[Openswan Users] Klips patch
sasa
sasa at shoponweb.it
Wed Oct 19 14:15:19 CEST 2005
Hi, I have tried on more machine of it all i686 and have always the same result therefore task that the procedure that I use is mistaken but I do not succeed to understand where mistake, the steps I am:
..default I have Fedora Core 3 with Kernel 2.6.9-1.667, then:
#yum update kernel
..and now I have a new kernel:
kernel-2.6.12-1.1378_FC3
..then form source:
#rpm -ivh kernel-2.6.12-1.1378_FC3.src.rpm
then I have copied the file:
openswan-2.4.0.kernel-2.6-natt.patch
.. in /usr/src/redhat/SOURCES
..after I have modified the file:
/usr/src/redhat/SPEC/kernel-2.6.spec
in this mode:
Patch1961: openswan-2.4.0.kernel-2.6-natt.patch
..
..
%patch1961 -p1
..
..
cp -fv %{all_arch_configs}
for configfile in *.config
do
echo "CONFIG_IPSEC_NAT_TRAVERSAL=y" >> $configfile
done
..then from:
/usr/src/redhat/SPECS
..now I have made:
#rpmbuild -bp --target=i686 kernel-2.6.spec
...
...
...
> + find . -name '*~' -exec rm -fv '{}' ';'
> + exit 0
..after I have made:
#rpm -hiv openswan-2.4.0-1.src.rpm
#cd /usr/src/redhat/SOURCES
#tar zxvf openswan-2.4.0.tar.gz
#cd openswan-2.4.0/packaging/redhat/
...then edit all config-* files in this mode:
#define CONFIG_KLIPS_NAT_TRAVERSAL 1
#define CONFIG_IPSEC_NAT_TRAVERSAL 1
after...
#rpmbuild -bb /usr/src/redhat/SPECS/openswan.spec --define 'buildklips 1' --define 'kversion
kernel-2.6.12-1.1378_FC3'
... last step is:
#rpm -Uhv /usr/src/redhat/RPMS/i386
..but I have always:
[root at localhost ~]# ipsec verify
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path [OK]
Linux Openswan U2.4.0/K2.6.12-1.1378_FC3 (netkey)
..and obviously I haven't a ipsec0 interface !!
..but why ???
still thanks.
Salvatore.
----- Original Message -----
From: "Paul Wouters" <paul at xelerance.com>
To: "sasa" <sasa at shoponweb.it>
Cc: <users at openswan.org>
Sent: Friday, October 14, 2005 4:38 PM
Subject: Re: [Openswan Users] Klips patch
> On Fri, 14 Oct 2005, sasa wrote:
>
> > Oct 14 11:20:05 fw4 ipsec_setup: KLIPS ipsec0 on eth0 213.92.106.59/255.255.255.248 broadcast 213.92.106.63
>
> That is unfortunately a bogus message that shows up even when using NETKEY.
>
> > ..but and then in ifconfig I don't view a ipsec0 interface !!
>
> Check fore a line that says "Using Linux Kernel 2.6 interface"
>
> Paul
>
More information about the Users
mailing list