[Openswan Users] Openswan not working on fedora core 1

[Peter Baumann]

Paul Wouters wrote:

>On Wed, 7 Apr 2004, Peter B. wrote:
>  
>
>>I try now since some days to start openswan-2.1.1 on fedora linux core 1 
>>without success.
>>    
>>
>
>Can you try to manually do:
>modprobe esp4
>modprobe xfrm_user
>
>And let me know if the problem remains.
>
>Also, it might help if you can check the core dump and see what it says.
>You need to define dumpdir= in ipsec.conf, setup section (eg to /tmp) and
>then use gdb on the core.
>
>Paul
>
>
>  
>
Hi Paul

Sorry for the delay, I was away from the office the last days.

I tried again to do the following:

1. I used the "kernel-2.4.22-1.2174.nptl.src.rpm" to build my own 2174 
fedora kernel and I applied the NAT-T patch to it.
2. Installed the Kernel on my firewall
3. Downloaded openswan 2.1.1 and did a "make 
RH_KERNELSRC=/usr/src/linux-2.4 rpm" to build the rpm. I get now 
"freeswan-module-2.1.1_2.4.22_1.2174.nptlln-0.i386.rpm" and 
"freeswan-userland-2.1.1_2.4.22_1.2174.nptlln-0.i386.rpm".
4. Install both RPMs and used my "old" ipsec.conf and ipsec.secrets from 
my Freeswan 2.04 installation.
5. "cp /lib/modules/2.4.22-1.2174.nptl/kernel/net/ipsec/ipsec.o-i586-smp 
/lib/modules/2.4.22-1.2174.nptl/kernel/net/ipsec/ipsec.o" -> What is the 
"/lib/modules/2.4.22-1.2174.nptlln/kernel/net/ipsec/a2c7c83a" file?
6. depmod -a
7. service ipsec start

Then I see the following in the log:

.
.
Apr 13 16:45:14 fw ipsec__plutorun: /usr/local/lib/ipsec/_plutorun: line 
1: 12690 Segmentation fault      /usr/local/libexec/ipsec/pluto --nofork 
--secretsfile /etc/ipsec.secrets --ipsecdir /etc/ipsec.d --debug-none 
--uniqueids
.
.


I cannot stop anymore ipsec. When I do a remotely reboot of the machine, 
the machine never reboots and hangs at stop ipsec service.

I did also the modprobe esp4 and modprobe xfrm_user but these 
kernel-modules are never built by the "make rpm" (Where are they?).

Is there someone who is using openswan 2.1.1 on a fedora core 1?

Thanks

Peter