<div dir="ltr"><div><p style="margin:0px;font-size:11px;font-family:Menlo">Any idea where can I enable XFRM_ALGO kernel module ?</p><p style="margin:0px;font-size:11px;font-family:Menlo">When I start strongswan, I get following errors:</p>
<p style="margin:0px;font-size:11px;font-family:Menlo">modprobe: failed to load module xfrm_algo (kernel/net/xfrm/xfrm_algo.ko): No such file or directory</p>
<p style="margin:0px;font-size:11px;font-family:Menlo">modprobe: failed to load module xfrm_algo (kernel/net/xfrm/xfrm_algo.ko): No such file or directory</p>
<p style="margin:0px;font-size:11px;font-family:Menlo">modprobe: failed to load module xfrm_algo (kernel/net/xfrm/xfrm_algo.ko): No such file or directory</p>
<p style="margin:0px;font-size:11px;font-family:Menlo">modprobe: failed to load module tunnel4 (kernel/net/ipv4/tunnel4.ko): No such file or directory</p>
<p style="margin:0px;font-size:11px;font-family:Menlo">modprobe: failed to load module xfrm_algo (kernel/net/xfrm/xfrm_algo.ko): No such file or directory</p></div><div><br></div><div>I've successfully crosscompiled <span style="font-family:Menlo;font-size:11px">tunnel4.ko </span>and loaded it by hand (insmod), but I can't find xfrm_algo in "kernel makeconfig".</div>
<div>I can find source files under:</div><div><br><div><div><font face="courier new, monospace">ubuntu:/usr/local/powerpc-none-linux-gnuspe/source/linux-2.6.32$ find . -name "xfrm_algo*"</font></div><div><font face="courier new, monospace">./net/xfrm/xfrm_algo.c</font></div>
<div><font face="courier new, monospace">./net/xfrm/xfrm_algo.o</font></div></div><div><br></div></div><div><br></div><div><br></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Wed, Oct 30, 2013 at 12:35 PM, Luka <span dir="ltr"><<a href="mailto:Lukapple80@gmail.com" target="_blank">Lukapple80@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div>Sorry, my bad, I've edited backup config file.<br>If I execute command:<br>>./ipsec --directory<br>
I get:<br>/usr/local/libexec/ipsec<br></div><div>So config file is in /usr/local/etc/</div>
<div><br>Now I edited /usr/local/etc/strongswan.conf, added routing_table=0 (without "charon." key) and netlink error is gone, great, thanks!<br><br></div><div>However, there are some more errors:<br>Oct 30 12:20:57 00[NET] installing IKE bypass policy failed<br>
Oct 30 12:20:57 00[NET] installing IKE bypass policy failed<br>Oct 30 12:20:57 00[NET] enabling UDP decapsulation for IPv6 on port 4500 failed<br>Oct 30 12:20:57 00[NET] installing IKE bypass policy failed<br>Oct 30 12:20:57 00[NET] installing IKE bypass policy failed<br>
Oct 30 12:20:57 00[NET] enabling UDP decapsulation for IPv4 on port 4500 failed<br></div><div>...<br>Oct 30 12:20:57 00[LIB] building CRED_CERTIFICATE - X509 failed, tried 3 builders<br>Oct 30 12:20:57 00[CFG] loading ca certificate from '/usr/local/etc/ipsec.d/cacerts/caHisaCert.pem' failed<br>
</div><div>(new log file: <a href="https://dl.dropboxusercontent.com/u/2261256/forums/ipsec/charon1.log" target="_blank">https://dl.dropboxusercontent.com/u/2261256/forums/ipsec/charon1.log</a>)<br><br></div><div>There is one thing that I forgot to mention:<br>
</div><div>When I run "ipsec start" command, I get following messages:<br>Starting strongSwan 5.1.0 IPsec [starter]...<br>modprobe: chdir(2.6.32.12): No such file or directory<br>modprobe: chdir(2.6.32.12): No such file or directory<br>
modprobe: chdir(2.6.32.12): No such file or directory<br>modprobe: chdir(2.6.32.12): No such file or directory<br>modprobe: chdir(2.6.32.12): No such file or directory<br><br></div><div>So kernel modules probably didn't load properly<br>
</div><div>I've tried to fix problem by adding following dir:<br>>mkdir /usr/lib/modules/<a href="http://2.6.32.12" target="_blank">2.6.32.12</a><br>and copy modules to that dir<br>>cp /usr/lib/modules/* /usr/lib/modules/<a href="http://2.6.32.12/" target="_blank">2.6.32.12/</a><br>
<br></div><div>Now I get this error:<br>./ipsec start<br>Starting strongSwan 5.1.0 IPsec [starter]...<br>modprobe: can't open 'modules.dep': No such file or directory<br>modprobe: can't open 'modules.dep': No such file or directory<br>
modprobe: can't open 'modules.dep': No such file or directory<br>modprobe: can't open 'modules.dep': No such file or directory<br><br></div><div>And I'm stuck again.<br>Do you have any idea what's going on here ? which module files are missing, so I can try to load them by hand (insmod command) ? <br>
<br>Thanks!<br></div><div><br></div><div><br></div><div><br></div></div><div><div class="h5"><div class="gmail_extra"><br><br><div class="gmail_quote">On Wed, Oct 30, 2013 at 11:39 AM, Martin Willi <span dir="ltr"><<a href="mailto:martin@strongswan.org" target="_blank">martin@strongswan.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><br>
> I've added charon.routing_table=0 to strongswan.conf<br>
<br>
</div><div>> 00[KNL] unable to create IPv4 routing table rule<br>
<br>
</div>The option is not in effect; otherwise that error won't show up. Make<br>
sure you edit the strongswan.conf that charon reads, an you use the<br>
correct syntax (you can't write charon.routing_table as key, but have to<br>
define the routing_table key in the charon section). See [1] for<br>
details.<br>
<div><div><br>
Regards<br>
Martin<br>
<br>
[1]<a href="http://wiki.strongswan.org/projects/strongswan/wiki/StrongswanConf" target="_blank">http://wiki.strongswan.org/projects/strongswan/wiki/StrongswanConf</a><br>
<br>
<br>
</div></div></blockquote></div><br></div></div></div></div>
</blockquote></div><br></div>