Menu
▾
▴
Re: [Devil-Linux-discuss] new testing release
|
From: PeterJannesen, V. <P.J...@vi...> - 2007-09-11 07:54:24
|
Heiko, The _updown script (located in /usr/lib/ipsec) of openswan includes /etc/sysconfig/pluto_updown. When you set the variable IPROUTETABLE to for example "ipsec" All ipsec routes are places in de ipsec route table and the te correct rules are also generated. The _updown script of strongswan don't include /etc/sysconfig/pluto_updown. So you must edit /usr/lib/ipsec/_updown directly bot this is implosible because it is stored on CD. This is a problem when you need iproute2. -- Peter -----Original Message----- From: dev...@li... [mailto:dev...@li...] On Behalf Of Heiko Zuerker Sent: zondag 9 september 2007 16:06 To: dev...@li... Subject: Re: [Devil-Linux-discuss] new testing release Peter, I took a quick look at the Strongswan 4.1 documentation and there's a parameter you have to set. Here's the extract from the doc: ------------- 11.1 Environment variables in the updown script strongSwan makes the following environment variables available in the updown script indicated by the leftupdown parameter: ------------- I'm not sure about the routes, it's quite a while since I used xxxxxSWAN Heiko On Tue, September 4, 2007 01:13, PeterJannesen, Visiq wrote: > Hi Heiko, > > > I did a small test on the new testing release (from 1.2.14-2007-05-24=20 > to > 2007-08-23) > > > I read earlier that openswan is replaced by strongswan and it seems=20 > that IPSec is not working anymore. > It seams that the tunnels are comming up but the routes are not created. > > > Furher it seems that /usr/lib/ipsec/_updown is not supporting=20 > /etc/sysconfig/pluto_updown anymore. > I use pluto_updown to put the route in a different table with rules. I > my first impression is that strongswan is not supporting pluto_updown. > This is a problem because you can't change the standard=20 > /usr/lib/ipsec/_updown script with out creating a custom build. > > -- Peter > > > -----Original Message----- > From: dev...@li... > [mailto:dev...@li...] On Behalf=20 > Of Heiko Zuerker > Sent: donderdag 23 augustus 2007 16:49 > To: dev...@li... > Subject: [Devil-Linux-discuss] new testing release > > > Hey everyone, > > > I just uploaded a new testing release for 1.2.14=20 > ftp://ftp.devil-linux.org/pub/devel/testing > > > Would be great if some of you could test the latest updates. > > > Thx > > > -- > > > Regards > Heiko Zuerker > http://www.devil-linux.org > > > > > ---------------------------------------------------------------------- > -- > - > This SF.net email is sponsored by: Splunk Inc. > Still grepping through log files to find problems? Stop. > Now Search log events and configuration files using AJAX and a browser. > Download your FREE copy of Splunk now >> http://get.splunk.com/=20 > _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss > > > ---------------------------------------------------------------------- > --- This SF.net email is sponsored by: Splunk Inc. > Still grepping through log files to find problems? Stop. > Now Search log events and configuration files using AJAX and a browser. > Download your FREE copy of Splunk now >> http://get.splunk.com/=20 > _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss > > --=20 Regards Heiko Zuerker http://www.devil-linux.org ------------------------------------------------------------------------ - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Devil-linux-discuss mailing list Dev...@li... https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss |
