[Openswan dev] 2.1.0rc1 and nat-t patch

Michael Richardson mcr at sandelman.ottawa.on.ca
Fri Mar 12 10:00:54 CET 2004


-----BEGIN PGP SIGNED MESSAGE-----


>>>>> "Paul" == Paul Wouters <paul at xelerance.com> writes:
    gary> After briefly browse through the Makefile, I add the 'make
    gary> nattpatch ...' under applypatch and now the nat-t patch goes
    gary> in.
    >>
    gary> Have I overlooked something in the documentation or is this
    gary> the right way to do it ?
    >> It is the right way.  If we included it in the basic kernel
    >> patch, then it would fail on any system/distro that had included
    >> the udp.c patch.
    >> 
    >> The documentation needs work.

    Paul> Perhaps Âmake module' could end with a warning about this? eg

    Paul> "For NAT-T support, rebuilding the kernel is neccessary after
    Paul> patching it for nat-t support using 'make nattpatch'"

 Sure go ahead.

    Paul> Though we should make this conditional over detecting nat-t in
    Paul> the current kernel build, which we should know since we just
    Paul> compiled a module against it.

  no, we just compiled a module against some header files.
  there is no guarantee that the patch is in the kernel that we are
loaded into!

- --
]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net architect[
] mcr at xelerance.com      http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBQFHQpIqHRg3pndX9AQFEkAQAt7XJmnF8XxYTd9rx8yywVq4XYrqa3WbD
8k+t6bnKJuWp1otZcVcWJSwRIbRtCW03YmpPXkh6vEJsUTdD5FRb0mBrMhWlkhcG
5Mqfp8w0T32+tcuF3l+8g+jgAPCi28A8Et2pSTpdFOaBppjfpWBWluQP2AXKt6aF
UtV3/PTqt0w=
=Qo9m
-----END PGP SIGNATURE-----


More information about the Dev mailing list