[Vpn-help] Development update and new alpha release ...
Matthew Grooms
mgrooms at shrew.net
Tue Jan 16 21:35:05 CST 2007
All,
Its been some time since the last development update so I thought
it would be prudent to send a message to the lists. I was hoping to
release another alpha by the beginning of December but there was more to
be done than was previously anticipated. With that said, an enormous
amount of work has been accomplished between the alpha6 and alpha7
releases. With 2.0 being a major version bump, I felt that it was a good
time to get all the architectural changes I was planning ( and some that
I wasn't ) completed and out of the way. With as much churn as the code
has seen in the last few months, there are bound to be lots of bugs and
regressions. The good news is that all the heavy lifting has now been
done for this branch and the way forward will be only bug fixes, testing
and documentation updates.
For a complete ( and very long ) list of changes ...
http://www.shrew.net/vpn/changelog.php?ver=2.0.0-alpha-7
The new alpha can be had from here ... but a word of warning first. This
release is an alpha in the truest sense. Although I haven't had a
development system crash in months due to kernel driver bugs, it is not
a candidate for daily use in any way. If you have a VM session handy, it
may be worth a look.
http://www.shrew.net/vpn/download.php?name=vpn-client&vers=2.0.0-alpha-7
For those of you interested in the status of the unix port, here is a
short update.
The Shrew Soft IKED Daemon ( iked ) compiles on FreeBSD, NetBSD and
Linux ( with some changes ) It fails to start on NetBSD due to phread
problems but runs quite well on FreeBSD as a responder. NATT, DPD, Xauth
and modecfg are now supported as well as a very usable form of policy
generation. Iked can be configured to use the modecfg or peer address
and any number of network groups to pre-generate a list of policies
based on the peers xauth group memberships. This makes it very flexible
and well suited for use as an ipsec client gateway. The biggest drawback
is its lack of IPV6 support which will have to wait until after the 2.0
release. Also, a handful of required functions are not yet implemented
which prevent iked from working well as a client. With any luck, I hope
to have at least an experimental iked and client interface ready to be
open sourced when the 2.0 win32 product is released.
Expect more updates and apha/beta releases in the near future.
-Matthew
More information about the vpn-help
mailing list