On Tue, 7 Nov 2017, Hao Chen wrote:
Thanks for your help in advance. Sorry for late response. (looks like
libreswan email server does NOT like attachments.)
After I applied the "source code change" which in you give me in
https://lists.libreswan.org/pipermail/swan/2017/002368.html, and re-compile + re-install,
still no luck. Same result as
before.
[root@xcvms196 configs]# ip x p
src 10.0.146.196/32 dst 10.0.161.34/32
dir out priority 2080 ptype main
mark -1/0xffffffff
It seems the patch was not applied properly? It should not show -1 but a
random number above 65535
This test case shows the patch I put in works:
https://github.com/libreswan/libreswan/blob/master/testing/pluto/netkey-vti-08/west.console.txt
If you run the test case and look at the verbose output, it shows:
[root@east ~]# ip xfrm pol
src 192.0.2.0/24 dst 192.0.1.0/24
dir out priority 2344 ptype main
mark 65536/0xffffffff
tmpl src 192.1.2.23 dst 192.1.2.45
proto esp reqid 16393 mode tunnel
src 192.0.1.0/24 dst 192.0.2.0/24
dir fwd priority 2344 ptype main
mark 65536/0xffffffff
tmpl src 192.1.2.45 dst 192.1.2.23
proto esp reqid 16393 mode tunnel
src 192.0.1.0/24 dst 192.0.2.0/24
dir in priority 2344 ptype main
mark 65536/0xffffffff
tmpl src 192.1.2.45 dst 192.1.2.23
proto esp reqid 16393 mode tunnel
You must not have applied the patch properly?
You can also try and grab the git master tree from github and install
that. It already has the patch applied.
Paul
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
