[Openswan dev] Error building klips-ipv6 (missing include?)
Harald Jenny
harald at a-little-linux-box.at
Tue Oct 12 02:48:51 EDT 2010
On Tue, Oct 12, 2010 at 07:42:37AM +1000, David McCullough wrote:
>
> Jivin Paul Wouters lays it down ...
> > On Mon, 11 Oct 2010, Harald Jenny wrote:
> >
> > >> [ip route commands] before pluto starts listening on the IPv6 address.
> > >
> > > Maybe this is related to:
> > >
> > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573955
> > >
> > > Did already discuss this problem with Paul...
> >
> > If that is the cause, "ipsec whack --listen" should fix that without
> > setting any routes.
>
> Feel free to tell me I'm wrong, but as far as I can tell, the setup scripts
> are responsible for adding all the IPv4/IPv6 addresses to the ipsecX
> interfaces, and need to run after the interfaces get there addresses.
Hmmmm
>
> > I have been working a bit on the listen code, and I was considering an
> > option to just listen to ANY. I am not sure what the history was of not
> > listening on all IP's whenever they become available to the system.
> >
> > Perhaps Hugh or Hugh can sched some light on that?
> >
> > I also thought there was some kind of notification system in the kernel
> > where an application can be told when an interface or ip address is
> > added/removed from the kernel. (I don't mean messagebus, though that's
> > another candidate)
>
> Whatever mechaism we use, it needs to duplicate the startklips script,
> or, we need to change the was ipsecX gets configured :-)
I would vote for second ;-).
>
> Cheers,
> Davidm
Kind regards
Harald
>
> --
> David McCullough, david_mccullough at mcafee.com, Ph:+61 734352815
> McAfee - SnapGear http://www.mcafee.com http://www.uCdot.org
More information about the Dev
mailing list