I just saw that ipsec-tools did not let me use twofish as cipher, and
further grepping showed that ipsec-tools does support it, but the Linux
kernel headers (in particular <linux/pfkeyv2.h>) do not define the
necessary constant, SADB_X_EALG_TWOFISHCBC.
Please add this constant and the necessary glue code to the IPsec layer!
Felix