Openswan is an implementation of IPsec (IP Security). Is it a code continuation of the defunct FreeS/WAN project. Openswan provides IPSEC kernel extensions (for encryption and authentication) and an IKE daemon (for Internet key exchange and encrypted routing), as well as various rc scripts. It features Opportunistic Encryption, subnet extrusion, X.509 certificates, NAT Traversal support, XAUTH, Enterprise L2TP, and DNSSEC support. Currently, work is being done with asynchronous crypto hardware accelerator support and a Mac OS X port.
Release Notes: About 20 bugfixes were collected over a long time. Fixes were made for newer kernels, nhelpers, NAT-T, busybox, IKE algos, and smartcards. DISABLE_UDP_CHECKSUM was added to ignore checksums on udp-encaps packets.
Release Notes: Compile fixes for 2.6.16-2.6.18-rc2, a dpdaction=restart fix, and various miscellaneous fixes for ipcomp, nat-t, and rekeys.
Release Notes: Fixes for l2tp, nat-t, and rekey issues. Support for modern Linux kernels (upto 2.6.16), MTU fixes, memory leak fixes, padlock fixes, and 20+ smaller fixes from the bugs database.
Release Notes: An ASSERTION FAILED error in state.c was fixed. A fix was made for kernels having strstr. A questionable spin_unlock was commented out. This might fix reported SMP crash errors.
Release Notes: NAT-T support for KLIPS on 2.6. Additional cipher support with KLIPS on 2.6. A fix for NAT-T/PSK rekey. 20+ other bugfixes.