Hosting Provided By

Re: linux-ipsec: Freeswan: manual conns. and ipsec setup

From: Henry Spencer <henry(at)spsystems.net>
Date: Tue Nov 17 1998 - 14:26:43 EST

> Is it possible/desirable to have manual connections come up and go down

Yes, adding a manual-setup-at-boot list to the config file is on my list. It does seem like it could have uses, especially for people who are doing something odd.

> I'm starting to wonder about the usefullness of having all packets without

This would be feasible, but it's not clear that it's desirable...

> That
> way, I can still send traffic to other places via the same SG in the clear

Why is traffic for those "other places" being routed to ipsec0, if it does not need IPSEC processing? It should simply be routed to the underlying interface, bypassing ipsec0 entirely. Neither pluto nor ipsec_manual creates a route to ipsec0 without an intent to process.

                                                          Henry Spencer
                                                       henry@spsystems.net
                                                     (henry@zoo.toronto.edu)

Received on Tue Nov 17 15:15:46 1998

This message: [ Message body ]
Next message: Richard Guy Briggs: "Re: linux-ipsec: Freeswan: manual conns. and ipsec setup"
Previous message: Richard Guy Briggs: "linux-ipsec: transport mode failures under manual"
In reply to Richard Guy Briggs: "linux-ipsec: Freeswan: manual conns. and ipsec setup"
Next in thread: Richard Guy Briggs: "Re: linux-ipsec: Freeswan: manual conns. and ipsec setup"
Reply: Richard Guy Briggs: "Re: linux-ipsec: Freeswan: manual conns. and ipsec setup"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 12:59:07 EDT