[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Freeswan in Debian, or: Why I am such a bad maintainer

Previously Marc Haber wrote:
> Linux 2.6 ipsec sucks, because it makes packet filtering much harder
> and more complicated, and debugging nearly impossible because you
> don't see the unencrypted packet with tcpdump.

As was already mentioned it isn't perfect yet; netfilter hooks are
definitely one such area. It does however have a nice modern design
and has the benefit of being the officialy blessed implementation on
which all future development will be based, so expect things to improve


Wichert Akkerman <wichert@wiggy.net>    It is simple to make things.
http://www.wiggy.net/                   It is hard to make things simple.

Reply to: