[Openswan Users] ipsec0 device

Sun Mar 18 23:54:03 EDT 2007

Glad you confirmed this, I was getting confused. 
So I try with a fresh tree to compile my own (KLIPS) stack, with (in the
openswan src directory):

#  make KERNELSRC=/usr/src/linux programs module

... as it says in the README, but it keeps failing with:

... (loads of messages) 
...
WARNING: Kernel source /usr/src/linux has already been patched with
openswan-2, out of tree build might fail!
Building module for a 2.6 kernel
make[1]: Entering directory `/usr/src/openswan-2.4.7'
make[2]: Entering directory `/usr/src/openswan-2.4.7'
make[2]: `/usr/src/openswan-2.4.7/modobj26/Makefile' is up to date.
make[2]: Leaving directory `/usr/src/openswan-2.4.7'
make -C /usr/src/linux  BUILDDIR=/usr/src/openswan-2.4.7/modobj26
SUBDIRS=/usr/src/openswan-2.4.7/modobj26
MODULE_DEF_INCLUDE=/usr/src/openswan-2.4.7/packaging/linus/config-all.h
MODULE_DEFCONFIG=/usr/src/openswan-2.4.7/linux/net/ipsec/defconfig 
MODULE_EXTRA_INCLUDE= ARCH=i386 modules
make[2]: Entering directory `/usr/src/linux-2.6.20.1'

  WARNING: Symbol version dump /usr/src/linux-2.6.20.1/Module.symvers
           is missing; modules will have no dependencies and
modversions.

  CC [M]  /usr/src/openswan-2.4.7/modobj26/ipsec_sa.o
/usr/src/openswan-2.4.7/modobj26/ipsec_sa.c:106: error: structure has no
member named `nfmark'
/usr/src/openswan-2.4.7/modobj26/ipsec_sa.c:106: warning: type defaults
to `int' in declaration of `type name'
/usr/src/openswan-2.4.7/modobj26/ipsec_sa.c: In function `ipsec_SAtest':
/usr/src/openswan-2.4.7/modobj26/ipsec_sa.c:136: error: structure has no
member named `nfmark'
/usr/src/openswan-2.4.7/modobj26/ipsec_sa.c:136: warning: type defaults
to `int' in declaration of `type name'
make[3]: *** [/usr/src/openswan-2.4.7/modobj26/ipsec_sa.o] Error 1
make[2]: *** [_module_/usr/src/openswan-2.4.7/modobj26] Error 2
make[2]: Leaving directory `/usr/src/linux-2.6.20.1'
make[1]: *** [module26] Error 2
make[1]: Leaving directory `/usr/src/openswan-2.4.7'
make: *** [module] Error 2
# 

.... is there a quick way to get past this? 
I plan to study all about kernel compiling and patching and everything
but  time is a bit pressuring me. 

Thanks, 

Vince

> > There is no ipsec interface in transport mode.
> 
> Whether you have ipsecX interfaces only depends on the stack used.
> KLIPS has interfaces, NETKEY does not. It doesn't matter wether you use
> tunnel or transport mode.
> 
> Paul
> -- 
> Building and integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
> 

--
Free e-mail accounts at http://zworg.com