-3

I want to implement a IPSEC protocol in java. I want to know how to create our own protocol. And how to embedded this protocol with packet.

Please provide some code example so that it is easy to understand.

Blachshma
  • 17,097
  • 4
  • 58
  • 72
Anant
  • 109
  • 2
  • 5
  • 11
  • 1
    This question is essentially unanswerable. Show us that you've given it some thought, break it into components, and ask a targeted question that folks can provide a reasonable answer to. You also might want to provide some motivation, since the first thing any IPSEC expert will think is, "why would you want to do this?" Note that implementing IPSEC vs. providing some bindings in Java are two different things. – andersoj Oct 18 '10 at 15:50
  • 1
    Also see this thread for a prediction of the future of the StackOverflow discussion: http://forums.sun.com/thread.jspa?threadID=5261687 – andersoj Oct 18 '10 at 15:53

2 Answers2

3

IPSec is a internet layer protocol, not an application layer protocol. It works by encrypting/securing each network packet and as such runs at the network card level, usually by an OS provided driver which makes its use transparent to any applications.

It is not something you implement in your own code, instead if you wanted application level security you'd look at TLS/SSL or something more specific to your communications protocol.

blowdart
  • 55,577
  • 12
  • 114
  • 149
  • Yes i know that. But in IPSEC there is a AH header. In that header there are sequence number. Actually i want to implement this sequence number. so that we can accept only those packet that have not recieved yet. – Anant Oct 18 '10 at 16:37
  • 2
    This is not up to you - IPSEC is supposed to be transparent, it's not for applications to use - you can't packet capture in Java or any managed language properly. – blowdart Oct 18 '10 at 16:44
  • @Anant -- Can you augment your question with these specifics, and state what you need the seq number for? As @blowdart suggests, you should never see separately resolvable IPSEC packets at the Java level such that you could make that decision (unless you've already got a mechanism in place to forward raw packets up to that level for inspection...) – andersoj Oct 18 '10 at 16:49
  • Actually my primary requirement is that i want to implement something so that i can sent a packet to another destination. when the destination recieve the packet it check its sequence number and if the sequence number is already there discard that packet and if the sequence number is new accept the packet. – Anant Oct 18 '10 at 17:41
  • @Anant: The IP/IPSec layer in your OS does that for you (and generally discourages you from knowing about the details). Are you in an OS that doesn't provide IPSec? If so, probably want to reframe the question in that context. – andersoj Oct 18 '10 at 19:06
1

IPSec can not be implemented in JAVA. Java needs VM. We need code which will run directly on machine.

Vijay
  • 2,021
  • 4
  • 24
  • 33