Hi Ganesan, rganesan@debian.org wrote:
Hi, I have taken over as maintainer of ipsec-tools. I'll be soon uploading ipsec-tools 0.5rc2 to unstable, skipping version 0.4 (0.3.3 is the latest version in Debian). I would really like to get 0.5 into sarge because there have been many enhancements to ipsec-tools (for e.g. NAT-T support, Dead Peer Detection, support for PlainRSA keys for easy migration from FreeSWAN, Hybrid authentication). This is also the first release that supports Linux kernel versions 2.6.10 and above (FWD policy support).
Does it have the fixes for the incorrect isakmp source address when using the listen directive and also the HUP fix when using the listen directive? These make the listen directive work and useful :) Patches on both these bugs: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=289604 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=241980 Both are quite straightforward and are needed to allow a floating ipsec gateway address (for firewall failover config with heartbeat). If they're in there i'll test the packages for you. ~mc