Preface

One day I wondered: would it be possible to create a fully virtual IPsec tunnel? Without using any physical network appliances? On a single Linux VM? This led me to go into the rabbit hole of Linux network namespaces and virtual interfaces, the results of which I would like to share in this post. I believe you will be amazed what the networking stack in Linux can do just as I was when I learned about this.

The path I decided to take was to use a lightweight Linux distribution - I chose Alpine Linux - and set up a VM in which the IPsec lab will reside. After which, utilize the well known Libreswan project for the software implementation of the IPsec protocol. Pieces of the project are clear, now the question remains, how to connect them together.

Radare2 overview

Radare2 is a reverse engineering framework build by "Pancake" and all the people contributing code on the public github repo. Radare2 is a second version of a project called "Radare" which was created in 2006 by "Pancake" for the purpose of creating a simple hexadecimal editor with support for searching patterns and dumping the search results to disk to recover some PHP files deleted from an HFS partition. Because of that, Radare stands for RAw DAta REcovery.