* New target @ 2006-02-13 16:16 Gervasio Bernal 2006-02-13 16:36 ` Rennie deGraaf 0 siblings, 1 reply; 7+ messages in thread From: Gervasio Bernal @ 2006-02-13 16:16 UTC (permalink / raw) To: netfilter-devel Hi all!!! I have developed a new target for iptables that encrypts a communication. I would like to send it so that you can see it and prove it. And the possibility that in a future adding it to iptables. Which are the steps to follow? Thanks a lot! ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: New target 2006-02-13 16:16 New target Gervasio Bernal @ 2006-02-13 16:36 ` Rennie deGraaf [not found] ` <43F0CE59.5040201@speedy.com.ar> 0 siblings, 1 reply; 7+ messages in thread From: Rennie deGraaf @ 2006-02-13 16:36 UTC (permalink / raw) To: Gervasio Bernal; +Cc: netfilter-devel -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Gervasio Bernal wrote: > Hi all!!! > > I have developed a new target for iptables that encrypts a > communication. I would like to send it so that you can see it and prove > it. And the possibility that in a future adding it to iptables. > Which are the steps to follow? > Thanks a lot! Our of curiosity, what advantages does your method have over IPSec? Rennie -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFD8LWWIvU5mZP08HERAhCmAJ4nHIwCus/bVLBFPpDyiDnQecm3SACaAhyq SEWkeJUjGl1DCtGDOzd4i1M= =k8wy -----END PGP SIGNATURE----- ^ permalink raw reply [flat|nested] 7+ messages in thread
[parent not found: <43F0CE59.5040201@speedy.com.ar>]
* Re: New target [not found] ` <43F0CE59.5040201@speedy.com.ar> @ 2006-02-14 0:48 ` Rennie deGraaf 2006-02-14 0:52 ` Allen Francom 2006-02-14 22:36 ` Gervasio Bernal 0 siblings, 2 replies; 7+ messages in thread From: Rennie deGraaf @ 2006-02-14 0:48 UTC (permalink / raw) To: Gervasio Bernal; +Cc: netfilter-devel -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Gervasio Bernal wrote: > Rennie deGraaf wrote: > >>Gervasio Bernal wrote: >> >> >>>>Hi all!!! >>>> >>>>I have developed a new target for iptables that encrypts a >>>>communication. I would like to send it so that you can see it and prove >>>>it. And the possibility that in a future adding it to iptables. >>>>Which are the steps to follow? >>>>Thanks a lot! >> >> >>Our of curiosity, what advantages does your method have over IPSec? >> >>Rennie > > > The great advantage is the ease of use. You only need to put 2 iptables > rules in each endpoint of communication. One rule for encryption and the > other for decryption. IPSec is a little more complicated to configure. Well, I'd be interested in taking a look at your design. How about posting your design and source somewhere so that we can take a look at it? Rennie -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFD8Sj7IvU5mZP08HERApcYAJ4pOmVyYQJRdI7fuj2PSgjUjF4C2wCeNwie kOW7cV2dIM3st6SQnsM09G8= =6K7k -----END PGP SIGNATURE----- ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: New target 2006-02-14 0:48 ` Rennie deGraaf @ 2006-02-14 0:52 ` Allen Francom 2006-02-14 22:37 ` Gervasio Bernal 2006-02-17 3:28 ` Michael Richardson 2006-02-14 22:36 ` Gervasio Bernal 1 sibling, 2 replies; 7+ messages in thread From: Allen Francom @ 2006-02-14 0:52 UTC (permalink / raw) To: Rennie deGraaf; +Cc: Gervasio Bernal, netfilter-devel Also, With IPSec, can you "require" any communication from a.com to b.com to be encrypted ? IPTables might be able to enforce a requirement for encrypted communications. Just a thought... FYI -AEF On Mon, 13 Feb 2006, Rennie deGraaf wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Gervasio Bernal wrote: >> Rennie deGraaf wrote: >> >>> Gervasio Bernal wrote: >>> >>> >>>>> Hi all!!! >>>>> >>>>> I have developed a new target for iptables that encrypts a >>>>> communication. I would like to send it so that you can see it and prove >>>>> it. And the possibility that in a future adding it to iptables. >>>>> Which are the steps to follow? >>>>> Thanks a lot! >>> >>> >>> Our of curiosity, what advantages does your method have over IPSec? >>> >>> Rennie >> >> >> The great advantage is the ease of use. You only need to put 2 iptables >> rules in each endpoint of communication. One rule for encryption and the >> other for decryption. IPSec is a little more complicated to configure. > > Well, I'd be interested in taking a look at your design. How about > posting your design and source somewhere so that we can take a look at it? > > Rennie > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.1 (GNU/Linux) > > iD8DBQFD8Sj7IvU5mZP08HERApcYAJ4pOmVyYQJRdI7fuj2PSgjUjF4C2wCeNwie > kOW7cV2dIM3st6SQnsM09G8= > =6K7k > -----END PGP SIGNATURE----- > ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: New target 2006-02-14 0:52 ` Allen Francom @ 2006-02-14 22:37 ` Gervasio Bernal 2006-02-17 3:28 ` Michael Richardson 1 sibling, 0 replies; 7+ messages in thread From: Gervasio Bernal @ 2006-02-14 22:37 UTC (permalink / raw) To: netfilter-devel Allen Francom wrote: > > > Also, > > With IPSec, can you "require" any communication from > a.com to b.com to be encrypted ? > > IPTables might be able to enforce a requirement for > encrypted communications. > > Just a thought... > > FYI > -AEF > > > On Mon, 13 Feb 2006, Rennie deGraaf wrote: > > Gervasio Bernal wrote: > >>>> Rennie deGraaf wrote: >>>> >>>>> Gervasio Bernal wrote: >>>>> >>>>> >>>>>>> Hi all!!! >>>>>>> >>>>>>> I have developed a new target for iptables that encrypts a >>>>>>> communication. I would like to send it so that you can see it and >>>>>>> prove >>>>>>> it. And the possibility that in a future adding it to iptables. >>>>>>> Which are the steps to follow? >>>>>>> Thanks a lot! >>>>> >>>>> >>>>> >>>>> Our of curiosity, what advantages does your method have over IPSec? >>>>> >>>>> Rennie >>>> >>>> >>>> >>>> The great advantage is the ease of use. You only need to put 2 iptables >>>> rules in each endpoint of communication. One rule for encryption and the >>>> other for decryption. IPSec is a little more complicated to configure. > > > Well, I'd be interested in taking a look at your design. How about > posting your design and source somewhere so that we can take a look at > it? > > Rennie >> You are right Allen, that is another interesting difference. ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: New target 2006-02-14 0:52 ` Allen Francom 2006-02-14 22:37 ` Gervasio Bernal @ 2006-02-17 3:28 ` Michael Richardson 1 sibling, 0 replies; 7+ messages in thread From: Michael Richardson @ 2006-02-17 3:28 UTC (permalink / raw) To: Allen Francom; +Cc: Gervasio Bernal, netfilter-devel, Rennie deGraaf -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >>>>> "Allen" == Allen Francom <aef@prismnet.com> writes: Allen> Also, Allen> With IPSec, can you "require" any communication from a.com to Allen> b.com to be encrypted ? Yes. Have you read the specifications? - -- ] ON HUMILITY: to err is human. To moo, bovine. | firewalls [ ] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[ ] mcr@xelerance.com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[ ] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Finger me for keys iQEVAwUBQ/VC34CLcPvd0N1lAQLr9wgAwmyjkkgyduwXsaQxOUD30LFfA4Eex7K3 aN/xotH3blwNXeAPkUPNq12GDk/q3uw4VMRg4o+GWiAVMxuDz2wA7qg5wfa5PO4P RexqXeqb+FO923L0UKweffmNT3Zyw2MJuybLdqKaGmSTr3pbM/ihElnlRAOBWn0L 0X/doW1ebwvWCM0dCYTLm6/WEpc1cnSQQaxGMdU9Nyz90hxifFUvNf2KzUWjRUAn 0OpCK6eD0DBgnynsuOOwwVneXDiNySD1cH1XWRFPLUShuEldUnOtcwBZvsYsQJ/j ftqRwMDrsqdOJ/IAXfQ7JKDtl4VqHq3OTBiXxpNgIwlnBqLVbS8WDg== =ZGQN -----END PGP SIGNATURE----- ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: New target 2006-02-14 0:48 ` Rennie deGraaf 2006-02-14 0:52 ` Allen Francom @ 2006-02-14 22:36 ` Gervasio Bernal 1 sibling, 0 replies; 7+ messages in thread From: Gervasio Bernal @ 2006-02-14 22:36 UTC (permalink / raw) To: netfilter-devel Rennie deGraaf wrote: > Gervasio Bernal wrote: > >>>Rennie deGraaf wrote: >>> >>> >>>>Gervasio Bernal wrote: >>>> >>>> >>>> >>>>>>Hi all!!! >>>>>> >>>>>>I have developed a new target for iptables that encrypts a >>>>>>communication. I would like to send it so that you can see it and prove >>>>>>it. And the possibility that in a future adding it to iptables. >>>>>>Which are the steps to follow? >>>>>>Thanks a lot! >>>> >>>> >>>>Our of curiosity, what advantages does your method have over IPSec? >>>> >>>>Rennie >>> >>> >>>The great advantage is the ease of use. You only need to put 2 iptables >>>rules in each endpoint of communication. One rule for encryption and the >>>other for decryption. IPSec is a little more complicated to configure. > > > Well, I'd be interested in taking a look at your design. How about > posting your design and source somewhere so that we can take a look at it? > > Rennie Yes, of course. I have no problem. Let me fix some bugs and I post the sources. ^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2006-02-17 3:28 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-02-13 16:16 New target Gervasio Bernal
2006-02-13 16:36 ` Rennie deGraaf
[not found] ` <43F0CE59.5040201@speedy.com.ar>
2006-02-14 0:48 ` Rennie deGraaf
2006-02-14 0:52 ` Allen Francom
2006-02-14 22:37 ` Gervasio Bernal
2006-02-17 3:28 ` Michael Richardson
2006-02-14 22:36 ` Gervasio Bernal
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.