[Openswan Users] Null pointer error message

Mike Horn lists at caddisconsulting.com
Fri Oct 27 13:41:30 EDT 2006 

Hi,

I have a test system running that uses several UML guests with Openswan
(2.4.7rc2, 2.6.18.1 kernel, KLIPS) configured.  I'm able to establish and
pass traffic over site-to-site tunnels, but when I enabled KLIPS debugging
(spi & xform) I noticed the following error entry being generated for every
packet that is encrypted and sent over the tunnel:

Oct 27 13:27:51 uml-5 kernel: klips_error:ipsec_sa_put: null pointer passed
in!

This error is followed by:

Oct 27 13:27:51 uml-5 kernel: klips_debug:ipsec_sa_getbyid: linked entry in
ipsec_sa table for hash=249 of SA:esp.a4919083 at 172.3.3.5 requested.

I get the same message on both sides on the tunnel.  I see that there is a
bug open on this (472) but it doesn't appear that bug has been updated for
almost a year.  Is this error message something I should be worried about?
I added a note to the bug with the version information where I am still
seeing the log message.

-mike

Here are my configuration files for one side:

[root at uml-5 ~]# cat /etc/ipsec.conf
# /etc/ipsec.conf - Openswan IPsec configuration file
# RCSID $Id: ipsec.conf.in,v 1.15.2.2 2005/11/14 20:10:27 paul Exp $

# This file:  /usr/share/doc/openswan/ipsec.conf-sample
#
# Manual:     ipsec.conf.5

version 2.0     # conforms to second version of ipsec.conf specification

# global settings
config setup
        interfaces="ipsec0=eth1 ipsec1=eth2"
        nat_traversal=yes
        virtual_private=%v4:192.168.60.0/24

# disable implicit connections

conn clear
        auto=ignore

conn clear-or-private
        auto=ignore

conn private-or-clear
        auto=ignore

conn private
       auto=ignore

conn block
       auto=ignore

conn packetdefault
        auto=ignore

include /etc/ipsec.d/tunnels/peer-172.4.4.7-tunnel-1
[root at uml-5 ~]#

<<<<<<<<<<<<>>>>>>>>>>>>>>

[root at uml-5 ~]# cat /etc/ipsec.d/tunnels/peer-172.4.4.7-tunnel-1
conn peer-172.4.4.7-tunnel-1
        left=172.3.3.5
        leftsubnet=192.168.40.0/24
        right=172.4.4.7
        rightsubnet=192.168.60.0/24
        authby=secret
        auto=start
        ike="aes256-sha1,aes128-sha1"
        ikelifetime=3600s
        esp="aes256-sha1,3des-md5"
        keylife=1800s

[root at uml-5 ~]#

<<<<<<<<<<<<<<<>>>>>>>>>>>



-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20061027/94b859f0/attachment.html

More information about the Users mailing list