# OpenSwan 2.6 kernel

## neo_phani

i used this as a ref http://gentoo-wiki.com/HOWTO_OpenSwan_2.6_kernel

ok all is well untill i get this errors for pluto. what am missing ? Any clues will be helpful. thanks

```
ipsec verify

Checking your system to see if IPsec got installed and started correctly:

Version check and ipsec on-path                                         [OK]

Linux Openswan U2.2.0/K2.6.12-gentoo-r10 (native)

Checking for IPsec support in kernel                                    [OK]

Checking for RSA private key (/etc/ipsec/ipsec.secrets)                 [OK]

Checking that pluto is running                                          [FAILED]

whack: Pluto is not running (no "/var/run/pluto.ctl")

Two or more interfaces found, checking IP forwarding                    [FAILED]

whack: Pluto is not running (no "/var/run/pluto.ctl")

Checking NAT and MASQUERADEing                                          [OK]

Checking for 'ip' command                                               [OK]

Checking for 'iptables' command                                         [OK]

Checking for 'setkey' command for native IPsec stack support            [OK]

Opportunistic Encryption DNS checks:

   Looking for TXT in forward dns zone: ematest                         [MISSING]

   Does the machine have at least one non-private address?              [FAILED]
```

details of my machine

```
uname -a

Linux ematest 2.6.12-gentoo-r10 #1 SMP Thu Sep 15 14:07:53 GMT 2005 i686 Intel(R) Pentium(R) 4 CPU 2.80GHz GenuineIntel GNU/Linux

lsmod

Module                  Size  Used by

xfrm_user              12964  -

ipcomp                  6792  -

esp4                    6304  -

ah4                     4864  -

af_key                 28112  -
```

----------

## neo_phani

Also the syslog-ng fails to start and i have not edited the syslog-ng.conf file

```
 /etc/init.d/ipsec start                                       [ ok ]

 * Starting syslog-ng ...

Error initializing configuration, exiting.

 * Failed to start syslog-ng                                              [ !! ]

 * ERROR:  Problem starting needed services.

 *         "ipsec" was not started.

```

----------

## neo_phani

bump

----------

## neo_phani

strace for syslog-ng

```
ematest ~ # cat strace.info

execve("/usr/sbin/syslog-ng", ["syslog-ng"], [/* 29 vars */]) = 0

uname({sys="Linux", node="ematest", ...}) = 0

brk(0)                                  = 0x8064000

access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)

open("/etc/ld.so.cache", O_RDONLY)      = 3

fstat64(3, {st_mode=S_IFREG|0644, st_size=18434, ...}) = 0

mmap2(NULL, 18434, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7f24000

close(3)                                = 0

open("/lib/libnsl.so.1", O_RDONLY)      = 3

read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0 5\0\000"..., 512) = 512

fstat64(3, {st_mode=S_IFREG|0755, st_size=76468, ...}) = 0

mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f23000

mmap2(NULL, 83968, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7f0e000

mmap2(0xb7f1f000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x10) = 0xb7f1f000

mmap2(0xb7f21000, 6144, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7f21000

close(3)                                = 0

open("/lib/libresolv.so.2", O_RDONLY)   = 3

read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\0&\0\000"..., 512) = 512

fstat64(3, {st_mode=S_IFREG|0755, st_size=69324, ...}) = 0

mmap2(NULL, 80148, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7efa000

mprotect(0xb7f09000, 18708, PROT_NONE)  = 0

mmap2(0xb7f0a000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xf) = 0xb7f0a000

mmap2(0xb7f0c000, 6420, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7f0c000

close(3)                                = 0

open("/lib/libc.so.6", O_RDONLY)        = 3

read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\360V\1"..., 512) = 512

fstat64(3, {st_mode=S_IFREG|0755, st_size=1227872, ...}) = 0

mmap2(NULL, 1142148, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7de3000

mmap2(0xb7ef4000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x110) = 0xb7ef4000

mmap2(0xb7ef8000, 7556, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7ef8000

close(3)                                = 0

mprotect(0xb7ef4000, 4096, PROT_READ)   = 0

munmap(0xb7f24000, 18434)               = 0

open("/dev/urandom", O_RDONLY)          = 3

read(3, "\237\317\242\334", 4)          = 4

close(3)                                = 0

brk(0)                                  = 0x8064000

brk(0x8085000)                          = 0x8085000

open("/etc/localtime", O_RDONLY)        = 3

fstat64(3, {st_mode=S_IFREG|0644, st_size=56, ...}) = 0

fstat64(3, {st_mode=S_IFREG|0644, st_size=56, ...}) = 0

mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f28000

read(3, "TZif\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\1\0\0\0\1\0"..., 4096) = 56

close(3)                                = 0

munmap(0xb7f28000, 4096)                = 0

open("/etc/syslog-ng/syslog-ng.conf", O_RDONLY) = 3

ioctl(3, SNDCTL_TMR_TIMEBASE or TCGETS, 0xbf93cc4c) = -1 ENOTTY (Inappropriate ioctl for device)

fstat64(3, {st_mode=S_IFREG|0644, st_size=1066, ...}) = 0

mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f28000

read(3, "# $Header: /var/cvsroot/gentoo-x"..., 8192) = 1066

read(3, "", 4096)                       = 0

read(3, "", 8192)                       = 0

ioctl(3, SNDCTL_TMR_TIMEBASE or TCGETS, 0xbf93c6ec) = -1 ENOTTY (Inappropriate ioctl for device)

close(3)                                = 0

munmap(0xb7f28000, 4096)                = 0

pipe([3, 4])                            = 0

fork()                                  = 11240

close(4)                                = 0

read(3, "\1", 1)                        = 1

exit_group(1)                           = ?

```

----------

## wilcohol

 *Quote:*   

> ok all is well untill i get this errors for pluto. what am missing ?

 

Hi there, I also got the same problem as yours, and I was able to fix it after reading https://forums.gentoo.org/viewtopic-t-376824-highlight-openswan.html

To sum it up, emerge gawk to an older version, ie, do the following:

```
emerge --oneshot "=sys-apps/gawk-3.1.3-r2"
```

Then you might want to restart your ipsec service.

```
/etc/init.d/ipsec start
```

That's all I did and it worked!

----------

## neo_phani

Tried that but still no worky

----------

## rev138

I had the same error, which I solved by building XFRM_USER as a module instead of built-in. Don't ask me why, but it fixed it for me.

----------

