Projects / CIPE


CIPE (Crypto IP Encapsulation) is an ongoing project to build encrypting IP routers. The protocol used is as lightweight as possible. It is designed for passing encrypted packets between prearranged routers in the form of UDP packets. This is not as flexible as IPSEC but it is enough for the original intended purpose: securely connecting subnets over an insecure transit network.

Operating Systems

Recent releases

  •  04 Aug 2004 20:19

    Release Notes: This version runs under Linux 2.6 (as well as earlier versions). It can use the kernel crypto API and its cipher algorithms (with Linux 2.6 or 2.4.23+).

    •  29 Jun 2002 00:18

      Release Notes: This release corrects the short packets test which was introduced in the previous release but was broken. It also includes the patch to work correctly with netfilter under Linux 2.4.

      •  01 Jun 2002 22:17

        Release Notes: This release resolves the missing kernel symbol problem on newer Linux 2.4 kernels and adds a correct module license tag. It also corrects the small packet DOS problem.

        •  24 Nov 2001 18:56

          No changes have been submitted for this release.

          •  17 Jun 1999 10:32

            Release Notes: Autoconf, options to send internal keepalive pings and timeout on them. Runs under Linux 2.1.x, at least with x>=109, and 2.2.x. Device names have changed: protocol version is now a letter. Channels are allocated and deallocated dynamically. Statistics are logged upon close and then cleared. The log is simply one line from /proc/net/dev. Ciped waits for completion of ip-up before daemonizing. New configuration option for using key exchange timestamps.

            Recent comments

            16 Nov 2000 05:46 madcamel1

            Highly Recommended!
            For my tunneling purposes, crypto is a must, though it doesn't have to be very strong. I was previously using ppp over ssh (And I still do, for non-linux machines), but for linuxlinux tunneling, this thing really rocks! And btw, the newest ver (check homepage) compiles as a module :)

            22 Jun 2000 02:11 dag

            Vtun as an alternative !
            If you don't like to patch and recompile your kernel,
            consider vtun as an alternative. Just compile and load
            the universal TUN/TAP driver and off you go... (udp/tcp)


            Project Spotlight


            A Fluent OpenStack client API for Java.


            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.