On 6/5/20 12:13 PM, Tom Marcoen wrote:
Hey Eugen,
For some reason I did not receive your email. But I found your reply in the
archives.
Anyway, the goal is to have two computers, each with a Netgraph bridge node
and jails connecting to these bridges. I want to connect both bridges over
the Internet securely. Using a UDP tunnel and encrypting that with IPsec or
wireguard or .... would be an option, but it would be nicer if I could use
a Netgraph-native option.
In years past I used netgraph ksocket nodes to generate a udp tunnel
and then set up IPSEC to encrypt it.
can be done from the command line with about 10 lines from memory.
Unfortunately I don't have those 10 line at hand as it was at
JOB[current - 5]
Julian
Regards,
Tom
On Wed, 27 May 2020 at 10:06, Tom Marcoen <tom.marc...@gmail.com> wrote:
Hey all,
I'm new to this mailing list and also quite new to FreeBSD (huray, welcome
to me!) so bare with me, please.
I'm reading up on Netgraph on how I can integrate it with FreeBSD jails
and I was looking at some of the examples provided in
/usr/share/examples/netgraph and now have the following question.
The udp.tunnel example shows an iface point-to-point connection but it is
unencrypted. Of course I could encrypt it with an IPsec tunnel on the host
or tunnel it through SSH, but I was wondering whether there exists a nice
Netgraph solution, e.g. a node with two hooks, receiving unencrypted
traffic on the inside hook and sending out encrypted traffic on the outside
hook.
Regards,
Tom
_______________________________________________
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
_______________________________________________
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
