[Openswan Users] Openswan not working on fedora core 1
openswan at linuxnet.ch
Thu Apr 15 17:49:42 CEST 2004
Paul Wouters wrote:
>On Wed, 7 Apr 2004, Peter B. wrote:
>>I try now since some days to start openswan-2.1.1 on fedora linux core 1
>Can you try to manually do:
>And let me know if the problem remains.
>Also, it might help if you can check the core dump and see what it says.
>You need to define dumpdir= in ipsec.conf, setup section (eg to /tmp) and
>then use gdb on the core.
Sorry for the delay, I was away from the office the last days.
I tried again to do the following:
1. I used the "kernel-2.4.22-1.2174.nptl.src.rpm" to build my own 2174
fedora kernel and I applied the NAT-T patch to it.
2. Installed the Kernel on my firewall
3. Downloaded openswan 2.1.1 and did a "make
RH_KERNELSRC=/usr/src/linux-2.4 rpm" to build the rpm. I get now
4. Install both RPMs and used my "old" ipsec.conf and ipsec.secrets from
my Freeswan 2.04 installation.
5. "cp /lib/modules/2.4.22-1.2174.nptl/kernel/net/ipsec/ipsec.o-i586-smp
/lib/modules/2.4.22-1.2174.nptl/kernel/net/ipsec/ipsec.o" -> What is the
6. depmod -a
7. service ipsec start
Then I see the following in the log:
Apr 13 16:45:14 fw ipsec__plutorun: /usr/local/lib/ipsec/_plutorun: line
1: 12690 Segmentation fault /usr/local/libexec/ipsec/pluto --nofork
--secretsfile /etc/ipsec.secrets --ipsecdir /etc/ipsec.d --debug-none
I cannot stop anymore ipsec. When I do a remotely reboot of the machine,
the machine never reboots and hangs at stop ipsec service.
"ifconfig" or "ip address" does just hang.
I did also the modprobe esp4 and modprobe xfrm_user but these
kernel-modules are never built by the "make rpm" (Where are they?).
Is there someone who is using openswan 2.1.1 on a fedora core 1?
More information about the Users