[Openswan Users] better kernel configuration
Paul Wouters
paul at xelerance.com
Thu Apr 21 12:42:22 EDT 2011
On Thu, 21 Apr 2011, Felipe Alcacibar wrote:
> Hi, i am trying to install openswan in a gentoo linux server, with
> kernel 2.6.38 (and the amazing improve of this version of kernel), but
> i don't know and i cannot find documents about how is the best
> configuration for the kernel at this version, i want to ask about if
> in the kernel 2.6.38 (or the lastest usable) does not uses klips
> anymore?
It ships with netkey, but you can still compile klips. Simply run:
cd openswan-2.6.x
make KERNELSRC=/lib/modules/`uname -r`/build module module_install
> just netkey, and what about nat traversal, it uses too here?
NAT-T is build into the kernel in a way klips and netkey can use it
as of 2.6.22+
> how patches i need to use, or i don't need patches, and what modules
> replace the patches?.
No patches if you happy with a klips module (ipsec.ko). However, you
can still patch klips into the kernel source using "make kpatch"
Paul
More information about the Users
mailing list