[Openswan Users] KLIPS and 802.1q on openswan-2.4.11 (and compiled on centos5)

Paul Wouters paul at xelerance.com
Mon Feb 4 06:20:35 EST 2008

On Mon, 4 Feb 2008, nospam2craig at remex.com.au wrote:

> 1) TX error counter on interface ipsec0 was incrementing when looking at
> ifconfig
> 2) packets were going out the VLAN interface (in this case eth1.101)
> unencrypted
> 3) when they were forced in to the ipsec0 interface correctly as seen in
> tcpdump they disappeared. (manually routing packets)
> 4) turning on KLIPS debugging caused a kernel oops.

Thanks. I've applied the iflink -> ifindex changes to #testing (openswan
2.5.x branch)

> -                           "ip_route_output failed with error code %d,
> rt->u.dst.dev=%s, dropped\n",
> -                           ixs->error,
> -                           ixs->route->u.dst.dev->name);
> +                            "ip_route_output failed with error code %d,
> dropped\n",
> +                            ixs->error);
>                 return IPSEC_XMIT_ROUTEERR;

Is this part of the patch required? I would rather log the name of the interface
if possible.

Building and integrating Virtual Private Networks with Openswan:

More information about the Users mailing list