Package Details: libreswan 4.3-1

Git Clone URL: https://aur.archlinux.org/libreswan.git (read-only, click to copy)
Package Base: libreswan
Description: IPsec implementation with IKEv1 and IKEv2 keying protocols
Upstream URL: https://libreswan.org/
Keywords: ipsec
Licenses: GPL, MPL
Conflicts: freeswan, ipsec-tools, openswan, strongswan
Submitter: abique
Maintainer: severach
Last Packager: severach
Votes: 42
Popularity: 1.02
First Submitted: 2014-03-07 08:29
Last Updated: 2021-03-28 00:51

Latest Comments

1 2 3 4 5 6 Next › Last »

naumovitch commented on 2021-04-27 08:17

I confim, plz add aarch64 architecture support, It builds pass and works fine on espressobin too!

All of as can VOT for this PKG !!! plz vot ..!! libreswan is better and easily configuretable ipsec fork now is version 4.4 with fixes

yjun commented on 2021-04-27 07:59

plz add aarch64 architecture support, It builds pass and works fine on my RaspberryPi Arch Linux ARM.

lano1106 commented on 2021-03-02 08:05

I agree with dkosovic.

I do need modp1024 too for my libreswan usage for the same reason (modp1024)

dkosovic commented on 2021-02-09 07:40

It'll be great if libreswan can be built with USE_DH2=true like how Red Hat are with CentOS Stream 8 (and upcoming RHEL 8.4) :

https://git.centos.org/rpms/libreswan/blob/c8s/f/SPECS/libreswan.spec

USE_DH2=true will allow modp1024 which many legacy VPN servers are only proposing. Additionally, networkmanager-l2tp will need to be built with --enable-libreswan-dh2 configure switch.

grossws commented on 2020-12-08 16:58

libreswan removed -DALLOW_MICROSOFT_BAD_PROPOSAL in v4.0 by default in mk/config.mk, see 1.

Could you please reenable it for now? It would be enabled in next release automatically (and ifdef removed), see 2.

aita commented on 2020-06-23 08:54

ipsec verify shows some errors.

$ ipsec verify                                                                                                               
/usr/bin/ipsec: /usr/lib/ipsec/verify: /usr/bin/python23: bad interpreter: No such file or directory
/usr/bin/ipsec: line 531: /usr/lib/ipsec/verify: Success

severach commented on 2020-05-20 19:31

Compile with nss 3.51 then you can immediately upgrade to nss 3.52. The nss 3.52 headers are the problem. nss 3.51 headers work for nss 3.52.

squalou commented on 2020-05-20 11:07

@defts : THANKS !

oddy commented on 2020-05-20 10:59

@defts is a lifesaver. As mentioned in https://github.com/libreswan/libreswan/issues/342 nss needs to be downgraded. In my case I have downgraded from nss 3.52.1 to nss 3.51.1-1 and rebuilt libreswan. This fixes the issue.

defts commented on 2020-05-20 09:40

@squalou @oddy

same issue here
for a quick fix, you can downgrade nss to 3.51 and rebuild libreswan

downgrade nss 
yay --rebuild libreswan

i post that reponse here https://github.com/libreswan/libreswan/issues/342