[Openswan Users] MODVERSIONS & interfaces
Paul Wouters
paul at xelerance.com
Wed Oct 6 11:11:44 CEST 2004
On Tue, 5 Oct 2004, Carlos G Mendioroz wrote:
> I've just downloaded 2.2.0 to try some stuff.
> In so doing I run into a problem, that seems to be caused by the ipsec.o
> Makefile (.../linux/net/ipsec/Makefile) assuming kernel is compiled with
> MODVERSIONS.
> (Mine is not because a hardware provider provides drivers w/o them :-()
This is a known bug, and Michael is fixing this in CVS.
> On another track, is there a doc or some place to read info on the flow
> packets take throw interfaces ? I'm trying to understand what rules
> (iptables) should be changed and how when implementing ipsec.
There is a diagram of this floating around somewhere, either on sandelman or
freeswan.ca.
> Some info on routing would be helpful too! I noticed some split default
> tricks on some configs (route to 0.0.0.0/1 and 128.0.0.0/1 to ipsec0) and
> would like to understand them...
That is Opportunistic Encryption. Just include /etc/ipsec.d/examples/no_oe.conf
in /etc/ipsec.conf if you don't want that.
Paul
--
"Non cogitamus, ergo nihil sumus"
More information about the Users
mailing list