[Openswan Users] Should KLIPS be defined for pluto?!
Paul Wouters
paul at xelerance.com
Tue Dec 22 12:21:12 EST 2009
On Tue, 22 Dec 2009, Mark Ryden wrote:
> I downloaded the source rpm and I am trying to compile it on Feodra
> 10 , 2.6.27.5-117 kernel.
>
> It was built OK.
>
> I added , in main() of the the pluto daemon, in
> /openswan-2.6.21/programs/pluto/plutomain.c,
> checking and printing to a log whether #ifdef KLIPS is valid. And I
> found out that it was defined.
>
> I followed the steps for using the native (aka, Netkey) stack in the readme.
> Moreover, in /etc/ipsec.conf, I have
> protostack=netkey
>
> which means that I am using netkey and not klips.
>
> My question is:
>
> I guess the code fragments that includes the #ifdef KLIPS apply to
> both cases, when using KLIPS
> and when NOT using KLIPS.
>
> Or am I wrong and missed something ?
first, the settings are controlled in Makefile.inc.
second, it is best to leave support for KLIPS in, even when not currently
using it, so the userland is able to talk to klips in the future if you
would migrate for some reason or other.
If you are running embedded and are restricted on resources, then I'd
change the Makefile.inc and disable things you do not need.
Paul
More information about the Users
mailing list