Re: Ipsec support in Sarge
On Thu, 2005-05-19 at 22:39 -0400, Louis-David Perron wrote:
> Perhaps I'm doing something very wrong, but I'm currently unable to compile
> the 2.4.27 kernel from sarge with any ipsec support. kernel-patch-freeswan
> (latest version) will fail during patch on a "rejected hunk" in udp.c (see
> bug #245323) , and kernel-patch-openswan (backported from unstable) will
> fail during compilation of ipsec_init.c. (see bug #293628).
Openswan, at least, will work with the native ipsec support in the
kernel, you only need to build a kernel with the patch if you want to
use the KLIPS stack instead of the native one. See
http://wiki.openswan.org/index.php/Debian
for details. I happily use a stock Debian kernel package and the
openswan packages on one of my firewall systems.
Bdale
Reply to: