Re: ipsec setkey and 2.4.21 kernel
Hi Mark and others,
Mark Devin écrivait :
> Just replying to myself again for the benefit of any list readers having
> similar problems.
And I did follow it with interest... ;-)
> Also make sure that ipsec-tools package is compiled against the 2.4.22
> kernel headers. This can be done by editing the debian/rules script and
> setting the --with-kernel-headers parameter correctly.
Is it necessary to rebuild the ipsec-tools package?
Or does the last one from Debian "Sid" will just do fine?
I'm new to using IPsec with the kernel patch and I have some difficulty to
make it running. Especially, I'm trying to make it running with pipsecd
(from Pierre Bessac, thanks to him) but I'm stuck before starting! :-(
Here is my problem:
# echo "add 10.0.0.254 10.0.0.100 esp 200102 -E des-cbc 0x1111111111111111 ;" | setkey -c
The result of line 1: No buffer space available.
Note that I get some errors int my /var/log/syslog:
Oct 15 08:06:54 test modprobe: modprobe: Can't locate module digest_null
Oct 15 08:06:54 test modprobe: modprobe: Can't locate module ripemd160
Oct 15 08:06:54 test modprobe: modprobe: Can't locate module cipher_null
Oct 15 08:06:54 test modprobe: modprobe: Can't locate module cast128
Oct 15 08:06:54 test modprobe: modprobe: Can't locate module lzs
Oct 15 08:06:55 test modprobe: modprobe: Can't locate module lzjh
Oct 15 08:06:55 test modprobe: modprobe: Can't locate module digest_null
Oct 15 08:06:55 test modprobe: modprobe: Can't locate module ripemd160
Oct 15 08:06:55 test modprobe: modprobe: Can't locate module cipher_null
Oct 15 08:06:55 test modprobe: modprobe: Can't locate module cast128
Oct 15 08:06:55 test modprobe: modprobe: Can't locate module lzs
Oct 15 08:06:55 test modprobe: modprobe: Can't locate module lzjh
Oct 15 08:06:55 test modprobe: modprobe: Can't locate module xfrm-type-2-50
Note again that I did *not* recompile the kernel from Debian "Sid":
# uname -a
Linux test.home 2.4.22-1-686 #6 Sat Oct 4 14:09:08 EST 2003 i686 GNU/Linux
# lsmod | grep key
af_key 22224 0 (unused)
Is it necessary? No problem to do it, I'm just missing some time...
Oh, one more thing: is it necessary to start racoon event if I won't use
IKE but only secret keys instead?
Thanks in advance, regards, J.C.
--
Jean Christophe ANDRÉ <jean-christophe.andre@auf.org> http://www.vn.refer.org/
Coordonnateur technique régional / Associé technologie projet Reflets
Agence universitaire de la Francophonie (AuF) / Bureau Asie-Pacifique (BAP)
Adresse postale : AUF, 21 Lê Thánh Tông, T.T. Hoàn Kiếm, Hà Nội, Việt Nam
Tél. : +84 4 9331108 Fax : +84 4 8247383 Mobile : +84 91 3248747
/ Note personnelle : merci d'éviter de m'envoyer des fichiers PowerPoint ou \
\ Word ; voir ici : http://www.fsf.org/philosophy/no-word-attachments.fr.html /
Reply to: