I have been running a custom compiled 2.4.21 kernel using the kernel
source package from Adrian Bunk's site on Woody. I had an ipsec link
setup and it was working well using the Kame implementation which
debian has backported into the 2.4.21 kernel sources.
I just recompiled my kernel today with the latest 2.4.21 kernel source
deb (from Adrian Bunk's site). Now setkey refuses to load my policies
which are unchanged from what was working before.
Does anyone have any idea how to fix this?
Here is the contents of the file I am passing to setkey:
------------------------------
#!/usr/sbin/setkey -f
flush;
spdflush;
spdadd 192.168.99.0/24[any] 192.168.99.0/24[any] any
-P out ipsec esp/tunnel/192.168.1.1-192.168.1.74/require;
spdadd 192.168.99.0/24[any] 192.168.99.0/24[any] any
-P in ipsec esp/tunnel/192.168.1.74-192.168.1.1/require;
------------------------------
And here is the errors setkey produces:
------------------------------
# setkey -f /etc/ipsec.conf
The result of line 6: Invalid argument.
The result of line 9: Invalid argument.
------------------------------
I have tried recompiling ipsec-tools from unstable sources. I also
made sure the 2.4.21 kernel headers were being used during the compile
process for the ipsec-tools package by ensuring the configure script
was passed the appropriate --with-kernel-headers parameter in
debian/rules.
Any other ideas?