Web links for Linux FreeS/WAN

• FreeS/WAN project information
• Distribution sites
• Other web information on FreeS/WAN
• Archives of the project mailing list
• Related Linux code
  • Add-ons and patches for FreeS/WAN
  • Distributions including FreeS/WAN
  • Things FreeS/WAN uses or could use
  • Other approaches to Linux VPNs

Other documents with web links

• The IPSEC Protocols
• Linux resources
• Cryptography and security

• Project rationale
• our original main project site
• new site, freeswan.org

Primary site

• In Holland, via http (recommended) or FTP.

  Mirror Sites

• Eastern Canada (limited resouces)
• Eastern Canada (has older versions too)
• Eastern Canada (has older versions too)
• Japan
• Hong Kong
• Denmark
• the UK
• Slovak Republic
• somewhere

• HOW-TO from Kurt Seifried
• interoperability and other info from Ivan Moore
• speed test results from a Welsh university

• Canada
• Holland

More information on this and other mailing lists.

Applied FreeS/WAN

• Neil Dunbar's patches for certificate support, using code from Open SSL. At time of writing (June 2000), these patches are out of date and do not support the current FreeS/WAN version, but there has been talk on the mailing list of forthcoming updates. Older versions of FreeS/WAN are also likely available on some of the distribution sites.
• OpenBSD's isakmpd(8) daemon ported to Linux, working with the FreeS/WAN KLIPS code. At time or writing (early May 1999), this is a snapshot of development work, not yet a full release:
  • Sweden
  • Sweden
• a patch to make IPSEC, PPTP and SSH VPNs work through a Linux firewall with IP masquerade. Note that this is not required if the same machine does IPSEC and masquerading, only if you want a masquerade client to be the IPSEC gateway.
• patches to add Blowfish, IDEA and CAST-128 to FreeS/WAN

• SuSE 6.3 is the first major commercial Linux distribution to ship with FreeS/WAN included. It has FreeS/WAN 1.1.
• FreeS/WAN for the Linux Router Project, a minimal Linux distribution designed to run on limited machines recylcled as routers. At one point, the LRP code could boot from floppy and run on an 8 meg 386. We are not certain if that is still true, but it certainly still runs on low-end machines.

• /dev/random support page, discussion of and code for the Linux random number driver. Out-of-date when we last checked (January 2000), but still useful.
• other programs related to random numbers:
  • audio-entropyd is a daemon that collects data from a sound card, hashes it, and delivers it as input to /dev/random.
  • another entropy-gathering daemon
  • a driver for the random number generator in recent Intel chipsets
• a Linux L2TP Daemon which might be useful for communicating with Windows 2000 which builds L2TP tunnels over its IPSEC connections
• packet spy, a packet sniffer whose author said in a Dec 1999 message "It's very unfinished, especially the filter, but it can give you an ascii and hex dump at the same time. I started it specifically for snooping a FreeS/WAN installation."

• other Linux IPSEC implementations
• ENskip, a free implementation of Sun's SKIP protocol
• vpnd, a non-IPSEC VPN daemon for Linux which creates tunnels using Blowfish encryption
• Zebedee, a simple GPLd tunnel-building program with Linux and Win32 versions. The name is from Zlib compression, Blowfish encryption and Diffie-Hellman key exchange.
• LinuxCare's VPS (Virtual Private Server) which builds tunnels using SSH
• Moreton Bay's PoPToP, PPTP for Linux
• CIPE project, using their own lightweight protocol to encrypt between routers
• vtun "virtual tunnels", using Blowfish

• Document index file
• Table of Contents
• Beginning of this file.
• Project home page
• FreeS/WAN home page