[Openswan Users] 2.6.23 vs kernel 2.6.29 - ipsec not exit

Szél Gábor quash at quash.hu
Wed Oct 7 07:08:31 EDT 2009 

Dear all,

I have a problem, i want use openswan 2.6.23 on Ubuntu 9.04 X64 Server.
I download openswan source, and make ipsec module (if i compille module, 
and make ipsec programs, i use: export KLIPSCOMPILE="-m64 
-mno-red-zones", export USER_COMPILE="-m64".

If I start ipsec witch ipsec init.d script or ipsec command, ipsec 
started and not quit. When i look syslog and other logs, ipsec starting 
normaly. if i press ctrl-c ipsec runing.

Oct  7 13:02:07 BeLa ipsec_setup: Starting Openswan IPsec 2.6.23...
Oct  7 13:02:07 BeLa ipsec_setup: Using KLIPS/legacy stack
Oct  7 13:02:07 BeLa ipsec_setup: KLIPS debug `none'
Oct  7 13:02:07 BeLa ipsec_setup: KLIPS ipsec0 on eth0 
x.x.x.x/255.255.255.192 broadcast x.x.x.x
Oct  7 13:02:07 BeLa kernel: [ 1844.171555] 
Oct  7 13:02:07 BeLa pluto: adjusting ipsec.d to /etc/ipsec.d
Oct  7 13:02:07 BeLa ipsec_setup: ...Openswan IPsec started
Oct  7 13:02:07 BeLa ipsec__plutorun: 002 added connection description 
"xxx"
Oct  7 13:02:07 BeLa ipsec__plutorun: 002 added connection description 
"xxx"
Oct  7 13:02:07 BeLa ipsec__plutorun: 002 added connection description 
"xxx"
Oct  7 13:02:07 BeLa ipsec__plutorun: 002 added connection description 
"xxx"
Oct  7 13:02:07 BeLa ipsec__plutorun: 002 added connection description 
"xxx"
Oct  7 13:02:07 BeLa ipsec__plutorun: 104 "xxx" #1: STATE_MAIN_I1: initiate
Oct  7 13:02:07 BeLa ipsec__plutorun: 104 "xxx" #2: STATE_MAIN_I1: initiate
Oct  7 13:02:07 BeLa ipsec__plutorun: 104 "xxx" #3: STATE_MAIN_I1: initiate
Oct  7 13:02:07 BeLa ipsec__plutorun: 104 "xxx" #4: STATE_MAIN_I1: initiate

ipsec auto --status output is normal
and:
# ipsec setup --status
IPsec stopped
but...
has /var/run/pluto/ipsec.info file!
An normal Pluto is active?
some (5) eroutes exist!

ipsec and pluto runing!

i use ipsec with KLIPS
# cat /etc/ipsec.conf
version 2.0
# ------------------------------------
# basic configuration
config setup
    interfaces="ipsec0=eth0"
    #plutoload=%search
    #plutostart=%search
    uniqueids=yes

    # ------------------
    nat_traversal=no
    oe=off
    protostack=klips
    virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
   
    # ---- logs -----
   
    # --- debug ------
    plutodebug=all
    klipsdebug=none
    plutostderrlog=/tmp/pluto.log

....... (tunels config)

if i change protostack to netkey, ipsec starting normaly,

What is the problem ? if i on klips and pluto debug message, i dont show 
critical errors.

I test other kernel version, not working.

----
regards
Gábor Szél

More information about the Users mailing list