[Openswan Users] Problem : unregister_netdevice: waiting for ipsec0 to become free
Jean-Michel Bonnefond
pompon2 at gmail.com
Tue Sep 16 04:39:24 EDT 2008
Hello everybody,
I'm currently using openswan 2.4.9 over a self compiled linux kernel 2.6.18
with the Klips stack instead of netkey.
I'm trying to upgrade my kernel to the debian patched kernel 2.6.18 (wich
include security patches that I need) and I would like to upgrade openswan
in the same time.
I'm not sure of which new version to choose. What is the major differences
between openswan 2.4.13 and 2.6.16? I remember having read somewhere on this
list that "It is not recommend to upgrade to v2.6 as the openswan 2.6.x have
ipsec.conf different, parameter mast= and other problems.... " and the
changelog stops at 2.4.13.
Are the 2.6.x development versions leadind to v3 ?
So I decided to use the most stable recent 2.4 version, I successfully
compile openswan and klips 2.4.13 over the kernel and my tunnels seems to
work properly. However when I try to stop ipsec, the klips module seems not
to unload correctly and I got an error when unregistering ipsec0. This
prevent my system to shutdown :
localhost:~# ipsec --version
Linux Openswan 2.4.13 (klips)
localhost:~# /etc/init.d/ipsec status
IPsec running - pluto pid: 1896
pluto pid 1896
1 tunnels up
some eroutes exist
Sep 16 07:57:27 localhost kernel: klips_info:ipsec_init: KLIPS startup,
Openswan KLIPS IPsec stack version: 2.4.13
Sep 16 07:57:27 localhost kernel: NET: Registered protocol family 15
Sep 16 07:57:27 localhost kernel: klips_info:ipsec_alg_init: KLIPS alg
v=0.8.1-0 (EALG_MAX=255, AALG_MAX=251)
Sep 16 07:57:27 localhost kernel: klips_info:ipsec_alg_init: calling
ipsec_alg_static_init()
Sep 16 07:57:27 localhost kernel: ipsec_aes_init(alg_type=15 alg_id=12
name=aes): ret=0
Sep 16 07:57:27 localhost kernel: ipsec_3des_init(alg_type=15 alg_id=3
name=3des): ret=0
When I try to stop :
localhost:~# /etc/init.d/ipsec stop
Message from syslogd at localhost at Tue Sep 16 08:01:43 2008 ...
localhost kernel: unregister_netdevice: waiting for ipsec0 to become free.
Usage count = -6
Message from syslogd at localhost at Tue Sep 16 08:02:14 2008 ...
localhost last message repeated 3 times
Message from syslogd at localhost at Tue Sep 16 08:03:16 2008 ...
localhost last message repeated 6 times
running process :
3913 pts/1 S+ 0:00 /bin/sh /etc/init.d/ipsec stop
3914 pts/1 S+ 0:00 /bin/sh /usr/local/lib/ipsec/_realsetup stop
3931 pts/1 D+ 0:00 rmmod ipsec
localhost:~# /etc/init.d/ipsec status
IPsec stopped
but...
has subsystem lock (/var/lock/subsys/ipsec)!
localhost:~# lsmod | grep ipsec
ipsec 296584 0
localhost:~# ipsec --version
Linux Openswan U2.4.13/K(no kernel code presently loaded)
I could not get an ipsec barf after stopping ipsec as it freeze on the
ifconfig command but I could send the barf when server is running if it
could be usefull.
Any ideas?
Thanks a lot,
Jean-Michel.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080916/2be320f4/attachment-0001.html
More information about the Users
mailing list