Can anyone advise me on the easiest way to do this? Should I continue using OpenSwan? Is there a good HOWTO for this, or will I be the guy that writes it? (Assume I know everything on http://www.wlug.org.nz/26sec :)
I think you might be the guy that writes it as the official Wiki for Linux networking (http://linux-net.osdl.org) is pretty bad on security right now!
Any suggestions? Michal, are you still around, and is this right in your area of expertise? :)
One thing I do suspect you will need is a very recent kernel as things necessary for this such as connection tracking only really got much attention in 2.6.17. Apart from that I can't offer much help. -- Ian McDonald Web: http://wand.net.nz/~iam4 Blog: http://imcdnzl.blogspot.com WAND Network Research Group Department of Computer Science University of Waikato New Zealand