[Openswan Users] Pluto crash problem
Shinping Chen
c64683 at gmail.com
Mon Aug 14 09:49:08 EDT 2006
Hi all,
I use openswan 2.4.4 on Debian linux with kernel 2.6.13
but when I use ipsec verify command
I got these messages.
# ipsec verify
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path [OK]
Linux Openswan U2.4.4/K2.6.13(netkey)
Checking for IPsec support in kernel [OK]
Checking for RSA private key (/etc/ipsec.secrets) [OK]
Checking that pluto is running
[FAILED]
whack: is Pluto running? connect() for "/var/run/pluto/pluto.ctl"
failed (146 Connection refused)
Checking for 'ip' command
[FAILED]
Checking for 'iptables' command [OK]
Checking for 'setkey' command for NETKEY IPsec stack support
[FAILED]
Opportunistic Encryption Support
[DISABLED]
I check /var/log/auth.log ,find these logs
(It's a quite long message)
Aug 13 17:48:01 localhost ipsec__plutorun: Starting Pluto subsystem...
Aug 13 17:48:03 localhost pluto[918]: Starting Pluto (Openswan Version 2.4.4
X.509-1.5.4 PL
UTO_SENDS_VENDORID PLUTO_USES_KEYRR; Vendor ID OEz}FFFfgr_e)
Aug 13 17:48:04 localhost pluto[918]: Setting NAT-Traversal port-4500
floating to off
Aug 13 17:48:04 localhost pluto[918]: port floating activation criteria
nat_t=0/port_fload=1
Aug 13 17:48:04 localhost pluto[918]: including NAT-Traversal patch
(Version 0.6c) [disabled]
¡ô
In Fedora Core 4, got same log message ,I think that isn't a problem
Aug 13 17:48:05 localhost pluto[918]: ike_alg_register_enc(): Activating
OAKLEY_AES_CBC: Ok (ret=0)
Aug 13 17:48:05 localhost pluto[918]: starting up 1 cryptographic helpers
Aug 13 17:48:05 localhost pluto[918]: started helper pid=923 (fd:6)
Aug 13 17:48:05 localhost pluto[918]: Using Linux 2.6 IPsec interface code
on 2.6.13.5
Aug 13 17:48:05 localhost pluto[918]: ASSERTION FAILED at kernel_alg.c:264:
buflen>0
Aug 13 17:48:05 localhost pluto[918]: %myid = (none)
Aug 13 17:48:05 localhost pluto[918]: debug none
¡ô
I guess problem in here,but I don't know how to slove this problem
Aug 13 17:48:05 localhost pluto[918]:
Aug 13 17:48:06 localhost pluto[918]:
Aug 13 17:48:06 localhost pluto[918]: algorithm IKE encrypt: id=5,
name=OAKLEY_3DES_CBC, blocksize=8, keydeflen=192
Aug 13 17:48:06 localhost pluto[918]: algorithm IKE encrypt: id=7,
name=OAKLEY_AES_CBC, blocksize=16, keydeflen=128
Aug 13 17:48:07 localhost pluto[918]: algorithm IKE hash: id=1,
name=OAKLEY_MD5, hashsize=16
Aug 13 17:48:07 localhost pluto[918]: algorithm IKE hash: id=2,
name=OAKLEY_SHA1, hashsize=20
Aug 13 17:48:07 localhost pluto[918]: algorithm IKE dh group: id=2,
name=OAKLEY_GROUP_MODP1024, bits=1024
Aug 13 17:48:07 localhost pluto[918]: algorithm IKE dh group: id=5,
name=OAKLEY_GROUP_MODP1536, bits=1536
Aug 13 17:48:07 localhost pluto[918]: algorithm IKE dh group: id=14,
name=OAKLEY_GROUP_MODP2048, bits=2048
Aug 13 17:48:07 localhost pluto[918]: algorithm IKE dh group: id=15,
name=OAKLEY_GROUP_MODP3072, bits=3072
Aug 13 17:48:07 localhost pluto[918]: algorithm IKE dh group: id=16,
name=OAKLEY_GROUP_MODP4096, bits=4096
Aug 13 17:48:07 localhost pluto[918]: algorithm IKE dh group: id=17,
name=OAKLEY_GROUP_MODP6144, bits=6144
Aug 13 17:48:07 localhost pluto[918]: algorithm IKE dh group: id=18,
name=OAKLEY_GROUP_MODP8192, bits=8192
Aug 13 17:48:08 localhost pluto[918]:
Aug 13 17:48:08 localhost pluto[918]: stats db_ops.c: {curr_cnt, total_cnt,
maxsz} :context
={0,0,0} trans={0,0,0} attrs={0,0,0}
Aug 13 17:48:08 localhost pluto[918]:
Aug 13 17:48:08 localhost last message repeated 2 times
Aug 13 17:48:22 localhost ipsec__plutorun: Restarting Pluto subsystem...
so Pluto can't start successfully
Thanks for ur help
--
Shinping Chen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20060814/f71d9046/attachment.htm
More information about the Users
mailing list