Package: linux-source-2.6.12 Severity: normal Hi,
Please can we have the patches in 2.6 for netfilter and ipsec, and the policy match patch in iptables. See http://www.shorewall.net/IPSEC-2.6.html The problem is thus: Shorewall needs a patched kernel to work with the 2.6 ipsec stack. (Netfilter currently lacks full support for the 2.6 kernel's implementation of IPSEC.) If one tries to use a 2.4 Debian kernel, it's no use, due to the backporting of the 2.6 stack. If one tries to use a vanilla kernel with the openswan-modules-source, this fails due to http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=276521. This bug renders the package useless. AES is a strong and desirable cipher. This means that it is a right pain to buid a Sarge firewall with ipsec, and it really shouldn't be. I am currently using a vanilla 2.4.31 kernel with the kernel-patch-openswan package. I have raised this with the linux-source-2.6.12 and iptables packages in the BTS. Antony -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.11.20050411 Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
