Over a year ago, we wrote a proposal for an Openswan book. Without knowing about this proposal, Louay Fatoohi of Packt Publishing asked us if we were interested in publishing just such a book. We are very happy with the result of that collaboration.

We would like to thank everyone who is or has been part of the Linux IPsec and Openswan communities, without whom neither Openswan nor this book would have been possible.

Many thanks to John Gilmore for founding the FreeS/WAN Project, and to XS4ALL for hosting it. Many people contributed to FreeS/WAN, but we would like to especially thank Hugh Daniel, Michael Richardson, Hugh Redelmeier, and Richard Guy Briggs.

The FreeS/WAN and Openswan community contributed some important features. Thanks to Andreas Steffen of StrongSec for the X.509 patches, JuanJo Ciarlante for the original ALG patches that included AES, Mattieu Lafon of Arkoon Systems for the NAT-Traversal patches, and Hendrik Nordstrom of MARA Systems for the Aggressive Mode patches.

Further thanks are due to Rene Mayrhofer of Debian and Robert-Jan Cornelissen of Xtended Internet as early adopters of Openswan. Xtended Internet also graciously hosted the Openswan servers for two years.

We are especially grateful to Herbert Xu for his tremendous work on integrating Openswan with the Linux 2.6 NETKEY stack, and Michael Richardson for maintaining and enhancing tcpdump.

Thanks also to Jacco de Leeuw for his excellent work on documenting L2TP, and Nate Carlson for his elaborate X.509 configuration guide. They have invested a large amount of time in helping the community with Openswan configuration.

Everyone knows how important a cute logo is, but the logo that Nana Manojlovic spontaneously gave us surpasses even the penguin. Thank you Nana!

And of course, thanks to all the Linux distributions that have included Openswan in their packages. You have truly caused the widespread use and acceptance of Openswan.

Over the course of a year, quite a few people have helped to create this book. Many thanks to Louay Fatoohi and Richard Deeson of Packt Publishing. This book would have been filled with errors, had it not been for our reviewers, Tuomo Soini, Nate Carlson, and James Eaton-Lee. Extra praise goes to Mike Stelluti who, without ever having touched a Linux computer, went through the book verifying every single command, which included setting up and testing entire X.509, L2TP, and UML setups from scratch. And a special thanks goes to Michael Richardson for writing the section on debugging Openswan using tcpdump.

Paul Wouters and Ken Bantoft

First and foremost, I would like to thank my family. My parents, Frans and Reina, for getting that Apple ][+ that started my interest in computers back in 1983, despite the fact that they did not allow me to have a modem, which I worked around by ordering my own phone line in 1992. My sister Silvia, her husband Gerwin, their kids and Annie van de Zwaluw. I would not be whom I am today without you.

Thanks to John Viega for convincing me I can and should write a book, and thanks to Xelerance for giving me the time to write it. Thanks to Robert-Jan Cornelissen and Xtended Internet for allowing me to deploy DNSSEC and IPsec all over the network even before the IETF has reached consensus, and thanks to Olaf Kolkman and Miek Gieben for their work on DNSSEC.

Thanks to Hugh Daniel whose super power can fix anything mechanical and break everything digital and to John Gilmore for many pleasant yet passionate discussions. I will bring you widespread OE!

Thanks to the Cypherpunks (Ian, Nikita, Len and Lucky), the CCC, and of course the Hippies From Hell - especially Ariane, Patrice, Ruedi, Kristel, Hinde, Dave, Rop, Barry, Marcel, Lucia, and the wonderful people at the PH kade whose parties resulted in many new dear friends.

Thanks to some of my scattered friends around the globe - Aaron, Ambrese, Joanna, Jeff & Ping and the other BlackHat folk, my MUD friends Emeradii, Perrin, Ayres and Carol who is now worth 17 books.

Many thanks to Irene and her colleagues of Coffee Company. I still miss the best coffee in the world.

Thanks to Liz for many lunches while writing the book. Thanks to Aldert for letting me deploy Wifi and IPsec on HAL2001, and our continued friendship ever since. Many thanks to Vesna, you were so much more then just a housemate, confidante, light of the party, or mole. But you should have opened door #3. And thanks to Nana for a warm friendship and of course our beautiful Openswan logo. Your tattoo befits you.

Thanks to Antony, not only for our many pleasant conversations, but also for “lending” me your ibook on which a large part of this book was written and on which we are currently porting Openswan to MacOSX. Remember friendships are not binary.

Karin Spaink. Eight years ago I asked you at HIP’97 if I could take your picture. Now, I can hardly remember not knowing you. Part of my daily confidence comes from knowing that you are only a phone call away.

Zenon Pannoussis. I failed in only letting reason dictate my feelings for you. You have far outranked any friendship I have ever had. No, let me finish. I like you. And if you insist, I have 1,709,098 words in 4120 emails from you to objectively back up those subjective feelings. Even religion only needs 791,328.

Naomi Rae Estreicher. Thank you for our wonderful time together, and for letting me work on my book from your place for many months. I never felt so loved in my life as when you exclaimed “I can’t believe you’re here”. I hope to continue viewing Battlestar Galactica with you, it wouldn’t be the same without your company.

Yella Cremer. It took five years, but then I found a passion burning in me with unprecedented intensity. I did not only gain a continuous craving for sushi. You are simply irresistible. How did I get any writing done in those months you lived with me?

And finally thanks to everyone who still dared to ask me “How’s the book going?”. I sincerely hope asking was as painful as answering was :)

Paul Wouters

I’d like to thank: My father, who put a computer in front of me 20 years ago, and who has supported my digital addiction for all those years; My wife Van, who puts up with the large amount of hardware in the basement, and the power bills it generates; Kyle Schustyk, with whom I set up my first IPsec tunnel; Jim Alton, Alex Bichuch, and Rob Rankin who kept me busy building VPNs for various people; Michael Richardson—without his ROT13-encrypted party invitation I’d have never starting hacking IPsec code; Sam Sgro, with whom a bet started Super FreeS/WAN, which in turn begat Openswan; D. Hugh Reidelmier, who still answers any C question I have.

Ken Bantoft