[Openswan Users] Issue with openswan opening a TCP port that conflicts with another service

Igor Lasic ilasic at yahoo.com
Tue Jul 31 13:51:57 EDT 2012


That is exactly what I am running into.

Thank you.

Igor


On 7/31/2012 8:23 AM, Elison Niven wrote:
> Hi,
>
> I think you may be calling "service ipsec xxx" using execve or 
> system() from another program.
> Is it so ? TCP port 3082 might be opened by your program that invokes 
> pluto.
> http://stackoverflow.com/questions/6945865/process-started-from-system-command-in-c-inherits-parent-fds
> Your child process inherits every open file descriptor from the 
> parent, including the sockets you opened.
>
> On Tuesday 31 July 2012 07:57 AM, Willie Gillespie wrote:
>> On 07/30/2012 04:54 PM, Igor Lasic wrote:
>>> Hello Muhammad, thanks for responding.
>>>
>>> I am seeing TCP port 3082 opened as in below. We have also tried with
>>> port 3081 and got the same result where pluto took it.
>>>
>>> Unfortunately we cannot guarantee the order in which services will 
>>> start
>>> and cannot use other means such as SE security.
>>>
>>> netstat -nap | grep 3082
>>> *tcp        0      0 0.0.0.0:3082 0.0.0.0:* LISTEN
>>> _7450_/sh*
>>
>> Very strange.  My installs only show they are listening on UDP/500 
>> and UDP/4500.
>>
>> They also show the PID/pluto (instead of the PID/sh that yours show).
>>
>> Do you think something is messed up with your installation?
>> _______________________________________________
>> Users at lists.openswan.org
>> https://lists.openswan.org/mailman/listinfo/users
>> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
>> Building and Integrating Virtual Private Networks with Openswan:
>> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>>
>>
>
> -- 
> Best Regards,
> Elison Niven

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20120731/15881ecc/attachment.html>


More information about the Users mailing list