[Openswan Users] kernel patch NAT TRAVERSAL
David McCullough
David_Mccullough at securecomputing.com
Sun Apr 13 19:06:07 EDT 2008
Jivin Henry Gunter lays it down ...
> Thanks Julien, This is the contents of net/ipv4/udp.c.rej
IIRC you were applying the patch to 2.6.22 ?
If you are applying to 2.6.23, do you have any other patches applied ?
Just looking at the diffs here I don't think applying to 2.6.22 is a good
idea. I think I can generate a new 2.6.22 based patch if needed, but I only
know that it was compiling, we hadn't tested NAT-T with 2.6.22 specifically.
Cheers,
Davidm
> ***************
> *** 1349,1354 ****
> case 0:
> case UDP_ENCAP_ESPINUDP:
> case UDP_ENCAP_ESPINUDP_NON_IKE:
> up->encap_rcv = xfrm4_udp_encap_rcv;
> /* FALLTHROUGH */
> case UDP_ENCAP_L2TPINUDP:
> --- 1472,1482 ----
> case 0:
> case UDP_ENCAP_ESPINUDP:
> case UDP_ENCAP_ESPINUDP_NON_IKE:
> + #if defined(CONFIG_XFRM) || defined(CONFIG_IPSEC_NAT_TRAVERSAL)
> + if (xfrm4_rcv_encap_func)
> + up->encap_rcv = xfrm4_udp_encap_rcv_wrapper;
> + else
> + #endif
> up->encap_rcv = xfrm4_udp_encap_rcv;
> /* FALLTHROUGH */
> case UDP_ENCAP_L2TPINUDP:
>
> henryg
>
>
> Julien DELEAN wrote:
> > take a look at this file : net/ipv4/udp.c.rej in your kernel source
> > directory...
> >
> > Maybe it's only blank line or comment.
> >
> > Julien
> >
> > 2008/4/8, vpn <vpn at henryg.net <mailto:vpn at henryg.net>>:
> >
> > Paul Wouters wrote:
> >> On Mon, 7 Apr 2008, vpn wrote:
> >>
> >>
> >>> Subject: [Openswan Users] kernel patch NAT TRAVERSAL
> >>>
> >>> I am trying to patch linux-2.6.22.19. I am following the instructions on
> >>> the wiki http://wiki.openswan.org/index.php/BuildingFromTarballsFor2/6
> >>>
> >>> and/or the openswan book chapter 3. I have tried version 2.4.10, 2.4.12,
> >>> 2.5.17 and 2.6.10. <http://2.6.10.> They all fail with similar output.
> >>>
> >>>
> >>
> >> Try: ftp://ftp.openswan.org/openswan/openswan-2.4.x.kernel-2.6.23-natt.patch
> >>
> >>
> > Thanks Paul, for your quick reply, but No joy.
> >
> > dev64:/usr/src# cd linux
> > dev64:/usr/src/linux# cat
> > ../openswan-2.4.x.kernel-2.6.23-natt.patch | patch -p1
> > patching file net/ipv4/Kconfig
> > Hunk #1 succeeded at 409 (offset 42 lines).
> > patching file net/ipv4/udp.c
> > Hunk #1 succeeded at 101 (offset -1 lines).
> > Hunk #2 succeeded at 1018 with fuzz 1 (offset 97 lines).
> > Hunk #3 FAILED at 1472.
> > Hunk #4 succeeded at 1870 (offset 94 lines).
> > 1 out of 4 hunks FAILED -- saving rejects to file net/ipv4/udp.c.rej
> > patching file include/net/xfrmudp.h
> >
> >
> > _______________________________________________
> > Users at openswan.org <mailto:Users at openswan.org>
> > http://lists.openswan.org/mailman/listinfo/users
> > Building and Integrating Virtual Private Networks with Openswan:
> > http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
> >
> >
>
> --
> -------------------------------------------------------------------------------
> HenryG.NET LLC. Office:(850) 579-8043
> Web:http://www.henryg.net/ Cell:(850) 258-2100
> Email:henryg at henryg.net Fax:(850) 579-4034
>
> Bringing Service To You!
> -------------------------------------------------------------------------------
> CONFIDENTIALITY NOTICE!
> This email message, including any attachments, is for the sole use of
> the intended recicient's and may contain confidential or proprietary
> information. Any unauthroized review, use, disclosure or distribution
> is prohibited. If you are not the intended recipient contact the sender
> by reply e-mail and destroy all copies or the original message.
> -------------------------------------------------------------------------------
>
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
--
David McCullough, david_mccullough at securecomputing.com, Ph:+61 734352815
Secure Computing - SnapGear http://www.uCdot.org http://www.snapgear.com
More information about the Users
mailing list