[Openswan Users] Openswan 2.6.X and KLIPS

Agent Smith news8080 at yahoo.com
Fri Jun 19 22:57:40 EDT 2009


here is something. in the vanila kernel source (2.6.18) there exists a file called ./net/ipv4/af_inet.c but its somehow not part of the source that comes with centos so I guess its on the centos guys to fix.

I wonder why its not there?

--- On Fri, 6/19/09, Agent Smith <news8080 at yahoo.com> wrote:

> From: Agent Smith <news8080 at yahoo.com>
> Subject: Re: [Openswan Users] Openswan 2.6.X and KLIPS
> To: users at openswan.org
> Date: Friday, June 19, 2009, 10:27 PM
> 
> 
> ok,
> 
> I ran Centos5.5 which came with 2.6.18-53.el5 and yum
> updated it to 2.6.18-128.1.6.el5 and I have both sources.
> Now my goal is to compile klips and NAT-T both into either
> of these kernels with some recent openswan version. 
> 
> so far I have tried 'make kpatch' in openswan 2.4.10,
> 2.4.11, 2.4.13 and 2.4.9 with no success. Each time I get
> the same error
> 
> The only way it works is if I get a vanila kernel from
> kernel.org and patch it and recompile and I really don't
> want to do that just to get klips support if I don't have
> to. 
> 
> any suggestions? have others ran into this? I only saw 2
> links off of google when I plugged my error message about
> af_inet.c
> 
> 
> # cat /etc/redhat-release
> CentOS release 5.3 (Final)
> # uname -r
> 2.6.18-128.1.6.el5
> # ln -s /usr/src/kernels/2.6.18-53.el5-i686 /usr/src/linux
> # pwd
> /usr/src/kernels/openswan/openswan-2.4.13
> # make kpatch
> .....
> patching file net/ipsec/version.c
> patching file net/ipsec/zutil.c
> can't find file to patch at input line 59661
> Perhaps you used the wrong -p or --strip option?
> The text leading up to this was:
> --------------------------
> |--- swan26/net/ipv4/af_inet.c.orig 
>    Wed Jun 16 01:18:58 2004
> |+++ swan26/net/ipv4/af_inet.c  Fri Aug 13 23:09:27
> 2004
> --------------------------
> 
> 
> 
> 
> --- On Fri, 6/19/09, Paul Wouters <paul at xelerance.com>
> wrote:
> 
> > From: Paul Wouters <paul at xelerance.com>
> > Subject: Re: [Openswan Users] Openswan 2.6.X and
> KLIPS
> > To: "Agent Smith" <news8080 at yahoo.com>
> > Cc: users at openswan.org
> > Date: Friday, June 19, 2009, 5:10 PM
> > On Fri, 19 Jun 2009, Agent Smith
> > wrote:
> > 
> > > I have always patched klips in kernel source and
> THEN
> > ran make KERNELSRC=/usr/src/my_kernel modules;make
> > modules_install from openswan source.
> > > are you saying that there is easier way to do
> have
> > klips without patching kernel source? I'd love to know
> how.
> > 
> > You should not point KERNERLSRC to a patched kernel
> when
> > using 'make module'. either patch the kernel
> > using make kpatch OR run 'make module'. Don't do
> both.
> > 
> > Paul
> > 
> > > --- On Fri, 6/19/09, Paul Wouters <paul at xelerance.com>
> > wrote:
> > >
> > >> From: Paul Wouters <paul at xelerance.com>
> > >> Subject: Re: [Openswan Users] Openswan 2.6.X
> and
> > KLIPS
> > >> To: "Agent Smith" <news8080 at yahoo.com>
> > >> Cc: users at openswan.org
> > >> Date: Friday, June 19, 2009, 10:14 AM
> > >> On Fri, 19 Jun 2009, Agent Smith
> > >> wrote:
> > >>
> > >>> Is it supported? I don't see any klips
> patches
> > for
> > >> recent openswan version. I still run 2.4.14
> but
> > would like
> > >> to upgrade to something recent.
> > >>>
> > >>> and I remember that was a 'talk' about
> NAT-T
> > patch not
> > >> being required in future versions of
> openswan, I
> > wonder
> > >> whats the stat. on that.
> > >>
> > >> It is. We have not released it as seperate
> > patches
> > >> recently. The 2.6
> > >> kernel is a moving target and creating these
> > patches that
> > >> work "as many
> > >> kernel sources as possible" is a manual
> process
> > that is
> > >> quite an art to
> > >> do. By far the easiest is always to run
> 'make
> > module
> > >> module_install'
> > >> and build klips as a module, instead of
> patching
> > it into
> > >> the kernel
> > >> source. Especially now you need no more
> nat-t
> > patch for
> > >> kernewls >=
> > >> 2.6.23.
> > >>
> > >> We're close to releasing openswan 2.6.22, but
> are
> > looking
> > >> into some
> > >> KLIPS issues still, specifically a fix that
> seems
> > to be
> > >> causing
> > >> other issues (bug https://bugs.xelerance.com/issues/1023)
> > >>
> > >> Paul
> > >>
> > >
> > >
> > >
> > >
> > 
> 
> 
>       
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with
> Openswan: 
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
> 


      


More information about the Users mailing list