User:Svend Erik Høst

From BubbaWiki
Revision as of 22:29, 9 December 2010 by Svend Erik Høst (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Make Strongswan start on a b3

Login as root :

# su -

Install build utils :

# aptitude install devscripts build-essential lsb-release libncurses-dev

Lets try to install Strongswan

# aptitude install strongswan

You will see that strongswan has problems detecting the IPsec stack :

no netkey IPsec stack detected
no KLIPS IPsec stack detected
no known IPsec stack detected, ignoring!
Starting strongSwan 4.4.1 IPsec [starter]...
charon is already running (/var/run/charon.pid exists) -- skipping charon start
no netkey IPsec stack detected
no KLIPS IPsec stack detected
no known IPsec stack detected, ignoring!
starter is already running (/var/run/starter.pid exists) -- no fork done


Okay, now lets get the kernel :

# uname -a
Linux b3 2.6.35.4 #5 Tue Sep 7 16:06:15 CEST 2010 armv5tel GNU/Linux
# cd /usr/src
# wget http://download.excito.net/kernel/Excito_B3/2.6.35.4/linux-2.6.35.4-excito.tar.bz2
# bzip2 -d linux-2.6.35.4-excito.tar.bz2
# tar -xvf linux-2.6.35.4-excito.tar
# cd linux-2.6.35.4


Make a .config :

# make bubba3_defconfig

Edit the config and enable the 2 modules missing :

# nano .config
CONFIG_XFRM_USER=m
CONFIG_NET_KEY=m

Save the .config file and make the modules :

# make modules modules_install

If the make script prompts you for anything, just press Enter to accept the default choice.


Make the modules available for modprobe :

# depmod -a


Lets try to restart ipsec :

# /etc/init.d/ipsec restart
Restarting strongswan IPsec services: ipsecStopping strongSwan IPsec...
Starting strongSwan 4.4.1 IPsec [starter]...
insmod /lib/modules/2.6.35.4/kernel/net/ipv4/ah4.ko
insmod /lib/modules/2.6.35.4/kernel/net/ipv4/esp4.ko
insmod /lib/modules/2.6.35.4/kernel/net/xfrm/xfrm_ipcomp.ko
insmod /lib/modules/2.6.35.4/kernel/net/ipv4/ipcomp.ko
insmod /lib/modules/2.6.35.4/kernel/net/ipv4/tunnel4.ko
insmod /lib/modules/2.6.35.4/kernel/net/ipv4/xfrm4_tunnel.ko


Nice, that seems to work now.