[leaf-user] Shorewall problem setting up a L2TPd server on Bering uClibc 3.1

Mon, 21 May 2012 06:34:10 -0700 

Hi list

i'm trying to setup a L2TPd server on a bering uClibc 3.1 firewall using 
as reference some documents that i have found in the net 
(http://blog.bertelsen.co/2012/02/debian-squeeze-l2tpipsec-vpn-server.html).

My problem is related to shorewall: I'm defining a line as the follow in 
/etc/shorewall/policy file:
...
vips        ipsec
....

When I try to run "shorewall check" the system answers with the 
following error:

# shorewall check
Checking...
Initializing...
Determining Zones...
    ERROR: Your kernel and/or iptables does not support policy match
Terminated
#

Running "shorewall show capabilities" on the same firewall:

# shorewall show capabilities
Shorewall has detected the following iptables/netfilter capabilities:
    NAT: Available
    Packet Mangling: Available
    Multi-port Match: Available
    Extended Multi-port Match: Not available
    Connection Tracking Match: Not available
    Packet Type Match: Available
    Policy Match: Not available
    Physdev Match: Not available
    Packet length Match: Available
    IP range Match: Not available
    Recent Match: Not available
    Owner Match: Not available
    Ipset Match: Not available
    CONNMARK Target: Available
    Extended CONNMARK Target: Available
    Connmark Match: Available
    Extended Connmark Match: Available
    Raw Table: Not available
    IPP2P Match: Available
    CLASSIFY Target: Not available
    Extended REJECT: Available
    Repeat match: Not available
    MARK Target: Available
    Extended MARK Target: Not available
    Mangle FORWARD Chain: Available
    Comments: Not available
    Address Type Match: Not available
    TCPMSS Match: Available
    Hashlimit Match: Not available

...It seems that my system has a problem with the policy match capability...

I think that this problem is due to a missing kernel module, but I 
cannot find which module I must load to fix it

Is there someone who have make some tests with bering uclibc 3.1 and 
L2TP/IPSec VPN daemon?

thanks in advance
Graziano



-- 

Graziano Brioschi

Outland s.a.s.
sede operativa:
Via A. Don Rocca, 13
20030, Senago (MI)
tel: 02 9948 6014
mobile: 328 8382622
email: [email protected]
-->  U4E<--


------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
------------------------------------------------------------------------
leaf-user mailing list: [email protected]
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Reply via email to