[strongSwan] NO_PROPOSAL_CHOSEN when using 5.6.2 on Ubuntu 18.04

Karuna Sagar Krishna karunasagark at gmail.com
Wed May 12 03:27:16 CEST 2021


Ah ofcourse `sudo ipsec restart` helps. But I'm hesitant to use it since it
breaks existing connections.

Would strace help, pasted it below:

sudo strace ipsec update
execve("/usr/sbin/ipsec", ["ipsec", "update"], 0x7ffebdb60588 /* 20 vars
*/) = 0
brk(NULL)                               = 0x55c1e8416000
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or
directory)
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or
directory)
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=47015, ...}) = 0
mmap(NULL, 47015, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f8447a9f000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or
directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libtinfo.so.5", O_RDONLY|O_CLOEXEC)
= 3
read(3,
"\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220\311\0\0\0\0\0\0"...,
832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=170784, ...}) = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f8447a9d000
mmap(NULL, 2267936, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) =
0x7f8447658000
mprotect(0x7f844767d000, 2097152, PROT_NONE) = 0
mmap(0x7f844787d000, 20480, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x25000) = 0x7f844787d000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or
directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3,
"\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P\16\0\0\0\0\0\0"..., 832) =
832
fstat(3, {st_mode=S_IFREG|0644, st_size=14560, ...}) = 0
mmap(NULL, 2109712, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) =
0x7f8447454000
mprotect(0x7f8447457000, 2093056, PROT_NONE) = 0
mmap(0x7f8447656000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f8447656000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or
directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3,
"\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20\35\2\0\0\0\0\0"..., 832)
= 832
fstat(3, {st_mode=S_IFREG|0755, st_size=2030928, ...}) = 0
mmap(NULL, 4131552, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) =
0x7f8447063000
mprotect(0x7f844724a000, 2097152, PROT_NONE) = 0
mmap(0x7f844744a000, 24576, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1e7000) = 0x7f844744a000
mmap(0x7f8447450000, 15072, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f8447450000
close(3)                                = 0
mmap(NULL, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f8447a9a000
arch_prctl(ARCH_SET_FS, 0x7f8447a9a740) = 0
mprotect(0x7f844744a000, 16384, PROT_READ) = 0
mprotect(0x7f8447656000, 4096, PROT_READ) = 0
mprotect(0x7f844787d000, 16384, PROT_READ) = 0
mprotect(0x55c1e668d000, 16384, PROT_READ) = 0
mprotect(0x7f8447aab000, 4096, PROT_READ) = 0
munmap(0x7f8447a9f000, 47015)           = 0
openat(AT_FDCWD, "/dev/tty", O_RDWR|O_NONBLOCK) = 3
close(3)                                = 0
brk(NULL)                               = 0x55c1e8416000
brk(0x55c1e8437000)                     = 0x55c1e8437000
openat(AT_FDCWD, "/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=1683056, ...}) = 0
mmap(NULL, 1683056, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f84478ff000
close(3)                                = 0
openat(AT_FDCWD, "/usr/share/locale/locale.alias", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=2995, ...}) = 0
read(3, "# Locale name alias data base.\n#"..., 4096) = 2995
read(3, "", 4096)                       = 0
close(3)                                = 0
openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_IDENTIFICATION",
O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=252, ...}) = 0
mmap(NULL, 252, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f8447aaa000
close(3)                                = 0
openat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/gconv/gconv-modules.cache",
O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=26376, ...}) = 0
mmap(NULL, 26376, PROT_READ, MAP_SHARED, 3, 0) = 0x7f8447aa3000
close(3)                                = 0
openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_MEASUREMENT",
O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=23, ...}) = 0
mmap(NULL, 23, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f8447aa2000
close(3)                                = 0
openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_TELEPHONE",
O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=47, ...}) = 0
mmap(NULL, 47, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f8447aa1000
close(3)                                = 0
openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_ADDRESS", O_RDONLY|O_CLOEXEC)
= 3
fstat(3, {st_mode=S_IFREG|0644, st_size=131, ...}) = 0
mmap(NULL, 131, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f8447aa0000
close(3)                                = 0
openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_NAME", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=62, ...}) = 0
mmap(NULL, 62, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f8447a9f000
close(3)                                = 0
openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_PAPER", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=34, ...}) = 0
mmap(NULL, 34, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f84478fe000
close(3)                                = 0
openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_MESSAGES", O_RDONLY|O_CLOEXEC)
= 3
fstat(3, {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
close(3)                                = 0
openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_MESSAGES/SYS_LC_MESSAGES",
O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=48, ...}) = 0
mmap(NULL, 48, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f84478fd000
close(3)                                = 0
openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_MONETARY", O_RDONLY|O_CLOEXEC)
= 3
fstat(3, {st_mode=S_IFREG|0644, st_size=270, ...}) = 0
mmap(NULL, 270, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f84478fc000
close(3)                                = 0
openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_COLLATE", O_RDONLY|O_CLOEXEC)
= 3
fstat(3, {st_mode=S_IFREG|0644, st_size=1516558, ...}) = 0
mmap(NULL, 1516558, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f8446ef0000
close(3)                                = 0
openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_TIME", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=3360, ...}) = 0
mmap(NULL, 3360, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f84478fb000
close(3)                                = 0
openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_NUMERIC", O_RDONLY|O_CLOEXEC)
= 3
fstat(3, {st_mode=S_IFREG|0644, st_size=50, ...}) = 0
mmap(NULL, 50, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f84478fa000
close(3)                                = 0
openat(AT_FDCWD, "/usr/lib/locale/C.UTF-8/LC_CTYPE", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=199772, ...}) = 0
mmap(NULL, 199772, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f84478c9000
close(3)                                = 0
getuid()                                = 0
getgid()                                = 0
geteuid()                               = 0
getegid()                               = 0
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
ioctl(-1, TIOCGPGRP, 0x7ffdff79c184)    = -1 EBADF (Bad file descriptor)
sysinfo({uptime=17179, loads=[23456, 22400, 23552], totalram=14677884928,
freeram=11554000896, sharedram=2469888, bufferram=277266432,
totalswap=7516188672, freeswap=7516188672, procs=448, totalhigh=0,
freehigh=0, mem_unit=1}) = 0
rt_sigaction(SIGCHLD, {sa_handler=SIG_DFL, sa_mask=[],
sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f84470a2040},
{sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
rt_sigaction(SIGCHLD, {sa_handler=SIG_DFL, sa_mask=[],
sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f84470a2040},
{sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART,
sa_restorer=0x7f84470a2040}, 8) = 0
rt_sigaction(SIGINT, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER,
sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0},
8) = 0
rt_sigaction(SIGINT, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER,
sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL, sa_mask=[],
sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, 8) = 0
rt_sigaction(SIGQUIT, {sa_handler=SIG_DFL, sa_mask=[],
sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL,
sa_mask=[], sa_flags=0}, 8) = 0
rt_sigaction(SIGQUIT, {sa_handler=SIG_DFL, sa_mask=[],
sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL,
sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, 8) = 0
rt_sigaction(SIGTSTP, {sa_handler=SIG_DFL, sa_mask=[],
sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL,
sa_mask=[], sa_flags=0}, 8) = 0
rt_sigaction(SIGTSTP, {sa_handler=SIG_DFL, sa_mask=[],
sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL,
sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, 8) = 0
rt_sigaction(SIGTTIN, {sa_handler=SIG_DFL, sa_mask=[],
sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL,
sa_mask=[], sa_flags=0}, 8) = 0
rt_sigaction(SIGTTIN, {sa_handler=SIG_DFL, sa_mask=[],
sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL,
sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, 8) = 0
rt_sigaction(SIGTTOU, {sa_handler=SIG_DFL, sa_mask=[],
sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL,
sa_mask=[], sa_flags=0}, 8) = 0
rt_sigaction(SIGTTOU, {sa_handler=SIG_DFL, sa_mask=[],
sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL,
sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, 8) = 0
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
rt_sigaction(SIGQUIT, {sa_handler=SIG_IGN, sa_mask=[],
sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL,
sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, 8) = 0
uname({sysname="Linux", nodename="hn1-kkafka", ...}) = 0
getcwd("/home/karkrish", 4096)          = 15
getpid()                                = 4884
getppid()                               = 4882
getpid()                                = 4884
getpgrp()                               = 4881
ioctl(2, TIOCGPGRP, [4881])             = 0
rt_sigaction(SIGCHLD, {sa_handler=0x55c1e63e1790, sa_mask=[],
sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f84470a2040},
{sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART,
sa_restorer=0x7f84470a2040}, 8) = 0
prlimit64(0, RLIMIT_NPROC, NULL, {rlim_cur=55845, rlim_max=55845}) = 0
rt_sigprocmask(SIG_BLOCK, NULL, [], 8)  = 0
openat(AT_FDCWD, "/usr/sbin/ipsec", O_RDONLY) = 3
stat("/usr/sbin/ipsec", {st_mode=S_IFREG|0755, st_size=7774, ...}) = 0
ioctl(3, TCGETS, 0x7ffdff79c110)        = -1 ENOTTY (Inappropriate ioctl
for device)
lseek(3, 0, SEEK_CUR)                   = 0
read(3, "#! /bin/sh\n# prefix command to r"..., 80) = 80
lseek(3, 0, SEEK_SET)                   = 0
prlimit64(0, RLIMIT_NOFILE, NULL, {rlim_cur=125*1024, rlim_max=125*1024}) =
0
fcntl(255, F_GETFD)                     = -1 EBADF (Bad file descriptor)
dup2(3, 255)                            = 255
close(3)                                = 0
fcntl(255, F_SETFD, FD_CLOEXEC)         = 0
fcntl(255, F_GETFL)                     = 0x8000 (flags
O_RDONLY|O_LARGEFILE)
fstat(255, {st_mode=S_IFREG|0755, st_size=7774, ...}) = 0
lseek(255, 0, SEEK_CUR)                 = 0
read(255, "#! /bin/sh\n# prefix command to r"..., 7774) = 7774
pipe([3, 4])                            = 0
rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
rt_sigprocmask(SIG_BLOCK, [INT CHLD], [], 8) = 0
lseek(255, -6800, SEEK_CUR)             = 974
clone(child_stack=NULL,
flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD,
child_tidptr=0x7f8447a9aa10) = 4885
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
rt_sigaction(SIGCHLD, {sa_handler=0x55c1e63e1790, sa_mask=[],
sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f84470a2040},
{sa_handler=0x55c1e63e1790, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART,
sa_restorer=0x7f84470a2040}, 8) = 0
close(4)                                = 0
read(3, "Linux\n", 128)                 = 6
read(3, "", 128)                        = 0
close(3)                                = 0
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4885, si_uid=0,
si_status=0, si_utime=0, si_stime=0} ---
wait4(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], WNOHANG, NULL) = 4885
wait4(-1, 0x7ffdff79b550, WNOHANG, NULL) = -1 ECHILD (No child processes)
rt_sigreturn({mask=[]})                 = 0
rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
rt_sigaction(SIGINT, {sa_handler=0x55c1e63de160, sa_mask=[],
sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL,
sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, 8) = 0
rt_sigaction(SIGINT, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER,
sa_restorer=0x7f84470a2040}, {sa_handler=0x55c1e63de160, sa_mask=[],
sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, 8) = 0
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
read(255, "IPSEC_NAME=\"strongSwan\"\nIPSEC_VE"..., 7774) = 6800
pipe([3, 4])                            = 0
rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
rt_sigprocmask(SIG_BLOCK, [INT CHLD], [], 8) = 0
lseek(255, -6741, SEEK_CUR)             = 1033
clone(child_stack=NULL,
flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD,
child_tidptr=0x7f8447a9aa10) = 4886
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
rt_sigaction(SIGCHLD, {sa_handler=0x55c1e63e1790, sa_mask=[],
sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f84470a2040},
{sa_handler=0x55c1e63e1790, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART,
sa_restorer=0x7f84470a2040}, 8) = 0
close(4)                                = 0
read(3, "5.4.0-1046-azure\n", 128)      = 17
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4886, si_uid=0,
si_status=0, si_utime=0, si_stime=0} ---
wait4(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], WNOHANG, NULL) = 4886
wait4(-1, 0x7ffdff79b450, WNOHANG, NULL) = -1 ECHILD (No child processes)
rt_sigreturn({mask=[]})                 = 17
read(3, "", 128)                        = 0
close(3)                                = 0
rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
rt_sigaction(SIGINT, {sa_handler=0x55c1e63de160, sa_mask=[],
sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL,
sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, 8) = 0
rt_sigaction(SIGINT, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER,
sa_restorer=0x7f84470a2040}, {sa_handler=0x55c1e63de160, sa_mask=[],
sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, 8) = 0
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
read(255, "\n# where the private directory a"..., 7774) = 6741
brk(0x55c1e8458000)                     = 0x55c1e8458000
stat("/var/run/starter.charon.pid", {st_mode=S_IFREG|0644, st_size=5, ...})
= 0
fcntl(1, F_GETFD)                       = 0
fcntl(1, F_DUPFD, 10)                   = 10
fcntl(1, F_GETFD)                       = 0
fcntl(10, F_SETFD, FD_CLOEXEC)          = 0
dup2(2, 1)                              = 1
fcntl(2, F_GETFD)                       = 0
fstat(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0
write(1, "Updating strongSwan IPsec config"..., 43Updating strongSwan IPsec
configuration...
) = 43
dup2(10, 1)                             = 1
fcntl(10, F_GETFD)                      = 0x1 (flags FD_CLOEXEC)
close(10)                               = 0
pipe([3, 4])                            = 0
rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
rt_sigprocmask(SIG_BLOCK, [INT CHLD], [], 8) = 0
lseek(255, -171, SEEK_CUR)              = 7603
clone(child_stack=NULL,
flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD,
child_tidptr=0x7f8447a9aa10) = 4887
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
rt_sigaction(SIGCHLD, {sa_handler=0x55c1e63e1790, sa_mask=[],
sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f84470a2040},
{sa_handler=0x55c1e63e1790, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART,
sa_restorer=0x7f84470a2040}, 8) = 0
close(4)                                = 0
read(3, "4941\n", 128)                  = 5
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4887, si_uid=0,
si_status=0, si_utime=0, si_stime=0} ---
wait4(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], WNOHANG, NULL) = 4887
wait4(-1, 0x7ffdff79b290, WNOHANG, NULL) = -1 ECHILD (No child processes)
rt_sigreturn({mask=[]})                 = 5
read(3, "", 128)                        = 0
close(3)                                = 0
rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
rt_sigaction(SIGINT, {sa_handler=0x55c1e63de160, sa_mask=[],
sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, {sa_handler=SIG_DFL,
sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, 8) = 0
rt_sigaction(SIGINT, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER,
sa_restorer=0x7f84470a2040}, {sa_handler=0x55c1e63de160, sa_mask=[],
sa_flags=SA_RESTORER, sa_restorer=0x7f84470a2040}, 8) = 0
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
kill(4941, SIGHUP)                      = 0
rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
exit_group(0)                           = ?
+++ exited with 0 +++

--karuna

On Tue, May 11, 2021 at 6:13 PM Noel Kuntze <noel.kuntze at thermi.consulting>
wrote:

> I'm sorry, I'm at mit wit's end. Try restarting the daemon. Maybe that
> helps.
>
> Am 12.05.21 um 02:33 schrieb Karuna Sagar Krishna:
> > Not sure if I fully understand. Did you mean to say - remove
> `auto=route` from default connection and add `auto=add` to each connection
> section? If yes, I made this change manually to ipsec.conf, ran `sudo ipsec
> update` but the status has not changed and I'm not able to ping the nodes.
> >
> > --karuna
> >
> >
> > On Tue, May 11, 2021 at 5:13 PM Noel Kuntze
> <noel.kuntze at thermi.consulting> wrote:
> >
> >     Oh. Right. You need to add auto=add to the configs. In your case,
> it's probably good if you'd change your script to add that to the conns
> inserted.
> >
> >     Am 12.05.21 um 01:55 schrieb Karuna Sagar Krishna:
> >     > Shortened the connection names and changed the order (attached).
> Tried various orders and shorter names. Each time ran `sudo ipsec update`
> followed by `sudo ipsec statusall`. The status did not change each time;
> the status still shows the old name for established connection. And there
> is nothing specific to this experiment in the logs.
> >     >
> >     > --karuna
> >     >
> >
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20210511/e18bb10d/attachment-0001.html>


More information about the Users mailing list