Any idea where can I enable XFRM_ALGO kernel module ? When I start strongswan, I get following errors:
modprobe: failed to load module xfrm_algo (kernel/net/xfrm/xfrm_algo.ko): No such file or directory modprobe: failed to load module xfrm_algo (kernel/net/xfrm/xfrm_algo.ko): No such file or directory modprobe: failed to load module xfrm_algo (kernel/net/xfrm/xfrm_algo.ko): No such file or directory modprobe: failed to load module tunnel4 (kernel/net/ipv4/tunnel4.ko): No such file or directory modprobe: failed to load module xfrm_algo (kernel/net/xfrm/xfrm_algo.ko): No such file or directory I've successfully crosscompiled tunnel4.ko and loaded it by hand (insmod), but I can't find xfrm_algo in "kernel makeconfig". I can find source files under: ubuntu:/usr/local/powerpc-none-linux-gnuspe/source/linux-2.6.32$ find . -name "xfrm_algo*" ./net/xfrm/xfrm_algo.c ./net/xfrm/xfrm_algo.o On Wed, Oct 30, 2013 at 12:35 PM, Luka <[email protected]> wrote: > Sorry, my bad, I've edited backup config file. > If I execute command: > >./ipsec --directory > I get: > /usr/local/libexec/ipsec > So config file is in /usr/local/etc/ > > Now I edited /usr/local/etc/strongswan.conf, added routing_table=0 > (without "charon." key) and netlink error is gone, great, thanks! > > However, there are some more errors: > Oct 30 12:20:57 00[NET] installing IKE bypass policy failed > Oct 30 12:20:57 00[NET] installing IKE bypass policy failed > Oct 30 12:20:57 00[NET] enabling UDP decapsulation for IPv6 on port 4500 > failed > Oct 30 12:20:57 00[NET] installing IKE bypass policy failed > Oct 30 12:20:57 00[NET] installing IKE bypass policy failed > Oct 30 12:20:57 00[NET] enabling UDP decapsulation for IPv4 on port 4500 > failed > ... > Oct 30 12:20:57 00[LIB] building CRED_CERTIFICATE - X509 failed, tried 3 > builders > Oct 30 12:20:57 00[CFG] loading ca certificate from > '/usr/local/etc/ipsec.d/cacerts/caHisaCert.pem' failed > (new log file: > https://dl.dropboxusercontent.com/u/2261256/forums/ipsec/charon1.log) > > There is one thing that I forgot to mention: > When I run "ipsec start" command, I get following messages: > Starting strongSwan 5.1.0 IPsec [starter]... > modprobe: chdir(2.6.32.12): No such file or directory > modprobe: chdir(2.6.32.12): No such file or directory > modprobe: chdir(2.6.32.12): No such file or directory > modprobe: chdir(2.6.32.12): No such file or directory > modprobe: chdir(2.6.32.12): No such file or directory > > So kernel modules probably didn't load properly > I've tried to fix problem by adding following dir: > >mkdir /usr/lib/modules/2.6.32.12 > and copy modules to that dir > >cp /usr/lib/modules/* /usr/lib/modules/2.6.32.12/ > > Now I get this error: > ./ipsec start > Starting strongSwan 5.1.0 IPsec [starter]... > modprobe: can't open 'modules.dep': No such file or directory > modprobe: can't open 'modules.dep': No such file or directory > modprobe: can't open 'modules.dep': No such file or directory > modprobe: can't open 'modules.dep': No such file or directory > > And I'm stuck again. > Do you have any idea what's going on here ? which module files are > missing, so I can try to load them by hand (insmod command) ? > > Thanks! > > > > > > On Wed, Oct 30, 2013 at 11:39 AM, Martin Willi <[email protected]>wrote: > >> >> > I've added charon.routing_table=0 to strongswan.conf >> >> > 00[KNL] unable to create IPv4 routing table rule >> >> The option is not in effect; otherwise that error won't show up. Make >> sure you edit the strongswan.conf that charon reads, an you use the >> correct syntax (you can't write charon.routing_table as key, but have to >> define the routing_table key in the charon section). See [1] for >> details. >> >> Regards >> Martin >> >> [1]http://wiki.strongswan.org/projects/strongswan/wiki/StrongswanConf >> >> >> >
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
