IPv6 + AH + ESP
Tue, 08 Feb 2000 17:41:48 +0100
"Michael H. Warfield" wrote:
> On Mon, Feb 07, 2000 at 12:52:12PM +0100, Gerhard Gessler wrote:
> > Hi all,
> > I would like to know whether somebody is working on integrating AH and
> > ESP into the IPv6 networking part of Linux. Is this possible via a
> > netfilter module? Are there already plans / actions to do this?
> Could you refine that question a bit?
Sorry for being too vague.
> Are you asking if someone is doing IPSec (AH and ESP) on IPv6?
> Then the answer is definitely yes. This is being done as part of the
> FreeSwan project <www.freeswan.org>. As far as doing it via the netfilter
> module... It's not being done that way at this time. I believe, however,
> that they are intending to migrate the KLIPS (Kernel Level IPSec code)
> to using some of the netfilter hooks in the future.
My intention was to find people who are integrating AH and ESP (for
IPv6) via a netfilter module. I know that the FreeSwan project intends
to replace KLIPS with netfilter (sometimes in the future).
The background of my question is that I may know somebody who would like
to this (AH + ESP via netfilter based on a dummy SA database or SA
database from FreeSwan) in a diploma thesis. But before that I need to
know if somebody is already working on this topic (it is not good if he
would start with this and e.g. in 2 months someone else presents running
code, the professors in Germany donīt like this).
So, please conntact me,