Cipe?
Kevin Fenzi
kevin-redhat-beta at scrye.com
Thu Apr 1 20:18:34 UTC 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
>>>>> "Steve" == Steve Bergman <steve at rueb.com> writes:
Steve> On Wed, 2004-03-31 at 12:38, Alexandre Oliva wrote:
>> On Mar 31, 2004, Steve Bergman <steve at rueb.com> wrote:
>> I suppose it wouldn't hurt if people sufficiently motivated would
>> take over the cipe package that was removed from rawhide just
>> before FC2test2 and build programs and kernel modules as Extras for
>> FC2. I'm told the main hurdle that had to be overcome, namely
>> porting cipe to kernel 2.6, has already been taken care of
>> upstream.
Steve> So far, I seem to be the only 'motivated' participant in this
Steve> thread. So I guess I have a few questions:
Steve> 1. Is there anyone else here who would be interested in a cipe
Steve> implementation from fedora.us? Or would I be doing it mainly
Steve> for myself?
I've moved all CIPE links to use openvpn (see below).
Steve> 2. Would it just be a matter of maintaining the module(s) as an
Steve> rpm throughout the FC2 life cycle. i.e. I would not have to
Steve> mess with the rest of the kernel?
Probibly true, but keep in mind you would have to make a new module
for every errata kernel that is released.
Steve> 3. Would someone like me, who has never maintained an rpm
Steve> package be likely to succeed at this and have it accepted at
Steve> fedora.us? The 2.6 fedora kernel is not nearly so heavily
Steve> patched as the old 2.4 kernel was, so if someone has already
Steve> come up with a cipe kernel patch, this should mainly be a
Steve> matter of packaging and maintenance on my part, right?
I would think so.
I would like to offer another suggestion. How about transitioning all
your machines to use openvpn instead?
http://openvpn.sf.net/
It's secure, don't in userspace with tun or tap device, works on all
the various redhat versions, there is even a windows version.
Just need to compile and install the openvpn rpm on all your machines
and switch the CIPE links to openvpn links.
It's way easier to mange and setup than IPSEC, and doesn't require
kernel mods.
Just a suggestion.
Steve> Thanks, Steve
kevin
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.8 <http://mailcrypt.sourceforge.net/>
iD8DBQFAbHkd3imCezTjY0ERAsWSAJ4+dsQO0KTVotyF0i72kT/ZomuWYACfXNng
EmVGZJHfmfwgO5jF1+uL73Y=
=a8NY
-----END PGP SIGNATURE-----
More information about the fedora-test-list
mailing list