Re: Freeswan in Debian, or: Why I am such a bad maintainer
- To: Marc Haber <mh+debian-devel@zugschlus.de>
- Cc: Rene Mayrhofer <rene.mayrhofer@gibraltar.at>, Bastian Blank <waldi@debian.org>, Dominique Kaiser <dommi_s1@gmx.net>, Giacomo Mulas <gmulas@ca.astro.it>, Steven Augart <augart@watson.ibm.com>, Lupe Christoph <lupe@lupe-christoph.de>, Anthony DeRobertis <anthony@derobert.net>, Andrew Pimlott <pimlott@idiomtech.com>, herbert@gondor.apana.org.au, Alexander Hvostov <alex@aoi.dyndns.org>, Daniel Pocock <daniel@pocock.com.au>, Russell Stuart <russell-debian-bug@stuart.id.au>, dalhagen@tele-net.net, Christoph Martin <martin@uni-mainz.de>, Alexei Ustyuzhaninov <alust@UralskyGSM.com>, Jason Spence <jspence@lightconsulting.com>, Mike Fedyk <mfedyk@matchmail.com>, Luca Fornasari <luca.fornasari@easybit.it>, Torsten Knodt <tk-debian@datas-world.de>, Christian Perrier <bubulle@debian.org>, Luk Claes <luk.claes@ugent.be>, debian-devel@lists.debian.org, Nate Carlson <natecars@natecarlson.com>
- Subject: Re: Freeswan in Debian, or: Why I am such a bad maintainer
- From: Wichert Akkerman <wichert@wiggy.net>
- Date: Mon, 28 Jun 2004 16:30:46 +0200
- Message-id: <[🔎] 20040628143046.GH9561@wiggy.net>
- Mail-followup-to: Wichert Akkerman <wichert@wiggy.net>, Marc Haber <mh+debian-devel@zugschlus.de>, Rene Mayrhofer <rene.mayrhofer@gibraltar.at>, Bastian Blank <waldi@debian.org>, Dominique Kaiser <dommi_s1@gmx.net>, Giacomo Mulas <gmulas@ca.astro.it>, Steven Augart <augart@watson.ibm.com>, Lupe Christoph <lupe@lupe-christoph.de>, Anthony DeRobertis <anthony@derobert.net>, Andrew Pimlott <pimlott@idiomtech.com>, herbert@gondor.apana.org.au, Alexander Hvostov <alex@aoi.dyndns.org>, Daniel Pocock <daniel@pocock.com.au>, Russell Stuart <russell-debian-bug@stuart.id.au>, dalhagen@tele-net.net, Christoph Martin <martin@uni-mainz.de>, Alexei Ustyuzhaninov <alust@UralskyGSM.com>, Jason Spence <jspence@lightconsulting.com>, Mike Fedyk <mfedyk@matchmail.com>, Luca Fornasari <luca.fornasari@easybit.it>, Torsten Knodt <tk-debian@datas-world.de>, Christian Perrier <bubulle@debian.org>, Luk Claes <luk.claes@ugent.be>, debian-devel@lists.debian.org, Nate Carlson <natecars@natecarlson.com>
- In-reply-to: <[🔎] 20040628142423.GO6752@torres.ka0.zugschlus.de>
- References: <[🔎] 40E00DDA.3040807@gibraltar.at> <[🔎] 20040628130629.GB9561@wiggy.net> <[🔎] 20040628142423.GO6752@torres.ka0.zugschlus.de>
Previously Marc Haber wrote:
> Linux 2.6 ipsec sucks, because it makes packet filtering much harder
> and more complicated, and debugging nearly impossible because you
> don't see the unencrypted packet with tcpdump.
As was already mentioned it isn't perfect yet; netfilter hooks are
definitely one such area. It does however have a nice modern design
and has the benefit of being the officialy blessed implementation on
which all future development will be based, so expect things to improve
rapidly.
Wichert.
--
Wichert Akkerman <wichert@wiggy.net> It is simple to make things.
http://www.wiggy.net/ It is hard to make things simple.
Reply to: