Path to this page:
Next | Query returned 6 messages, browsing 1 to 10 | previous
CVS Commit History:
2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298) |
Log message:
*: bump for openssl 3
|
2023-08-14 07:25:36 by Thomas Klausner | Files touched by this commit (1247) |
Log message:
*: recursive bump for Python 3.11 as new default
|
2021-10-26 13:07:15 by Nia Alarie | Files touched by this commit (958) |
Log message:
net: Replace RMD160 checksums with BLAKE2s checksums
All checksums have been double-checked against existing RMD160 and
SHA512 hashes
Not committed (merge conflicts...):
net/radsecproxy/distinfo
The following distfiles could not be fetched (fetched conditionally?):
./net/citrix_ica/distinfo citrix_ica-10.6.115659/en.linuxx86.tar.gz
./net/djbdns/distinfo dnscache-1.05-multiple-ip.patch
./net/djbdns/distinfo djbdns-1.05-test28.diff.xz
./net/djbdns/distinfo djbdns-1.05-ignoreip2.patch
./net/djbdns/distinfo djbdns-1.05-multiip.diff
./net/djbdns/distinfo djbdns-cachestats.patch
|
2021-10-07 16:43:07 by Nia Alarie | Files touched by this commit (962) |
Log message:
net: Remove SHA1 hashes for distfiles
|
2021-08-10 14:36:58 by Nia Alarie | Files touched by this commit (3) | |
Log message:
fastd: update to version 22
The main improvement of fastd v22 is the L2TP kernel offloading support,
which brings fastd’s throughput for unsecured connections on par with
other L2TP solutions like Tunneldigger, while maintaining most of fastd’s
flexibility. It is even possible to use fast L2TP connections for some
peers and secure encryption for others in a single fastd instance.
New features¶
* Added new method “null@l2tp”
Like the old “null” method, “null@l2tp” doesn’t provide any \
security.
In TAP mode, it uses a packet format compatible with L2TPv3 Ethernet
Pseudowires (RFC3931 and RFC4719) for payload data.
Using “null@lt2p” for new unsecured deployments and migrating existing
“null” setups is recommended for a number of reasons:
* “null” uses a 1-byte packet header, which can make data transfer
between kernel and userspace slightly slower on platforms that
care about alignment
* The L2TP-compatible data format facilitates debugging, as packet
sniffers like Wireshark can decode the payload
* L2TP can be offloaded to the Linux kernel, significantly
increasing throughput
See offload configuration for information on the setup and limitations
of the L2TP offload feature.
* Added support for NetBSD (tested on NetBSD 9.2)
Bugfixes¶
* Fix build for MacOS
This issue was introduced during the move to the Meson build system in
fastd v20.
* Fix TUN mode crash on FreeBSD/OpenBSD
This issue is a regression introduced in fastd v20. The buffer
management optimization caused an assertion failure in many
configurations upon reading packets from the TUN interface.
* Fix version number format
When not building from Git, fastd v21 would format its own version
number as “21” rather than “v21”, deviating from previous releases.
This is fixed with v22.
Other changes¶
* A new handshake format has been introduced, prepending an L2TPv3
Control Message header to the actual fastd handshake. This improves
certain interactions between fastd and the L2TP kernel module used for
offloading.
To maintain compatibility with older fastd versions, both handshake
formats are accepted. For the initial handshake packet, an old and a
new format packet are sent at the same time.
Sessions established using the old handshake format are marked with
“compat mode” in the log.
|
2021-06-24 16:01:31 by Nia Alarie | Files touched by this commit (7) |
Log message:
add net/fastd
fastd is a very small VPN daemon which tunnels IP packets and Ethernet frames
over UDP. It supports various modern encryption and authentication schemes
and can be used in many different network topologies (1:1, 1:n, meshed).
|
Next | Query returned 6 messages, browsing 1 to 10 | previous