[Openswan Users] Upgrading openswan 2.4.0 to 2.4.5

Can Akalin canakalin77 at gmail.com
Wed Mar 22 11:41:48 CET 2006


Hello,
After I restarted the linux box, I got ipsec and openswan back. :) Thank you
Paul.

I copied my old ipsec,conf and ipsec.secrets files back to /etc folder and
started the openswan.

ipsec verify command gives me 2 [FAILED] lines that I did not have before;


Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path
[OK]
Linux Openswan U2.4.5rc5/K2.6.13-15-smp (netkey)
Checking for IPsec support in kernel
[OK]
NETKEY detected, testing for disabled ICMP send_redirects    [FAILED]
Please disable /proc/sys/net/ipv4/conf/*/send_redirects
or NETKEY will cause the sending of bogus ICMP redirects!
NETKEY detected, testing for disabled ICMP accept_redirects [FAILED]
Please disable /proc/sys/net/ipv4/conf/*/accept_redirects
or NETKEY will accept bogus ICMP redirects!
Checking for RSA private key (/etc/ipsec.secrets)                     [OK]
Checking that pluto is running [OK]
Two or more interfaces found, checking IP forwarding                [OK]
Checking NAT and MASQUERADEing                                     [OK]
Checking for 'ip'
command                                                       [OK]
Checking for 'iptables' command
[OK]
Opportunistic Encryption
Support                                            [DISABLED]

And this is from /var/log/messages;

Mar 22 11:21:34 linuxserver ipsec_setup: ...Openswan IPsec started

Mar 22 11:21:34 linuxserver ipsec_setup: Starting Openswan IPsec 2.4.5rc5...

Mar 22 11:21:34 linuxserver ipsec_setup: insmod
/lib/modules/2.6.13-15-smp/kernel/net/key/af_key.ko

Mar 22 11:21:34 linuxserver ipsec_setup: insmod
/lib/modules/2.6.13-15-smp/kernel/net/ipv4/xfrm4_tunnel.ko

Mar 22 11:21:34 linuxserver ipsec_setup: insmod
/lib/modules/2.6.13-15-smp/kernel/net/xfrm/xfrm_user.ko

Mar 22 11:21:34 linuxserver ipsec_setup: insmod
/lib/modules/2.6.13-15-smp/kernel/drivers/char/hw_random.ko

Mar 22 11:21:34 linuxserver ipsec_setup: FATAL: Error inserting hw_random
(/lib/modules/2.6.13-15-smp/kernel/drivers/char/hw_random.ko): No such
device

Mar 22 11:21:34 linuxserver ipsec_setup: insmod
/lib/modules/2.6.13-15-smp/kernel/drivers/crypto/padlock.ko

Mar 22 11:21:34 linuxserver ipsec_setup: FATAL: Error inserting padlock
(/lib/modules/2.6.13-15-smp/kernel/drivers/crypto/padlock.ko): No such
device

Mar 22 11:21:34 linuxserver pluto[6472]: starting up 1 cryptographic helpers

Mar 22 11:21:34 linuxserver pluto[6472]: started helper pid=6482 (fd:6)

Mar 22 11:21:34 linuxserver pluto[6472]: Using Linux 2.6 IPsec interface
code on 2.6.13-15-smp







Thank you

Can Akalin


On 3/22/06, Paul Wouters <paul at xelerance.com> wrote:
>
> On Wed, 22 Mar 2006, Can Akalin wrote:
>
> > rpm -e openswan
> >
> > command and now I don't have openswan!
> >
> > I again followed the commands
> >
> > #cd /usr/src/openswan-2.#.#
> >     #make programs
> >     #make install
> >
> > BUT nothing has happened. I do not have openswan and ipsec. Only thing I
> saw
> > while I was running  #make programs  command are " Entering directory
> > ..."  , " Leaving directory... " and " Nothing to be done for 'programs'
> "
> >
> > I have libgmp, gawk, flex and bison installed in my Suse Linux
> 2.6.13-15box.
> >
> > Can anyone tell me what am I missing?
>
> relogin or type 'hash -r'
>
> the ipsec command moved from /usr/sbin/ipsec from the rpm, to
> /usr/local/sbin/ipsec
> from the source install.
>
> Paul
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20060322/e1f2087b/attachment.htm


More information about the Users mailing list