even reached, and so the project stopped. Two forks called OpenSwan and StrongSwan took up the code from where it left off.

FreeS/WAN's own kernel IPsec implementation is called KLIPS, which was ported to the 2.6 kernel as part of the final 2.06 release. FreeS/WAN and derivatives can also use the new 26sec implementation.

FreeS/WAN Notes

 Starting FreeS/WAN IPsec U2.01/K1.96...
 /usr/lib/ipsec/eroute: pfkey write failed, returning -1 with errno=22.
 Invalid argument, check kernel log messages for specifics.

pfkey has changed between 1.96 and 2.x - upgrade your kernel IPSEC support to 2.x or higher.