Home
Main website
Display Sidebar
Hide Ads
Recent Changes
View Source:
KLIPS
Edit
PageHistory
Diff
Info
LikePages
KLIPS is an [Acronym] for __K__ernel __L__ayer [IP] __S__ecurity. It is the kernel portion of the [FreeSwan] project, and is available for kernels from 2.0 -> 2.6. It has never been part of the mainline kernel, mostly because the FreeS/WAN developer was worried about US export restrictions on [Cryptography] and as such never allowed it to be worked on by US developers. David Miller developed [26sec] to replace it and it is in the mainline 2.6 kernels. The main difference you will see between the two implementations is that KLIPS provides an ipsecN interface where 26sec does not. KLIPS is also much older and mature code. !!KLIPS Notes If you're using Debian, you can download __openswan-modules-source__ or freeswan-modules-source to get the source for the modules, which you can build against your kernel without rebuilding the entire thing, unless you need [NAT] traversal (IPsec over [UDP] port 4500). [NAT] traversal requires a small kernel patch, and it (and the modules source) is in the package __kernel-patch-openswan__. To do either, you need full kernel source (headers are not enough). This is all very clearly documented in ''/usr/share/doc/openswan-modules-source/README.Debian.gz''. ---- CategorySecurity
3 pages link to
KLIPS
:
FreeSwan
OpenSwan
StrongSwan
