R: [Openswan Users] Help required applying NAT-T patch to 2.4.20-8 kernel

Sebastian Zdrojewski sebastian.zdrojewski at technomind.it
Tue May 11 18:51:03 CEST 2004 

Sorry - I made a reply only instead of the reply-all :p

---

There is some kind of bug in that... I've experienced that too on 2.4.26 kernel

You need to:

1. build kernel normal way
2. build kernel with openswan - make menugo)
3. build kernel with nattpatch - make nattpatch | (cd /usr/src/linux && patch -p1 && make bzImage)
4. build kernel again in normal way - make dep clean bzImage modules modules_install install

This will work

:-)

Cheers

Sebastian "En3pY" Zdrojewski




Sebastian Zdrojewski 
Responsabile IT Gruppo
Tel.    +39 02 62610.317
Mobile: +39 349.3304.311
E-mail: sebastian.zdrojewski at technomind.it


 
TECHNOMIND S.p.A.
Via G. Galilei 7 - 20124 Milano
Tel. +39 02 62610.300 - Fax. +39 02 62610.333
Web: http://www.technomind.it 


-----Messaggio originale-----
Da: users-bounces at lists.openswan.org [mailto:users-bounces at lists.openswan.org] Per conto di RUSSELL WHITEAR
Inviato: martedì 11 maggio 2004 13.27
A: users at lists.openswan.org
Oggetto: [Openswan Users] Help required applying NAT-T patch to 2.4.20-8 kernel

Hi,
 
I am new to this list and also do not have much experience with compiling linux kernels, so my apologies if this has already been answered ( I've checked through the list archives for a solution, but couldn't find anything).
 
I am trying to apply the NAT-T patch to the RedHat9 distribution kernel (2.4.20-8) without success. The kernel compiles and boots fine, but I get the following error message reported when pluto control debug is applied:
 
ipsec__plutorun: 003 NAT-Traversal: ESPINUDP(1) not supported by kernel -- NAT-T disabled 
 
I have included below, the exact command sequence that I have been performing. Any ideas would be most welcome.
 
thanks
 
Russ
 

# Install kernel source RPM from RedHat9 distribution CD.
rpm -i /mnt/cdrom/RedHat/RPMS/kernel-source-24.20-8
 
cd /usr/src
 
ln -s ./linux-2.4.20-8 ./linux
 
cd linux
 
make mrproper
 
cp configs/kernel-2.4.20-i686.config ./.config
 
make xconfig          # Just Save and Exit
 
make dep
......
 
make clean
......
 
cd /home/openswan-2.1.2rc3
 
# Apply OpenS/WAN NAT-T patch and compile new bzImage.
make nattpatch | ( cd /usr/src/linux && patch -p1 && make bzImage )
 
patching file include/net/sock.h
Hunk #1 succeeded at 252 (offset 7 lines).
Hunk #2 succeeded at 593 (offset 3 lines).
patching file net/Config.in
Hunk #1 succeeded at 101 (offset 13 lines).
patching file net/ipv4/udp.c
Hunk #1 succeeded at 798 (offset 11 lines).
Hunk #3 succeeded at 1075 (offset 11 lines).
gcc -Wall -Wstrict-prototypes -O2 -fomit-frame-pointer -o scripts/split-include scripts/split-include.c
scripts/split-include include/linux/autoconf.h include/config
......

cd /usr/src/linux
 
make modules
......
 
make modules_install
......
 
cd /home/openswan-2.1.2rc3
 
make KERNELSRC=/usr/src/linux programs module
......
 
make KERNELSRC=/usr/src/linux install minstall
......
 
cd /usr/src/linux
 
make install
......
 
# REBOOT NEW KERNEL
 
service ipsec restart
 
ipsec_setup: Stopping Openswan IPsec...
ipsec_setup: Starting Openswan IPsec 2.1.2rc3...
ipsec_setup: Using /lib/modules/2.4.20-8-test/kernel/ipsec.o
 
tail /var/log/messages
# NAT-T error as displayed in /var/log/messages.
May 11 11:38:08 testarossa ipsec_setup: ...Openswan IPsec started
May 11 11:38:08 testarossa ipsec__plutorun: 003 NAT-Traversal: ESPINUDP(1) not supported by kernel -- NAT-T disabled
 
 
 

More information about the Users mailing list