[Openswan Users] Klips patch

Oliver Tomkins oliver.tomkins at alliedvehicles.co.uk
Wed Oct 19 14:11:36 CEST 2005


I had similar issues with FC3.

I ended up with using a vanilla 2.6.11 kernel (as recommended on here) 
with the 2.6 KLIPS patch.

Then installed the two packages you listed below (in the other order) 
and it seems to work fine.

HTH

Olly.




sasa wrote:
> .. only for tell precisely the last step is:
> 
> #rpm -Uhv /usr/src/redhat/RPMS/i386/openswan-klips-2.4.0-2.6.12_1.1378_FC3_1.i386.rpm
> #rpm -Uhv /usr/src/redhat/RPMS/i386/openswan-2.4.0-1.i386.rpm
> 
> thanks.
> 
>         Salvatore.
> 
> 
> ----- Original Message ----- 
> From: "sasa" <sasa at shoponweb.it>
> To: "Paul Wouters" <paul at xelerance.com>
> Cc: <users at openswan.org>
> Sent: Wednesday, October 19, 2005 1:15 PM
> Subject: Re: [Openswan Users] Klips patch
> 
> 
> Hi, I have tried on more machine of it all i686 and have always the same result therefore task that the procedure that I use is mistaken but I do not succeed to understand where mistake, the steps I am:
> 
> ..default I have Fedora Core 3 with Kernel 2.6.9-1.667, then:
> 
> #yum update kernel
>  
> ..and now I have a new kernel:
>  
> kernel-2.6.12-1.1378_FC3
>  
> ..then form source:
> 
> #rpm -ivh kernel-2.6.12-1.1378_FC3.src.rpm
> 
> then I have copied the file:
> openswan-2.4.0.kernel-2.6-natt.patch
> 
> .. in /usr/src/redhat/SOURCES
> 
> ..after I have modified the file:
> 
> /usr/src/redhat/SPEC/kernel-2.6.spec
>  
> in this mode:
>  
> Patch1961: openswan-2.4.0.kernel-2.6-natt.patch
> ..
> ..
> %patch1961 -p1
> ..
> ..
> cp -fv %{all_arch_configs}
> for configfile in *.config
> do
>         echo "CONFIG_IPSEC_NAT_TRAVERSAL=y" >> $configfile
> done
> 
> ..then from:
>  
> /usr/src/redhat/SPECS
>  
> ..now I have made:
>  
> #rpmbuild -bp --target=i686  kernel-2.6.spec
> ...
> ...
> ... 
>> + find . -name '*~' -exec rm -fv '{}' ';'
>> + exit 0
> 
> ..after I have made:
> 
> #rpm -hiv openswan-2.4.0-1.src.rpm
> #cd /usr/src/redhat/SOURCES
> #tar zxvf openswan-2.4.0.tar.gz
> #cd openswan-2.4.0/packaging/redhat/
> 
> ...then edit all config-* files in this mode:
> 
> #define CONFIG_KLIPS_NAT_TRAVERSAL 1
> #define CONFIG_IPSEC_NAT_TRAVERSAL 1
> 
> after...
> 
> #rpmbuild -bb /usr/src/redhat/SPECS/openswan.spec --define 'buildklips 1' --define 'kversion 
> kernel-2.6.12-1.1378_FC3'
> 
> ... last step is:
> 
> #rpm -Uhv /usr/src/redhat/RPMS/i386
> 
> ..but I have always:
> 
> [root at localhost ~]# ipsec verify
> Checking your system to see if IPsec got installed and started correctly:
> Version check and ipsec on-path                                 [OK]
> Linux Openswan U2.4.0/K2.6.12-1.1378_FC3 (netkey)
> 
> ..and obviously I haven't a ipsec0 interface !!
> ..but why ???
> still thanks.
> 
> 
>         Salvatore.
> 
> ----- Original Message ----- 
> From: "Paul Wouters" <paul at xelerance.com>
> To: "sasa" <sasa at shoponweb.it>
> Cc: <users at openswan.org>
> Sent: Friday, October 14, 2005 4:38 PM
> Subject: Re: [Openswan Users] Klips patch
> 
> 
>> On Fri, 14 Oct 2005, sasa wrote:
>>
>>> Oct 14 11:20:05 fw4 ipsec_setup: KLIPS ipsec0 on eth0 213.92.106.59/255.255.255.248 broadcast 213.92.106.63
>> That is unfortunately a bogus message that shows up even when using NETKEY.
>>
>>> ..but and then in ifconfig I don't view a ipsec0 interface !!
>> Check fore a line that says "Using Linux Kernel 2.6 interface"
>>
>> Paul
>>
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> 
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> 

The information in this e-mail is confidential. The contents may not be disclosed or used by anyone other than the addressee. If you are not the intended recipient, please notify the sender immediately by reply e-mail and delete this message. Allied Vehicles cannot accept any responsibility for the accuracy or completeness of this message as it has been transmitted over a public network.
For details of our products and services please visit our website at www.alliedvehicles.co.uk


More information about the Users mailing list