ipcrypt

ipcrypt is a simple special purpose encryption utility for TCP and UDP network packets. It works by using the netfilter NFQUEUE target. Thus you can encrypt on the fly without the need of another network interface, special routing and without mtu problems.

Prerequisites

• a recent Linux 2.6 kernel with CONFIG_NETFILTER_XT_TARGET_NFQUEUE enabled
• libnfnetlink
• libnetfilter_queue

Download

You can find the current version of the ipcrypt utility on the downloads page. Have a look at the included man page for configuration options.

Caveats

ipcrypt is not a full featured encryption solution. It will work well against casual and accidental eavesdropping but it will probably not stand any professional cryptographic attack. If you need full featured encryption use e.g. OpenSSH, OpenVPN or IPSec. For special features have a look at vpnd.

ipcrypt works best on the x86 and x86_64 platforms due to included optimized assembler. For all other platforms generic code is included. Feel free to contribute assembler code for other platforms.