Annotated edit history of
KLIPS version 4, including all changes.
View license author blame.
| Rev |
Author |
# |
Line |
| 1 |
CraigBox |
1 |
KLIPS is an [Acronym] for __K__ernel __L__ayer [IP] __S__ecurity. |
| |
|
2 |
|
| |
|
3 |
It is the kernel portion of the [FreeSwan] project, and is available for kernels from 2.0 -> 2.6. |
| |
|
4 |
|
| |
|
5 |
It has never been part of the mainline kernel, mostly because the FreeS/WAN developer was worried about US export restrictions on [Cryptography] and as such never allowed it to be worked on by US developers. David Miller developed [26sec] to replace it and it is in the mainline 2.6 kernels. |
| |
|
6 |
|
| 4 |
CraigBox |
7 |
The main difference you will see between the two implementations is that KLIPS provides an ipsecN interface where 26sec does not. KLIPS is also much older and mature code. |
| |
|
8 |
|
| |
|
9 |
!!KLIPS Notes |
| |
|
10 |
|
| |
|
11 |
If you're using Debian, you can download __openswan-modules-source__ or freeswan-modules-source to get the source for the modules, which you can build against your kernel without rebuilding the entire thing, unless you need [NAT] traversal (IPsec over [UDP] port 4500). [NAT] traversal requires a small kernel patch, and it (and the modules source) is in the package __kernel-patch-openswan__. To do either, you need full kernel source (headers are not enough). This is all very clearly documented in ''/usr/share/doc/openswan-modules-source/README.Debian.gz''. |
| 1 |
CraigBox |
12 |
|
| |
|
13 |
---- |
| |
|
14 |
CategorySecurity |
