[Openswan dev] FreeSwan/uClinux using pluto and whack: ipsec0 not found
aparna.dutta
aparna.dutta at jasmin-infotech.com
Thu Jan 31 23:39:57 EST 2008
Paul,
I was not able to get much help from the uClinux distribution people,
because it looks like not many people have tested out the Openswan/Freeswan
port on non-MMU embedded systems.
Based on your suggestion to use Openswan for 2.6.x kernel, I tried to port
the Openswan to uClinux for our board by working around the fork()
functions, and making changes in some shell scripts (especially the
_updown).
With this I was able to setup a VPN tunnel between our embedded system and a
Linux PC within our LAN, as a first step.
Thanks for all your help.
Regards,
Aparna
-----Original Message-----
From: Paul Wouters [mailto:paul at xelerance.com]
Sent: Tuesday, January 29, 2008 8:37 PM
To: aparna.dutta
Cc: dev at openswan.org
Subject: RE: [Openswan dev] FreeSwan/uClinux using pluto and whack: ipsec0
not found
On Tue, 29 Jan 2008, aparna.dutta wrote:
> On second look, I find that the README in the Freeswan directory reads
> version 1.97. (I got version 1.92 from the version.c file, which was
> probably not updated)
>
> This Freeswan comes packaged along with the latest uClinux distribution.
> It has been ported by the uclinux developers, but I am not sure how much
it
> has been used and tested. But I found that it takes care of some non-MMU
> requirements, such as avoiding the fork() function in Pluto. I am able to
> run Pluto and also a couple of whack commands without any errors on our
> non-MMU embedded device.
>
> Openswan has also been ported to the uClinux distribution, but the code
> contains fork().So Pluto stops with errors (cannot start child process,
> among other things). This was the reason we started testing with Freeswan.
>
> Is there someway we can still build the ipsec module and get this Freeswan
> version to work on our embedded device with uClinux?
I have no no idea how they would have compiled klips into the kernel. Ask
the uClinux distribution people?
On regular openswan, you use "make module" with the right KERNELSRC= set.
The old freeswan stuff had "make patch" or "make kpatch"
Paul
More information about the Dev
mailing list