[Openswan Users] Irritating warnings/error messages

Torsten Luettgert t.luettgert at pressestimmen.de
Fri Apr 18 10:40:06 EDT 2008


Hi all,

I'm using openswan for IPSEC connections on an embedded box we're
building. The box runs linux 2.6.24.4 with netkey, but openswan seems to
try KLIPS first. Every openswan version > 2.4.6 gives me the following
output on /etc/init.d/ipsec start:

ipsec_setup: Starting Openswan IPsec U2.4.12/K2.6.24.4-blackbox...
ipsec_setup: WARNING: cannot adjust KLIPS flags, no /proc/sys/net/ipsec
directory!
ipsec_setup: /usr/libexec/ipsec/tncfg: Socket ioctl failed on attach --
No such device.  Is the virtual device valid?  Is the ipsec module
linked into the kernel or loaded as a module?
ipsec_setup: SIOCSIFADDR: No such device
ipsec_setup: ipsec0: unknown interface: No such device
ipsec_setup: SIOCSIFBRDADDR: No such device
ipsec_setup: ipsec0: unknown interface: No such device
ipsec_setup: SIOCSIFNETMASK: No such device

The funny thing is that after this, the tunnels come up. I don't see any
of those messages on a Fedora desktop box and find them quite annoying;
how do I make openswan recognize there's no KLIPS there?

Regards,
Torsten

On an unrelated note: it's not very uncommon to have a read-only root
directory. So the "if [ ! -w / ]" check in the init script should
probably be replaced by something like [ "$EUID" != "0" ],
[ `id -u` != "0" ] or something...





More information about the Users mailing list