[Openswan Users] Openswan porting on ARM: /etc/init.d/ipsec start unresponsive
satpal parmar
systems.satpal at gmail.com
Fri Sep 30 03:11:45 EDT 2011
Something is really fishy.
I can see a ipsec.secrets.new file getting created in etc and with growing
' RSA {' entries.
Something like:
: RSA {
: RSA {
: RSA {
: RSA {
: RSA {
: RSA {
: RSA {
: RSA
I know about ipsec.secrets but ipsec.secrets.new is something I read about.
I am not sure how useful is this info but thought of share it with you all.
Still clueless about whats going on.
-SP
On Fri, Sep 30, 2011 at 10:59 AM, satpal parmar <systems.satpal at gmail.com>wrote:
> Hi all
>
> I am trying to port IPsec 2.6.33 on ARM11 soc running linux kernel 2.6.37
> (Netkey IPsec stack). I am experiencing strange behavior.When I start ipsec
> (/etc/init.d/ipsec start) console become unresponsive for long period of
> time (5+min). I run same thing in background and check the output of ps and
> I observed this:
>
> 58 root 0:00 /bin/sh /usr/local/lib/ipsec/_plutorun --debug
> --uniquei
> 962 root 0:00 /bin/sh /usr/local/libexec/ipsec/newhostkey --quiet
> 971 root 0:00 /bin/sh /usr/local/libexec/ipsec/newhostkey --quiet
> 972 root 0:00 /bin/sh /usr/local/libexec/ipsec/newhostkey --quiet
> 973 root 0:00 cat
> 974 root 0:00 /usr/local/libexec/ipsec/rsasigkey --random
> /dev/random 2
> 988 root 0:00 /bin/sh /usr/local/libexec/ipsec/setup restart
> 1047 root 0:00 logger -s -p daemon.error -t ipsec_setup
> 1131 root 0:00 /bin/sh /usr/local/lib/ipsec/_plutorun --debug
> --uniquei
> 1135 root 0:00 /bin/sh /usr/local/libexec/ipsec/newhostkey --quiet
> 1136 root 0:00 /bin/sh /usr/local/libexec/ipsec/newhostkey --quiet
> 1137 root 0:00 /bin/sh /usr/local/libexec/ipsec/newhostkey --quiet
> 1138 root 0:00 cat
> 1146 root 0:00 /usr/local/libexec/ipsec/rsasigkey --random
> /dev/random 2
> 1161 root 0:00 /bin/sh /usr/local/libexec/ipsec/setup restart
> 1222 root 0:00 logger -s -p daemon.error -t ipsec_setup
> 1306 root 0:00 /bin/sh /usr/local/lib/ipsec/_plutorun --debug
> --uniquei
> 1318 root 0:00 /bin/sh /usr/local/libexec/ipsec/newhostkey --quiet
> 1323 root 0:00 /bin/sh /usr/local/libexec/ipsec/newhostkey --quiet
> 1324 root 0:00 /bin/sh /usr/local/libexec/ipsec/newhostkey --quiet
> 1325 root 0:00 cat
> 1326 root 0:00 /usr/local/libexec/ipsec/rsasigkey --random
> /dev/random 2
> 1336 root 0:00 /bin/sh /usr/local/libexec/ipsec/setup restart
> 1395 root 0:00 logger -s -p daemon.error -t ipsec_setup
> 1479 root 0:00 /bin/sh /usr/local/lib/ipsec/_plutorun --debug
> --uniquei
> 1481 root 0:00 /bin/sh /usr/local/libexec/ipsec/newhostkey --quiet
> 1482 root 0:00 /bin/sh /usr/local/libexec/ipsec/newhostkey --quiet
> 1483 root 0:00 /bin/sh /usr/local/libexec/ipsec/newhostkey --quiet
>
> Is it an expected behavior? Is anything missing?
>
> I do not have perl support on my setup so I can not use verfy.
>
> Ipsec status giving me a cryptic response:
>
> # ipsec setup --status
> IPsec stopped
> but...
> has subsystem lock (/var/lock/subsys/ipsec)!
>
> Anyone got any Idea whats going on? Any help will be highly appreciated.
>
> -SP
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20110930/f6f9c956/attachment.html
More information about the Users
mailing list