1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
|
Source: openswan
Section: net
Priority: optional
Maintainer: Rene Mayrhofer <rmayr@debian.org>
Standards-Version: 3.6.1.0
Build-Depends: debhelper (>= 4.1.16), libgmp3-dev, libssl-dev (>= 0.9.8-1), htmldoc, man2html, libcurl3-dev | libcurl2-dev, libopensc2-dev | libopensc1-dev | libopensc0-dev, libldap2-dev, libpam0g-dev, libkrb5-dev, bison, flex, lynx, dpatch, bzip2
Package: openswan
Architecture: any
Pre-Depends: debconf | debconf-2.0
Depends: ${shlibs:Depends}, bsdmainutils, makedev | devfsd, debianutils (>=1.7), ipsec-tools, openssl, host, iproute
Suggests: openswan-modules-source | linux-patch-openswan, curl
Provides: ike-server
Conflicts: freeswan (<< 2.04-12)
Description: IPSEC utilities for Openswan
IPSEC is Internet Protocol SECurity. It uses strong cryptography to provide
both authentication and encryption services. Authentication ensures that
packets are from the right sender and have not been altered in transit.
Encryption prevents unauthorised reading of packet contents.
.
This version of Openswan supports Opportunistic Encryption (OE) out of the
box. OE enables you to set up IPsec tunnels to a site without
co-ordinating with the site administrator, and without hand
configuring each tunnel. If enough sites support OE, a "FAX effect"
occurs, and many of us can communicate without eavesdroppers.
.
In addition to OE, you may manually configure secure tunnels through
untrusted networks. Everything passing through the untrusted net is
encrypted by the IPSEC gateway machine and decrypted by the gateway
at the other end. The result is Virtual Private Network or VPN. This
is a network which is effectively private even though it includes
machines at several different sites connected by the insecure Internet.
.
Please note that you will need a recent kernel (>=2.4.24 or 2.6.x)
for using this package. The standard Debian kernel includes both IPSEC
and crypto support, patching the kernel is no longer necessary!
.
If you want to use the KLIPS IPSec code for kernel modules instead of the
native ones, you will need to install either openswan-modules-source or
linux-patch-openswan and build the respective modules for your kernel.
Package: openswan-modules-source
Architecture: all
Depends: coreutils | fileutils, debhelper, bzip2
Recommends: kernel-package (>= 7.04), kernel-source
Suggests: openswan
Description: IPSEC kernel modules source for Openswan
This package contains the source for the Openswan modules to get the necessary
kernel support to use Openswan.
.
It includes the NAT Traversal patches, which will need to be applied to the
kernel tree if NAT Traversal is needed.
Package: linux-patch-openswan
Architecture: all
Depends: coreutils | fileutils
Recommends: kernel-package (>= 7.04)
Suggests: openswan
Provides: kernel-patch-openswan
Replaces: kernel-patch-openswan
Description: IPSEC Linux kernel support for Openswan
This package contains the patches for the Linux kernel to get the necessary
kernel support to use Openswan. If you want to build a kernel module for
IPSec, it is much easier to use the openswan-modules-source package instead.
This kernel-patch package should probably only be used when building a
non-modular kernel or when compiling IPSec non-modular.
.
It includes the NAT Traversal patches and applies them automatically to the
kernel after inserting KLIPS.
|
