[Openswan Users] Irritating warnings/error messages

[Torsten Luettgert]

Hi all,

I'm using openswan for IPSEC connections on an embedded box we're
building. The box runs linux 2.6.24.4 with netkey, but openswan seems to
try KLIPS first. Every openswan version > 2.4.6 gives me the following
output on /etc/init.d/ipsec start:

ipsec_setup: Starting Openswan IPsec U2.4.12/K2.6.24.4-blackbox...
ipsec_setup: WARNING: cannot adjust KLIPS flags, no /proc/sys/net/ipsec
directory!
ipsec_setup: /usr/libexec/ipsec/tncfg: Socket ioctl failed on attach --
No such device.  Is the virtual device valid?  Is the ipsec module
linked into the kernel or loaded as a module?
ipsec_setup: SIOCSIFADDR: No such device
ipsec_setup: ipsec0: unknown interface: No such device
ipsec_setup: SIOCSIFBRDADDR: No such device
ipsec_setup: ipsec0: unknown interface: No such device
ipsec_setup: SIOCSIFNETMASK: No such device

The funny thing is that after this, the tunnels come up. I don't see any
of those messages on a Fedora desktop box and find them quite annoying;
how do I make openswan recognize there's no KLIPS there?

Regards,
Torsten

On an unrelated note: it's not very uncommon to have a read-only root
directory. So the "if [ ! -w / ]" check in the init script should
probably be replaced by something like [ "$EUID" != "0" ],
[ `id -u` != "0" ] or something...