Differences between version 3 and predecessor to the previous major change of FreeSwan.
Other diffs: Previous Revision, Previous Author, or view the Annotated Edit History
| Newer page: | version 3 | Last edited on Monday, October 17, 2005 9:50:22 am | by CraigBox | Revert |
| Older page: | version 2 | Last edited on Monday, November 3, 2003 3:43:18 pm | by CraigBox | Revert |
@@ -1,11 +1,21 @@
-[IPSec
] on
[IPv4
] on
[Linux] 2.4
.
+[FreeS/WAN|http://www.freeswan.org/
], for
[Free
] Secure Wide Area Network, was the first project bringing IPSec to
[Linux].
-See http://vpn
.ebootis
.de/ for Windows interconnection information
.
+The program was initially written to reach the goal of OpportunisticEncryption by first "securing 5% of the Internet traffic against passive wiretapping in 1996 ~[
..] we can secure 20% the next year, against both active and passive attacks; and 80% the following year
. Soon the whole Internet will be private and secure."
-!!FreeSwan Notes:
+As the method they used was a general purpose [IPSec] daemon, it became far more popular for [VPN] tunnels across public networks such as the Internet.
+Unfortunately, come 2004, the 5% goal wasn't even reached, and so the project stopped. A fork called OpenSwan took up the code from where it left off.
+
+FreeS/WAN uses [KLIPS] (Kernel Level IP Security), which was ported to the 2.6 kernel as of the final 2.06 release. OpenS/WAN can also use the new [26sec] implementation.
+
+!! ~FreeS/WAN Notes
+
+<pre>
Starting FreeS/WAN IPsec U2.01/K1.96...
/usr/lib/ipsec/eroute: pfkey write failed, returning -1 with errno=22.
Invalid argument, check kernel log messages for specifics.
+</pre>
+
+pfkey has changed between 1.96 and 2.x - upgrade your kernel IPSEC support to 2.x or higher.
-pfkey has changed between 1
.96 and 2
.x - upgrade your kernel IPSEC support to 2
.x or higher
+* See http://vpn
.ebootis
.de/ for Windows interconnection information
.
