[strongSwan] How to tell strongswan not to use kernel modules ?

Noel Kuntze noel at familie-kuntze.de
Fri Feb 19 20:18:06 CET 2016

Hello Marko,

> Ok, it means that the required modules are missing. But what if I have a kernel which was compiled with all the required options set to "y" instead of "m", so that all the kernel IPSec support is compiled in.
> Can you somehow still force the strongswan to bypass kernel modules and use the ipsec support if it was compiled into the kernel?

charon tries to load the required modules so the kernel has them loaded when charon tries to insert the SAs and SPs.
It doesn't matter for charon that you built them statically in the kernel. It will work alright, assuming all the modules are there.
Charon doesn't use the modules. The kernel only needs them so it can actually deal with IPsec traffic, the SAs and SPs.


Mit freundlichen Grüßen/Kind Regards,
Noel Kuntze

GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20160219/79676440/attachment.pgp>

More information about the Users mailing list