[Openswan Users] Klips patch

sasa sasa at shoponweb.it
Wed Oct 19 14:15:19 CEST 2005 

Hi, I have tried on more machine of it all i686 and have always the same result therefore task that the procedure that I use is mistaken but I do not succeed to understand where mistake, the steps I am:

..default I have Fedora Core 3 with Kernel 2.6.9-1.667, then:

#yum update kernel
 
..and now I have a new kernel:
 
kernel-2.6.12-1.1378_FC3
 
..then form source:

#rpm -ivh kernel-2.6.12-1.1378_FC3.src.rpm

then I have copied the file:
openswan-2.4.0.kernel-2.6-natt.patch

.. in /usr/src/redhat/SOURCES

..after I have modified the file:

/usr/src/redhat/SPEC/kernel-2.6.spec
 
in this mode:
 
Patch1961: openswan-2.4.0.kernel-2.6-natt.patch
..
..
%patch1961 -p1
..
..
cp -fv %{all_arch_configs}
for configfile in *.config
do
        echo "CONFIG_IPSEC_NAT_TRAVERSAL=y" >> $configfile
done

..then from:
 
/usr/src/redhat/SPECS
 
..now I have made:
 
#rpmbuild -bp --target=i686  kernel-2.6.spec
...
...
... 
> + find . -name '*~' -exec rm -fv '{}' ';'
> + exit 0

..after I have made:

#rpm -hiv openswan-2.4.0-1.src.rpm
#cd /usr/src/redhat/SOURCES
#tar zxvf openswan-2.4.0.tar.gz
#cd openswan-2.4.0/packaging/redhat/

...then edit all config-* files in this mode:

#define CONFIG_KLIPS_NAT_TRAVERSAL 1
#define CONFIG_IPSEC_NAT_TRAVERSAL 1

after...

#rpmbuild -bb /usr/src/redhat/SPECS/openswan.spec --define 'buildklips 1' --define 'kversion 
kernel-2.6.12-1.1378_FC3'

... last step is:

#rpm -Uhv /usr/src/redhat/RPMS/i386

..but I have always:

[root at localhost ~]# ipsec verify
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path                                 [OK]
Linux Openswan U2.4.0/K2.6.12-1.1378_FC3 (netkey)

..and obviously I haven't a ipsec0 interface !!
..but why ???
still thanks.


        Salvatore.

----- Original Message ----- 
From: "Paul Wouters" <paul at xelerance.com>
To: "sasa" <sasa at shoponweb.it>
Cc: <users at openswan.org>
Sent: Friday, October 14, 2005 4:38 PM
Subject: Re: [Openswan Users] Klips patch


> On Fri, 14 Oct 2005, sasa wrote:
> 
> > Oct 14 11:20:05 fw4 ipsec_setup: KLIPS ipsec0 on eth0 213.92.106.59/255.255.255.248 broadcast 213.92.106.63
> 
> That is unfortunately a bogus message that shows up even when using NETKEY.
> 
> > ..but and then in ifconfig I don't view a ipsec0 interface !!
> 
> Check fore a line that says "Using Linux Kernel 2.6 interface"
> 
> Paul
>

More information about the Users mailing list