Skip to Main Content
Network Security Hacks
book

Network Security Hacks

by Andrew Lockhart
April 2004
Intermediate to advanced content levelIntermediate to advanced
320 pages
9h 10m
English
O'Reilly Media, Inc.
Content preview from Network Security Hacks

Set Up IPsec Under Linux

Secure your traffic in Linux with FreeS/WAN.

The most popular way of configuring IPsec connections under Linux is to use the FreeS/WAN (http://www.freeswan.org) package. FreeS/WAN is made up of two components, KerneL IP Security (KLIPS) and pluto. KLIPS is the kernel-level code that actually encrypts and decrypts the data; it also manages the Security Policy Database (SPD). pluto is a user-land daemon that controls IKE negotiation.

The FreeS/WAN build process builds a new kernel and the required management utilities. Download the latest FreeS/WAN source from the project’s web site and unpack the source tree in /usr/src. The documentation that comes with FreeS/WAN is very extensive and can help you tailor the installation to suit your needs. The kernel component can be either installed as a kernel-loadable module or statically compiled directly into your kernel. In order to compile FreeS/WAN, the kernel source must be installed on your machine. During the compilation process, the kernel configuration utility will launch. This is normal. Compile FreeS/WAN using your kernel configuration method of choice (such the menu-based or X11-based options). Once the compilation is complete, install the kernel and user-land tools per the FreeS/WAN documentation (typically a make install will suffice).

FreeS/WAN configuration is controlled by two configuration files: /etc/ipsec.conf and /etc/ipsec.secrets. The examples given in this hack are very limited in scope and ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Linux: Powerful Server Administration

Linux: Powerful Server Administration

Uday Sawant, Oliver Pelz, Jonathan Hobson, William Leemans

Publisher Resources

ISBN: 0596006438Catalog PageErrata