Projects / Openswan


Openswan is an implementation of IPsec (IP Security). Is it a code continuation of the defunct FreeS/WAN project. Openswan provides IPSEC kernel extensions (for encryption and authentication) and an IKE daemon (for Internet key exchange and encrypted routing), as well as various rc scripts. It features Opportunistic Encryption, subnet extrusion, X.509 certificates, NAT Traversal support, XAUTH, Enterprise L2TP, and DNSSEC support. Currently, work is being done with asynchronous crypto hardware accelerator support and a Mac OS X port.


Recent releases

  •  27 Jun 2007 05:45

    Release Notes: About 20 bugfixes were collected over a long time. Fixes were made for newer kernels, nhelpers, NAT-T, busybox, IKE algos, and smartcards. DISABLE_UDP_CHECKSUM was added to ignore checksums on udp-encaps packets.

    •  04 Aug 2006 17:06

      Release Notes: Compile fixes for 2.6.16-2.6.18-rc2, a dpdaction=restart fix, and various miscellaneous fixes for ipcomp, nat-t, and rekeys.

      •  02 May 2006 19:02

        Release Notes: Fixes for l2tp, nat-t, and rekey issues. Support for modern Linux kernels (upto 2.6.16), MTU fixes, memory leak fixes, padlock fixes, and 20+ smaller fixes from the bugs database.

        •  21 Nov 2005 06:43

          Release Notes: An ASSERTION FAILED error in state.c was fixed. A fix was made for kernels having strstr. A questionable spin_unlock was commented out. This might fix reported SMP crash errors.

          •  13 Sep 2005 18:31

            Release Notes: NAT-T support for KLIPS on 2.6. Additional cipher support with KLIPS on 2.6. A fix for NAT-T/PSK rekey. 20+ other bugfixes.


            Project Spotlight


            A Fluent OpenStack client API for Java.


            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.