vpnd provides a Virtual Private Network Daemon - encrypted TCP/IP.
vpnd is a daemon which connects two networks on network level either via TCP/IP or a (virtual) leased line attached to a serial interface.
All data transfered between the two networks are encrypted using the unpatented free Blowfish encryption algorithm with a key length of up to 576 bits (may be downgraded to a minimum of 0 bits to suit any legal restrictions).
vpnd is not intended as a replacement of existing secured communications software like ssh or tunneling facilities of the operating system.
It is, however, intended as a means of securing transparent network interconnection across potentially insecure channels.
vpnd acquires a pseudo terminal (a pty/tty device pair) and attaches a SLIP line discipline to it. The effect of this is that vpnd now has its own network interface, a SLIP interface which is named slx where x is some number.
All IP packets sent to this interface are read as a datastream by vpnd and the datastream written by vpnd reappears as IP packets on this interface.
vpnd now encrypts the datastream read and sends it through a TCP connection or over a serial line to its peer vpnd. The datastream received by vpnd from its peer is decrypted and then written to the pseudo terminal.
As vpnd doesn't parse the datastream from the pseudo terminal all packets written by the kernel to the SLIP interface get transported.
Thus vpnd tunnels network traffic between two systems even as it is a user level daemon.
What's New in This Release:
· fixed minor bug in generic whitening code
· fixed ppp mru setup on Linux
· port to x86_64
· added 'packetize' option for slip/ppp interoperability and rtp header compression (SIP VoIP)
· added 'smallrtp' option for forced use of simple checksum for rtp (SIP VoIP) packets in 'packetize' mode for reduced bandwidth requirements