ESPER features
- Both transport and tunnel modes
- Supported algorithms:
- AES-GCM-16 with 128/256-bit key (
aes-gcm-16
, aes-gcm-16-esn
)
- GOST 34.12-2015 128/64-bit (Kuznechik/Magma), also with MAC-only mode
(
gost
, gost-esn
, gost-mac
, gost-mac-esn
,
algorithm depends on provided key’s size)
- ESN (extended sequence number) support
- TFC (traffic flow confidentiality) support in tunnel mode
- setkey-like
commands for SA and SP management
- Ability to filter outgoing traffic based on address+network mask,
protocol identifier, port number (TCP, UDP only)
- Variable replay protection window width
- Optional ability to work with PCAP
files, instead of real-time traffic processing