[Openswan dev] Error building klips-ipv6 (missing include?)
David McCullough
david_mccullough at mcafee.com
Mon Oct 11 17:42:37 EDT 2010
Jivin Paul Wouters lays it down ...
> On Mon, 11 Oct 2010, Harald Jenny wrote:
>
> >> [ip route commands] before pluto starts listening on the IPv6 address.
> >
> > Maybe this is related to:
> >
> > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573955
> >
> > Did already discuss this problem with Paul...
>
> If that is the cause, "ipsec whack --listen" should fix that without
> setting any routes.
Feel free to tell me I'm wrong, but as far as I can tell, the setup scripts
are responsible for adding all the IPv4/IPv6 addresses to the ipsecX
interfaces, and need to run after the interfaces get there addresses.
> I have been working a bit on the listen code, and I was considering an
> option to just listen to ANY. I am not sure what the history was of not
> listening on all IP's whenever they become available to the system.
>
> Perhaps Hugh or Hugh can sched some light on that?
>
> I also thought there was some kind of notification system in the kernel
> where an application can be told when an interface or ip address is
> added/removed from the kernel. (I don't mean messagebus, though that's
> another candidate)
Whatever mechaism we use, it needs to duplicate the startklips script,
or, we need to change the was ipsecX gets configured :-)
Cheers,
Davidm
--
David McCullough, david_mccullough at mcafee.com, Ph:+61 734352815
McAfee - SnapGear http://www.mcafee.com http://www.uCdot.org
More information about the Dev
mailing list