[Openswan Users] failure to shut down ipsec
Jon James
jonj at claimtools.ca
Tue Apr 21 15:47:17 EDT 2009
When I use the 'ip xfrm pol' and 'ip xfrm state' command it shows nothing.
When I use lsmod|grep esp4 it shows
Esp4 7873 1
So the esp4 module is not being properly removed and the SA's are left
When I attempt to shut down the module
Modprobe -r esp4
it says
FATAL: Module esp4 in use
-----Original Message-----
From: Paul Wouters [mailto:paul at xelerance.com]
Sent: Monday, April 20, 2009 5:09 PM
To: Jon James
Cc: users at openswan.org
Subject: Re: [Openswan Users] failure to shut down ipsec
On Mon, 20 Apr 2009, Jon James wrote:
>
> Hey does anyone know why I would be getting this error when stopping the
ipsec service
>
> On Centos 5.2 with Openswan 2.6.21
>
> I run “/etc/init.d/ipsec stop”
>
> And I get
>
>
> Ipsec_setup: Stopping Openswan Ipsec
> Ipsec_setup: ERROR: Module esp4 is in use
It looks like your shutdown did not remove all IPsec SA's from
the kernel? What does 'ip xfrm pol' and 'ip xfrm state' show
you after doing the stop command? and what does lsmod|grep esp4
say?
Paul
__________ Information from ESET NOD32 Antivirus, version of virus signature
database 4024 (20090421) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
__________ Information from ESET NOD32 Antivirus, version of virus signature
database 4025 (20090421) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
More information about the Users
mailing list