[Openswan dev] 2.6.24rc3 KLIPS Module compilation problem

Paul Wouters paul at xelerance.com
Thu Nov 19 12:20:05 EST 2009

On Thu, 19 Nov 2009, Harald Jenny wrote:

> the thing you saw with netstat is a problem of the new NAT-T code - will look with David into this problem (David, seems like we need to provide another ioctl IPSEC_UDP_ENCAP_REVERT which clears encap_type and encap_rcv), the kernel panic you experienced was introduced between 2.6.24r1 and 2.6.24r2, so if you need unloading and do not depend on the fixes in later versions better stick with 2.6.24r1 for now.

We need to REVERT sockets? Isn't closing them and making them go away good
enough? I would say that's a kernel bug then, where the kernel remembers
too much state.

thanks for the hint on the kernel panic. It will decrease my git-bisect time
quite a bit :)


More information about the Dev mailing list