Something is really fishy. <div><br></div><div>I can see a ipsec.secrets.new file getting created in etc and with growing ' RSA {' entries. </div><div>Something like:</div><div><br></div><div><div>: RSA {</div>
<div>: RSA {</div><div>: RSA {</div><div>: RSA {</div><div>: RSA {</div><div>: RSA {</div><div>: RSA {</div><div>: RSA </div></div><div><br></div><div>I know about ipsec.secrets but ipsec.secrets.new is something I read about. </div>
<div><br></div><div>I am not sure how useful is this info but thought of share it with you all. Still clueless about whats going on.</div><div><br></div><div>-SP </div><div><br><div class="gmail_quote">On Fri, Sep 30, 2011 at 10:59 AM, satpal parmar <span dir="ltr"><<a href="mailto:systems.satpal@gmail.com">systems.satpal@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">Hi all<div><br></div><div>I am trying to port IPsec 2.6.33 on ARM11 soc running linux kernel 2.6.37 (Netkey IPsec stack). I am experiencing strange behavior.When I start ipsec (/etc/init.d/ipsec start) console become unresponsive for long period of time (5+min). I run same thing in background and check the output of ps and I observed this: </div>
<div><br></div><div><div>58 root 0:00 /bin/sh /usr/local/lib/ipsec/_plutorun --debug --uniquei</div><div> 962 root 0:00 /bin/sh /usr/local/libexec/ipsec/newhostkey --quiet</div><div> 971 root 0:00 /bin/sh /usr/local/libexec/ipsec/newhostkey --quiet</div>
<div> 972 root 0:00 /bin/sh /usr/local/libexec/ipsec/newhostkey --quiet</div><div> 973 root 0:00 cat</div><div> 974 root 0:00 /usr/local/libexec/ipsec/rsasigkey --random /dev/random 2</div><div> 988 root 0:00 /bin/sh /usr/local/libexec/ipsec/setup restart</div>
<div> 1047 root 0:00 logger -s -p daemon.error -t ipsec_setup</div><div> 1131 root 0:00 /bin/sh /usr/local/lib/ipsec/_plutorun --debug --uniquei</div><div> 1135 root 0:00 /bin/sh /usr/local/libexec/ipsec/newhostkey --quiet</div>
<div> 1136 root 0:00 /bin/sh /usr/local/libexec/ipsec/newhostkey --quiet</div><div> 1137 root 0:00 /bin/sh /usr/local/libexec/ipsec/newhostkey --quiet</div><div> 1138 root 0:00 cat</div><div> 1146 root 0:00 /usr/local/libexec/ipsec/rsasigkey --random /dev/random 2</div>
<div> 1161 root 0:00 /bin/sh /usr/local/libexec/ipsec/setup restart</div><div> 1222 root 0:00 logger -s -p daemon.error -t ipsec_setup</div><div> 1306 root 0:00 /bin/sh /usr/local/lib/ipsec/_plutorun --debug --uniquei</div>
<div> 1318 root 0:00 /bin/sh /usr/local/libexec/ipsec/newhostkey --quiet</div><div> 1323 root 0:00 /bin/sh /usr/local/libexec/ipsec/newhostkey --quiet</div><div> 1324 root 0:00 /bin/sh /usr/local/libexec/ipsec/newhostkey --quiet</div>
<div> 1325 root 0:00 cat</div><div> 1326 root 0:00 /usr/local/libexec/ipsec/rsasigkey --random /dev/random 2</div><div> 1336 root 0:00 /bin/sh /usr/local/libexec/ipsec/setup restart</div><div> 1395 root 0:00 logger -s -p daemon.error -t ipsec_setup</div>
<div> 1479 root 0:00 /bin/sh /usr/local/lib/ipsec/_plutorun --debug --uniquei</div><div> 1481 root 0:00 /bin/sh /usr/local/libexec/ipsec/newhostkey --quiet</div><div> 1482 root 0:00 /bin/sh /usr/local/libexec/ipsec/newhostkey --quiet</div>
<div> 1483 root 0:00 /bin/sh /usr/local/libexec/ipsec/newhostkey --quiet</div></div><div><br></div><div>Is it an expected behavior? Is anything missing? </div><div><br></div><div>I do not have perl support on my setup so I can not use verfy. </div>
<div><br></div><div>Ipsec status giving me a cryptic response:</div><div><br></div><div><span style="font-family:verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif, sans;font-size:11px"># ipsec setup --status<br>
IPsec stopped<br>but...<br>has subsystem lock (/var/lock/subsys/ipsec)!</span></div><div><br></div><div>Anyone got any Idea whats going on? Any help will be highly appreciated.</div><div><br></div><font color="#888888"><div>
-SP</div>
</font></blockquote></div><br></div>