[strongSwan-dev] Netlink Error Prevents _updown Execution

William Bloom william.bloom at kinetx.com
Tue Jul 6 21:53:54 CEST 2010

Using strongSwan 4.4.0 on RHEL 5.1, I've noticed that the _updown script isn't being executed after phase 1 and phase 2 complete successfully in pluto.  With plutodebug=all, I see that, in fact, 'ipsec _updown' command lines are indeed being executed.  However, an strace log reveals that the 'ipsec _updown' subprocess is exiting before starting the _updown script due to a NETLINK error (a 'sendto()' using NETLINK address family reports connection failure).  The only use of NETLINK with which I am acquainted is the Linux audit subsystem - but auditing appears to be configured properly and working fine on my system.

Is there a configuration flaw or build procedure misstep that might explain this?


More information about the Dev mailing list