[Openswan Users] Help required applying NAT-T patch to 2.4.20-8 kernel

RUSSELL WHITEAR rwhitear at btinternet.com
Tue May 11 13:26:51 CEST 2004 

Hi,
 
I am new to this list and also do not have much experience with compiling linux kernels, so my apologies if this has already been answered ( I've checked through the list archives for a solution, but couldn't find anything).
 
I am trying to apply the NAT-T patch to the RedHat9 distribution kernel (2.4.20-8) without success. The kernel compiles and boots fine, but I get the following error message reported when pluto control debug is applied:
 
ipsec__plutorun: 003 NAT-Traversal: ESPINUDP(1) not supported by kernel -- NAT-T disabled 
I have included below, the exact command sequence that I have been performing. Any ideas would be most welcome.
 
thanks
 
Russ
 

# Install kernel source RPM from RedHat9 distribution CD.
rpm -i /mnt/cdrom/RedHat/RPMS/kernel-source-24.20-8
 
cd /usr/src
 
ln -s ./linux-2.4.20-8 ./linux
 
cd linux
 
make mrproper
 
cp configs/kernel-2.4.20-i686.config ./.config
 
make xconfig          # Just Save and Exit
 
make dep
......
 
make clean
......
 
cd /home/openswan-2.1.2rc3
 
# Apply OpenS/WAN NAT-T patch and compile new bzImage.
make nattpatch | ( cd /usr/src/linux && patch -p1 && make bzImage )
 
patching file include/net/sock.h
Hunk #1 succeeded at 252 (offset 7 lines).
Hunk #2 succeeded at 593 (offset 3 lines).
patching file net/Config.in
Hunk #1 succeeded at 101 (offset 13 lines).
patching file net/ipv4/udp.c
Hunk #1 succeeded at 798 (offset 11 lines).
Hunk #3 succeeded at 1075 (offset 11 lines).
gcc -Wall -Wstrict-prototypes -O2 -fomit-frame-pointer -o scripts/split-include scripts/split-include.c
scripts/split-include include/linux/autoconf.h include/config
......

cd /usr/src/linux
 
make modules
......
 
make modules_install
......
 
cd /home/openswan-2.1.2rc3
 
make KERNELSRC=/usr/src/linux programs module
......
 
make KERNELSRC=/usr/src/linux install minstall
......
 
cd /usr/src/linux
 
make install
......
 
# REBOOT NEW KERNEL
 
service ipsec restart
 
ipsec_setup: Stopping Openswan IPsec...
ipsec_setup: Starting Openswan IPsec 2.1.2rc3...
ipsec_setup: Using /lib/modules/2.4.20-8-test/kernel/ipsec.o
 
tail /var/log/messages
# NAT-T error as displayed in /var/log/messages.
May 11 11:38:08 testarossa ipsec_setup: ...Openswan IPsec started
May 11 11:38:08 testarossa ipsec__plutorun: 003 NAT-Traversal: ESPINUDP(1) not supported by kernel -- NAT-T disabled
 
 
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20040511/4a056ed5/attachment.htm

More information about the Users mailing list