[Openswan Users] Newbie question - Openswan 2.x KLIPS & NAT-Tpatches for kernel >= 2.6.24

Sasa sasa at shoponweb.it
Fri Sep 4 08:16:17 EDT 2009


Hi, I have installed OSW with KLIPS and NAT-T patch on kernel-2.6.27 (on 
Fedora Core 10) but is indispensable to use a natt-patch writed from Giovani 
(thank you for support !).
I have following this steps:

#rpm2cpio kernel-2.6.27.5-117.fc10.src.rpm | cpio -iv 
kernel-2.6.27-i686.config
#cd linux-2.6.27.5/
#make oldconfig
#make && make modules_install
#cp arch/i386/boot/bzImage /boot/vmlinuz-2.6.27.5-custom
#cp System.map /boot/System.map-2.6.27.5-custom
#cp .config /boot/config-2.6.27.5-custom
#mkinitrd /boot/initrd-2.6.27.5-custom.img 2.6.27.5
#cd /root/linux-2.6.27.5
#patch -p1<../openswan-2.4.x.kernel-2.6.23-natt.patch
#make mrproper
#make xconfig           -->-->(for to enable ipsec nat-t traversal (klips 
comatible))
#make oldconfig
#make && make modules_install
#cp arch/i386/boot/bzImage /boot/vmlinuz-2.6.27.5-custom (Y)
#cp System.map /boot/System.map-2.6.27.5-custom (Y)
#cp .config /boot/config-2.6.27.5-custom (Y)
#mkinitrd -v -f /boot/initrd-2.6.27.5-custom.img 2.6.27.5
--modify grub.conf for to boot with new kernel version---
#reboot
#tar -zxvf openswan-2.6.22.tar.gz
#cd /root/openswan-2.6.22
#patch -p1<../openswan-2.6.22-old-natt-style.patch
#export KERNELSRC=/lib/modules/'uname -r'/build
#make module26
#make minstall26
#depmod -a
#modprobe ipsec
#cd ..
#tar zxvf openswan-2.4.15.tar.gz
#cd openswan-2.4.15
#make programs
#make install
#ipsec --version

Regards.

------

   Salvatore.



----- Original Message ----- 
From: "Sasa" <sasa at shoponweb.it>
To: <users at openswan.org>
Sent: Tuesday, July 07, 2009 11:47 AM
Subject: Re: [Openswan Users] Newbie question - Openswan 2.x KLIPS & 
NAT-Tpatches for kernel >= 2.6.24


> Hi,
> Unfortunately for my experience isn't possible to use OSW 2.4.x/2.6.x with
> klips+natt and l2tp on the kernel 2.6.24, I have tried also with different
> kernels versions (2.6.27) and with userland from osw 2.4.15 and klips from
> 2.6.22 but I have always (after apply nat-t patch in the kernel) the same
> error:
>
> [root at fw openswan-2.6.22]# make module26
> make[1]: Entering directory `/root/openswan-2.6.22'
> make[1]: `/root/openswan-2.6.22/modobj26/Makefile' is up to date.
> make[1]: Leaving directory `/root/openswan-2.6.22'
> make -C /lib/modules/2.6.27.5/build 
> BUILDDIR=/root/openswan-2.6.22/modobj26
> SUBDIRS=/root/openswan-2.6.22/modobj26
> MODULE_DEF_INCLUDE=/root/openswan-2.6.22/packaging/linus/config-all.h
> MODULE_DEFCONFIG=/root/openswan-2.6.22/linux/net/ipsec/defconfig
> MODULE_EXTRA_INCLUDE= ARCH=i386 modules
> make[1]: Entering directory `/root/linux-2.6.27.5'
>  CC [M]  /root/openswan-2.6.22/modobj26/ipsec_init.o
> /root/openswan-2.6.22/modobj26/ipsec_init.c: In function 'ipsec_cleanup':
> /root/openswan-2.6.22/modobj26/ipsec_init.c:364: error: too many arguments
> to function 'udp4_unregister_esp_rcvencap'
> make[2]: *** [/root/openswan-2.6.22/modobj26/ipsec_init.o] Error 1
> make[1]: *** [_module_/root/openswan-2.6.22/modobj26] Error 2
> make[1]: Leaving directory `/root/linux-2.6.27.5'
> make: *** [module26] Error 2
>
> I think that is needed to wait is resolved the bug#1004.
>
> ------
>
>   Salvatore.
>
>
>
> ----- Original Message ----- 
> From: "John Mok" <jmok at attglobal.net>
> To: <users at openswan.org>
> Sent: Monday, July 06, 2009 4:21 PM
> Subject: [Openswan Users] Newbie question - Openswan 2.x KLIPS & NAT-T
> patches for kernel >= 2.6.24
>
>
>> Hi,
>>
>> I am using a Internet gateway running Ubuntu 8.04 LTS (kernel 2.6.24),
>> and would like to add openswan to it. I am a little bit confused. What
>> is the difference between openswan 2.4.x and openswan 2.6.x? Which is
>> more stable for production?
>>
>> I tried to apply the KLIPS and NAT-T patches of openswan 2.4.15 to
>> kernel 2.6.24, and come up with an compile error like :-
>>
>> http://lists.openswan.org/pipermail/users/2008-July/015039.html
>>
>> I hope someone could point me how to get and apply the KLIPS and NAT-T
>> patches for kernel 2.6.24
>>
>> Thanks a lot.
>>
>> John Mok
>>
>> _______________________________________________
>> Users at openswan.org
>> http://lists.openswan.org/mailman/listinfo/users
>> Building and Integrating Virtual Private Networks with Openswan:
>> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>>
>
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
> 



More information about the Users mailing list