[Openswan Users] KLIPS openswan 2.4.0 Kernel 2.6.12 Fedora Core 4

Ola Albertsson oa at cyberstore.se
Mon May 15 12:50:03 CEST 2006 

Hi, I have problems building a klips kernel in FC4. So nobody posts 
replys that I can use NETKEY, I really need KLIPS.

When I run ipsec verify i get these messages:
[root at server1 sbin]# ipsec verify
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path                                 [OK]
Linux Openswan 2.4.0 (klips)
Checking for IPsec support in kernel                            [OK]
Checking for RSA private key (/etc/ipsec.secrets)               [OK]
Checking that pluto is running                                  [FAILED]
whack: is Pluto running?  connect() for "/var/run/pluto/pluto.ctl" 
failed (111 Connection refused)
Two or more interfaces found, checking IP forwarding            [FAILED]
whack: is Pluto running?  connect() for "/var/run/pluto/pluto.ctl" 
failed (111 Connection refused)
Checking NAT and MASQUERADEing                                  [OK]
Checking for 'ip' command                                       [OK]
Checking for 'iptables' command                                 [OK]
Opportunistic Encryption Support                                [DISABLED]

These are the steps I did to build my kernel.
mv openswan* /usr/src/
tar -zxvf openswan-2.4.0.tar.gz
gunzip openswan-2.4.0.kernel-2.6-klips.patch.gz
gunzip openswan-2.4.0.kernel-2.6-natt.patch.gz
bzip2 -cd linux-2.6.12.1.tar.bz2 | tar xvf - -C /usr/src/
cd /usr/src/linux-2.6.12.1/
patch -p1<../openswan-2.4.0.kernel-2.6-klips.patch
patch -p1<../openswan-2.4.0.kernel-2.6-natt.patch
make mrproper
cd /usr/src/
ln -s linux-2.6.12.1 linux
make oldconfig
make menuconfig
enable Networking / Networking options / IPSEC Nat-Traversal
enable Networking / Networking options / Openswan IPsec (KLIPS26) as a 
module "M"
make all
make modules_install
make install
edit /etc/grub.conf so it boots the new kernel
reboot
cd /usr/src/openswan-2.4.0
export KERNELSRC=/lib/modules/`uname -r`/build
make module26
make minstall26
depmod -a
modprobe ipsec
make programs
make install

ipsec --version
Linux Openswan 2.4.0 (klips)
See `ipsec --copyright' for copyright information.

reboot
ipsec verify
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path                                 [OK]
Linux Openswan 2.4.0 (klips)
Checking for IPsec support in kernel                            [OK]
Checking for RSA private key (/etc/ipsec.secrets)               [OK]
Checking that pluto is running                                  [FAILED]
whack: is Pluto running?  connect() for "/var/run/pluto/pluto.ctl" 
failed (111 Connection refused)
Two or more interfaces found, checking IP forwarding            [FAILED]
whack: is Pluto running?  connect() for "/var/run/pluto/pluto.ctl" 
failed (111 Connection refused)
Checking NAT and MASQUERADEing                                  [OK]
Checking for 'ip' command                                       [OK]
Checking for 'iptables' command                                 [OK]
Opportunistic Encryption Support                                [DISABLED]

Have I done something wrong when I built the new kernel or is it 
something else that is wrong?

/Ola


-- 

Ola Albertsson
Qwert Cyberstore AB
Romansvägen 6
131 04 Nacka

Phone: +46 (0)8 556 74 478
Cell: +46 (0)736 17 22 85
Fax: +46 (0)8 601 96 89

www.cyberstore.se <http://www.cyberstore.se>    oa at cyberstore.se 
<mailto:oa at cyberstore.se>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20060515/cc8ed1ba/attachment.htm

More information about the Users mailing list