R: [Openswan Users] Help required applying NAT-T patch to 2.4.20-8
kernel
Sebastian Zdrojewski
sebastian.zdrojewski at technomind.it
Tue May 11 18:51:03 CEST 2004
Sorry - I made a reply only instead of the reply-all :p
---
There is some kind of bug in that... I've experienced that too on 2.4.26 kernel
You need to:
1. build kernel normal way
2. build kernel with openswan - make menugo)
3. build kernel with nattpatch - make nattpatch | (cd /usr/src/linux && patch -p1 && make bzImage)
4. build kernel again in normal way - make dep clean bzImage modules modules_install install
This will work
:-)
Cheers
Sebastian "En3pY" Zdrojewski
Sebastian Zdrojewski
Responsabile IT Gruppo
Tel. +39 02 62610.317
Mobile: +39 349.3304.311
E-mail: sebastian.zdrojewski at technomind.it
TECHNOMIND S.p.A.
Via G. Galilei 7 - 20124 Milano
Tel. +39 02 62610.300 - Fax. +39 02 62610.333
Web: http://www.technomind.it
-----Messaggio originale-----
Da: users-bounces at lists.openswan.org [mailto:users-bounces at lists.openswan.org] Per conto di RUSSELL WHITEAR
Inviato: martedì 11 maggio 2004 13.27
A: users at lists.openswan.org
Oggetto: [Openswan Users] Help required applying NAT-T patch to 2.4.20-8 kernel
Hi,
I am new to this list and also do not have much experience with compiling linux kernels, so my apologies if this has already been answered ( I've checked through the list archives for a solution, but couldn't find anything).
I am trying to apply the NAT-T patch to the RedHat9 distribution kernel (2.4.20-8) without success. The kernel compiles and boots fine, but I get the following error message reported when pluto control debug is applied:
ipsec__plutorun: 003 NAT-Traversal: ESPINUDP(1) not supported by kernel -- NAT-T disabled
I have included below, the exact command sequence that I have been performing. Any ideas would be most welcome.
thanks
Russ
# Install kernel source RPM from RedHat9 distribution CD.
rpm -i /mnt/cdrom/RedHat/RPMS/kernel-source-24.20-8
cd /usr/src
ln -s ./linux-2.4.20-8 ./linux
cd linux
make mrproper
cp configs/kernel-2.4.20-i686.config ./.config
make xconfig # Just Save and Exit
make dep
......
make clean
......
cd /home/openswan-2.1.2rc3
# Apply OpenS/WAN NAT-T patch and compile new bzImage.
make nattpatch | ( cd /usr/src/linux && patch -p1 && make bzImage )
patching file include/net/sock.h
Hunk #1 succeeded at 252 (offset 7 lines).
Hunk #2 succeeded at 593 (offset 3 lines).
patching file net/Config.in
Hunk #1 succeeded at 101 (offset 13 lines).
patching file net/ipv4/udp.c
Hunk #1 succeeded at 798 (offset 11 lines).
Hunk #3 succeeded at 1075 (offset 11 lines).
gcc -Wall -Wstrict-prototypes -O2 -fomit-frame-pointer -o scripts/split-include scripts/split-include.c
scripts/split-include include/linux/autoconf.h include/config
......
cd /usr/src/linux
make modules
......
make modules_install
......
cd /home/openswan-2.1.2rc3
make KERNELSRC=/usr/src/linux programs module
......
make KERNELSRC=/usr/src/linux install minstall
......
cd /usr/src/linux
make install
......
# REBOOT NEW KERNEL
service ipsec restart
ipsec_setup: Stopping Openswan IPsec...
ipsec_setup: Starting Openswan IPsec 2.1.2rc3...
ipsec_setup: Using /lib/modules/2.4.20-8-test/kernel/ipsec.o
tail /var/log/messages
# NAT-T error as displayed in /var/log/messages.
May 11 11:38:08 testarossa ipsec_setup: ...Openswan IPsec started
May 11 11:38:08 testarossa ipsec__plutorun: 003 NAT-Traversal: ESPINUDP(1) not supported by kernel -- NAT-T disabled
More information about the Users
mailing list