Displaying 2 results from an estimated 2 matches for "spadd".
Did you mean:
spad
2005 Sep 24
1
Encrypt some services with ipsec
Hi all,
I have two prodction servers with FreeBSD 5.4 (all security patches
are applied). They running some services like dns, ssh, http, ftp, etc.
But I woukd like to encrypt some services for some hosts with ipsec when
it is accessed. For example:
- DNS resolution: not encrypted.
- DNS replication master-slave: encrypted by ipsec.
- Telnet: encrypted by ipsec for some hosts. Deny
2003 May 28
2
IP SEC filtering issue
....
We would like to send only the syn packet of a tcp connection through
certain ipsec tunnels and the rest of the packets in a connection though
a simple transport mode setup. Yeah, I know it's strange but what can I
say -- we do a lot of strange things. From the best I can tell, the
setkey/spadd filtering capability isn't sophisticated enough to detect
syn packets. Since ipfw does do this sort of thing we can use this to
filter out the syn packet and using divert sockets (we have a lot of
experience at writing divert sockets) we can put a wrapper
around it so that it goes to a particu...