[Openswan dev] status of klips26 in HEAD

[Michael Richardson]

-----BEGIN PGP SIGNED MESSAGE-----


>>>>> "Nate" == Nate Carlson <natecars at natecarlson.com> writes:
    >> In any case, great work! I can actually get a working module for
    >> 2.6 without too much patching now.  :)
    >> 
    >> Now, just have to be patient for NAT Traversal.

  It is an easy patch to get 2.6 to talk to KLIPS26 for NAT-T,
it just isn't done yet. I have problems with insmod under 2.6 UMLs.

    Nate> Interesting - with 2.4, I can use KLIPS behind a Linux NAT
    Nate> gateway without using NAT Traversal, and it works fine. Exact
    Nate> same config with KLIPS on 2.6, it doesn't work. I see the
    Nate> outbound ESP packets, but no packets coming back.

    Nate> Also, with NAT Traversal turned on (with 26klips) I don't get
    Nate> any errors when trying to use it; it says it negotiated NAT
    Nate> traversal with the remote host, but packets going out look
    Nate> like they are still ESP, not 4500/udp.

  Hmm. That's very strange.
  Until I can get the UMLs to load, I won't get much progress on such a
thing. However, I am not going to be automating the klips26 testing
under UML. that's a big job, and I don't have the resources to do that.

- --
]     "Elmo went to the wrong fundraiser" - The Simpson         |  firewalls  [
]   Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net architect[
] mcr at xelerance.com      http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBQS44dIqHRg3pndX9AQGJDwQA7aZjImmDdt1P0xXLg2GQgRR5K98FjIAH
c/5pKJaTIRdL/UG5MAgNyLkvruZadDVdtVUKPHMVbio4j71gjgY5WHiRVUPdwrIb
23cbMrqCdwK718bm2SBLedB97Ke0lq2UzMOqOez8y7ljqkqfqSNqqb5bFcV2mu1E
qO1x7PEAsg8=
=O1ir
-----END PGP SIGNATURE-----