[Openswan dev] Problems with netkey acquires.

Tuomo Soini tis at foobar.fi
Sun Feb 21 05:30:49 EST 2010


With openswan-2.6.24 + some git fixes after 2.6.24 release I got time to
time visible acquire states in ipsec auto --status and those acquire
messages were there sitting and they did not get cleaned up before next
ipsec restart.

With current git situation has change dramatically. Now acquire's are
not shown in states but policies matching acquire states are inserted
into xfrm policy.

More info is at https://bugs.xelerance.com/issues/1087

Sorry, I forgot to take ipsec auto --status when I saw those policies
but next time I see same situation I'll take them.

Seem like code matching acquire to tunnel configuration is currently broken.

-- 
Tuomo Soini <tis at foobar.fi>
Foobar Linux services
+358 40 5240030
Foobar Oy <http://foobar.fi/>


More information about the Dev mailing list