i think it's upstart /home/ubuntu# /sbin/init --version init (upstart 1.5) Copyright (C) 2012 Scott James Remnant, Canonical Ltd.
This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. *Amir Naftali* | *CTO and Co-Founder | +972 54 497 2622* <http://www.fortycloud.com/?utm_campaign=amir_email&utm_medium=email&utm_source=signature&utm_content=link&utm_term=amir_sig> On Sun, Nov 1, 2015 at 11:46 PM, Paul Wouters <[email protected]> wrote: > I'll check what's going on. Is that install of Ubuntu using systemd? > > Sent from my iPhone > > On Nov 1, 2015, at 22:22, Amir Naftali <[email protected]> wrote: > > Looks like there is an issue resulting from a delivery that happens 4 days > ago titled "systemd: add socket activation" > > I'm running on an ubuntu 14.04 system in EC2/VPC > > Up to that commit (not including), running "make build & install" does the > magic and everything works ok. > > Building/installing and running "ipsec verify" After that commit returns > the following output > > root@ip-192-168-100-119:/home/ubuntu# ipsec verify > > Verifying installed system and configuration files > > Version check and ipsec on-path [OK] > Libreswan 3.master-201544.git (netkey) on 3.13.0-48-generic > Checking for IPsec support in kernel [OK] > NETKEY: Testing XFRM related proc values > ICMP default/send_redirects [OK] > ICMP default/accept_redirects [OK] > XFRM larval drop [OK] > Pluto ipsec.conf syntax [OK] > Hardware random device [N/A] > Two or more interfaces found, checking IP forwarding [OK] > Checking rp_filter [ENABLED] > /proc/sys/net/ipv4/conf/eth0/rp_filter [ENABLED] > /proc/sys/net/ipv4/conf/lo/rp_filter [ENABLED] > rp_filter is not fully aware of IPsec and should be disabled > Checking that pluto is running [OK] > Pluto listening for IKE on udp 500 [FAILED] > Pluto listening for IKE/NAT-T on udp 4500 [DISABLED] > Pluto ipsec.secret syntax [OK] > Checking 'ip' command [OK] > Checking 'iptables' command [OK] > Checking 'prelink' command does not interfere with FIPSChecking for > obsolete ipsec.conf options [OK] > Opportunistic Encryption [DISABLED] > > auth.log has the following error > > Nov 1 13:11:13 ip-192-168-100-119 pluto[8648]: reapchild failed with > errno=10 No child processes > > syslog has the following error > Nov 1 13:11:13 ip-192-168-100-119 ipsec_starter[8920]: connect(pluto_ctl) > failed: Invalid argument > > Any thoughts? Am I doing something wrong? > > > *Amir Naftali* | *CTO and Co-Founder | +972 54 497 2622 > <%2B972%2054%20497%202622>* > > > <http://www.fortycloud.com/?utm_campaign=amir_email&utm_medium=email&utm_source=signature&utm_content=link&utm_term=amir_sig> > > On Fri, Oct 30, 2015 at 3:34 PM, Paul Wouters <[email protected]> wrote: > >> On Fri, 30 Oct 2015, Amir Naftali wrote: >> >> Subject: Re: [Swan] GW To GW IPSec connection between CheckPoint and >>> Libreswan >>> >>> This sounds great, having such a capability will provide a powerful tool >>> supporting an advance set of >>> use cases >>> Is there a way to get an early peek at the patch so I can test it >>> against some use cases that we have >>> >> >> This was pushed: >> >> >> https://github.com/libreswan/libreswan/commit/f0328a91565c7a9951c9bc6b330ab15667e58fcd >> >> Note that the _updown script does not yet actually do any marking. >> >> I need to understand better how that would need to be done and what >> parameters are needed and how this would work well with vti. If anyone >> has suggestions or patches for _updown.netkey, please let me know. >> >> Paul >> > >
_______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
