> Please excuse me. Somehow, in a flurry of trying to get up-to-date on emails, > I lost this thread almost entirely. > > What you said was something like ifconfig, route and netstat should be on any > router, but can't each of those programs be replaced by iproute2? If so, isn't > the interface more comprehesive and flexible (and smaller by about 100k, I > think)? And anyway, since Bering doesn't have those programs by default (and > neither does Dachstein, in the case of ifconfig), is the effort worthwhile at > all if it is even remotely possible? I don't know the answers to these > questions. That is why I am asking. I would certainly like to keep myself > from using sed where awk is more suitable if I can help it (in fact, it is > quite possible that I am not good enough with sed to make this possible)
I like using iproute2 as the default (and in many cases only) network configuration tool because of it's small size, and enhanced functionality. I also feel, however, that the "classic" tools (like ifconfig, route, and netstat), should be available, if they are not included by default on a distribution. I also think these commands should be their "full" versions, not the busybox "work-similar to" versions. These are the classic network configuration comands for *nix, and since most LEAF systems are very network-centric devices, these commands should be available somewhere. Awk is another beast altogether. Awk isn't really required on a LEAF box, so if you can get the ipsec stuff running without it, that would be pretty cool. Looks like a lot of work, though. As to getting IPSec working without relying on netstat, ifconfig, or route, this might be handy for some folks trying to squeeze VPN functionality into as little space as possible. When I saw your first post, I sort of assumed you were trying to build an embedded product based on LEAF... I generally assume folks running an IPSec VPN are not running on low-end hardware, and can assemble a system with a small HDD, CD-ROM, flash-drive, dual-floppy, or whatever to get around space issues. Because of this, a general attempt to keep my life simple (ie keeping the FreeS/WAN scripts as close to the originals as possible, easeing conversion of the next release), and the fact that I don't find the ifconfig, route, and netstat commands out of place on a firewall system, I haven't really tried to remove the FreeS/WAN dependencies on these commands. If you feel compelled to migrate to iproute2 for whatever reason, please feel free to do so. There are folks trying to run IPSec VPN gateways off a single floppy who I'm sure would appreciate your work, and if the changes arn't to drastic, I might fold them into my IPSec package. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
