[Openswan Users] Compilation is OK, Klips doesn't load, help?
Joe Strang
joe.strang at gmail.com
Wed Jun 11 10:01:42 EDT 2008
Dear
I am trying to install natt and Klips under Debian Linux 4.0. I follow
exactly README file of openswan and the book of Paul. I faced a
problem that KLIP does not load. What I did is shown below.
I patched the kernel with natt using the following number of commands:
/usr/src/openswan#KERNELSRC=/usr/src/linux
/usr/src/openswan#make nattpatch > /usr/src/openswan-ipsec.natt.patch
cd /usr/src/linux
cat ../openswan-ipsec.natt.patch | patch -p1 -s
The patch works OK and I can build and the kernel. And everything
seems fine till this point.
When I compile openswan by the following command:
/usr/src/openswan#KERNELSRC=/usr/src/linux
/usr/src/openswan#make programs module
the output from the above is long and ends with the following:
=======================start of output====================
KLIPS26 module built successfully.
ipsec.ko is in /usr/src/openswan-2.4.12/modobj26/ipsec.ko
-rw-r--r-- 1 root root 369348 2008-06-09 23:15 ipsec.ko
text data bss dec hex filename
269243 10408 5484 285135 459cf ipsec.ko
use make minstall as root to install it
=========================end of output===========
And it seems fine until this point.
Then, I use these commands to install openswan.
/usr/src/openswan# make install minstall
the output from the above command is very long and the last portion of
the output is shown as follows:
=======================last portion of output- start===========
make[2]: Leaving directory `/usr/src/openswan-2.4.12/testing/scripts'
make[2]: Entering directory `/usr/src/openswan-2.4.12/testing/packaging'
make[2]: Leaving directory `/usr/src/openswan-2.4.12/testing/packaging'
make[1]: Leaving directory `/usr/src/openswan-2.4.12/testing'
make[1]: Entering directory `/usr/src/openswan-2.4.12'
( OSMODLIB=`make -C /usr/src/linux -p help | ( sed -n -e '/^MODLIB/p'
-e '/^MODLIB/q' ; cat > /dev/null ) | sed -e 's/^MODLIB[
:=]*\([^;]*\).*/\1/'` ; \
if [ -z "$OSMODLIB" ] ; then \
OSMODLIB=`make -C /usr/src/linux -n -p modules_install
| ( sed -n -e '/^MODLIB/p' -e '/^MODLIB/q' ; cat > /dev/null ) | sed
-e 's/^MODLIB[ :=]*\([^;]*\).*/\1/'` ; \
fi ; \
if [ -z "$OSMODLIB" ] ; then \
echo "No known place to install module. Aborting." ; \
exit 93 ; \
fi ; \
set -x ; \
mkdir -p $OSMODLIB/kernel/net/ipsec ; \
cp /usr/src/openswan-2.4.12/modobj26/ipsec.ko
$OSMODLIB/kernel/net/ipsec ; \
if [ -f /sbin/depmod ] ; then depmod -a ; fi; \
if [ -n "net/ipsec" ] ; then \
mkdir -p $OSMODLIB/kernel/net/ipsec ; \
if [ -f $OSMODLIB/kernel/ipsec.ko -a -f
$OSMODLIB/kernel/net/ipsec/ipsec.ko ] ; then \
echo "WARNING: two ipsec.ko modules found in $OSMODLIB/kernel:" ; \
ls -l $OSMODLIB/kernel/ipsec.ko
$OSMODLIB/kernel/net/ipsec/ipsec.ko ; \
exit 1; \
fi ; \
fi ; \
set -x ) ;
+ mkdir -p /lib/modules/2.6.18/kernel/net/ipsec
+ cp /usr/src/openswan-2.4.12/modobj26/ipsec.ko
/lib/modules/2.6.18/kernel/net/ipsec
+ '[' -f /sbin/depmod ']'
+ depmod -a
+ '[' -n net/ipsec ']'
+ mkdir -p /lib/modules/2.6.18/kernel/net/ipsec
+ '[' -f /lib/modules/2.6.18/kernel/ipsec.ko -a -f
/lib/modules/2.6.18/kernel/net/ipsec/ipsec.ko ']'
+ set -x
make[1]: Leaving directory `/usr/src/openswan-2.4.12'
========================end of output======================
when I veify what I did so far with the following commands I see the
following results:
/usr/src/openswan# ipsec --version
Linux Openswan U2.4.12/K(no kernel code presently loaded)
See `ipsec --copyright' for copyright information.
/usr/src/openswan# rmmod xfrmuser af_key esp4 ah4 ipcomp xfrm4_tunnel
ERROR: Module xfrmuser does not exist in /proc/modules
ERROR: Module af_key does not exist in /proc/modules
ERROR: Module esp4 does not exist in /proc/modules
ERROR: Module ah4 does not exist in /proc/modules
ERROR: Module ipcomp does not exist in /proc/modules
ERROR: Module xfrm4_tunnel does not exist in /proc/modules
/usr/src/openswan# modprobr ipsec
bash: modprobr: command not found
Can anybody direct me how to install klips, and what exactly I did wrong.
Your help would be very much appreciated.
Thanks and regards.
Joe
More information about the Users
mailing list