Could any explain way I do not have the /etc/ipsec.d/ -directory ?
Witch I should copy the Certificate into.
earth
Fri Jul 12 17:30:08 CEST 2002
+ _________________________ version
+ ipsec --version
Linux FreeS/WAN 1.98b
See `ipsec --copyright' for copyright information.
+ _________________________ proc/version
+ cat /proc/version
Linux version 2.4.18-3 (bhcompile_at_daffy.perf.redhat.com) (gcc version 2.96 20000731 (Red Hat Linux 7.3 2.96-110)) #1 Thu Apr 18 07:37:53 EDT 2002
+ _________________________ proc/net/ipsec_eroute
+ sort +3 /proc/net/ipsec_eroute
+ _________________________ netstart-rn
+ netstat -nr
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
194.14.14.0 0.0.0.0 255.255.255.0 U 40 0 0 eth0
194.14.14.0 0.0.0.0 255.255.255.0 U 40 0 0 ipsec0
127.0.0.0 0.0.0.0 255.0.0.0 U 40 0 0 lo
0.0.0.0 194.14.14.27 0.0.0.0 UG 40 0 0 eth0
+ _________________________ proc/net/ipsec_spi
+ cat /proc/net/ipsec_spi
+ _________________________ proc/net/ipsec_spigrp
+ cat /proc/net/ipsec_spigrp
+ _________________________ proc/net/ipsec_tncfg
+ cat /proc/net/ipsec_tncfg
ipsec0 -> eth0 mtu=16260(1500) -> 1500
ipsec1 -> NULL mtu=0(0) -> 0
ipsec2 -> NULL mtu=0(0) -> 0
ipsec3 -> NULL mtu=0(0) -> 0
+ _________________________ proc/net/pf_key
+ cat /proc/net/pf_key
sock pid socket next prev e n p sndbf Flags Type St
cdf27060 967 ce0efce4 0 0 0 0 2 65535 00000000 3 1
+ _________________________ proc/net/pf_key-star
+ cd /proc/net
+ egrep '^' pf_key_registered pf_key_supported
pf_key_registered:satype socket pid sk
pf_key_registered: 2 ce0efce4 967 cdf27060
pf_key_registered: 3 ce0efce4 967 cdf27060
pf_key_registered: 9 ce0efce4 967 cdf27060
pf_key_registered: 10 ce0efce4 967 cdf27060
pf_key_supported:satype exttype alg_id ivlen minbits maxbits
pf_key_supported: 2 14 3 0 160 160
pf_key_supported: 2 14 2 0 128 128
pf_key_supported: 3 15 3 128 168 168
pf_key_supported: 3 14 3 0 160 160
pf_key_supported: 3 14 2 0 128 128
pf_key_supported: 9 15 4 0 128 128
pf_key_supported: 9 15 3 0 32 128
pf_key_supported: 9 15 2 0 128 32
pf_key_supported: 9 15 1 0 32 32
pf_key_supported: 10 15 2 0 1 1
+ _________________________ proc/sys/net/ipsec-star
+ cd /proc/sys/net/ipsec
+ egrep '^' debug_ah debug_eroute debug_esp debug_ipcomp debug_netlink debug_pfkey debug_radij debug_rcv debug_spi debug_tunnel debug_verbose debug_xform icmp inbound_policy_check tos
debug_ah:0
debug_eroute:0
debug_esp:0
debug_ipcomp:0
debug_netlink:0
debug_pfkey:0
debug_radij:0
debug_rcv:0
debug_spi:0
debug_tunnel:0
debug_verbose:0
debug_xform:0
icmp:1
inbound_policy_check:1
tos:1
+ _________________________ ipsec/status
+ ipsec auto --status
000 interface ipsec0/eth0 194.14.14.221
000
000
000
+ _________________________ ifconfig-a
+ ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:04:76:4C:36:7D
inet addr:194.14.14.221 Bcast:194.14.14.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1657 errors:0 dropped:0 overruns:0 frame:0
TX packets:658 errors:0 dropped:0 overruns:0 carrier:3
collisions:0 txqueuelen:100
RX bytes:397661 (388.3 Kb) TX bytes:64620 (63.1 Kb)
Interrupt:10 Base address:0xe800
ipsec0 Link encap:Ethernet HWaddr 00:04:76:4C:36:7D
inet addr:194.14.14.221 Mask:255.255.255.0
UP RUNNING NOARP MTU:16260 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:10
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
ipsec1 Link encap:IPIP Tunnel HWaddr
NOARP MTU:0 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:10
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
ipsec2 Link encap:IPIP Tunnel HWaddr
NOARP MTU:0 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:10
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
ipsec3 Link encap:IPIP Tunnel HWaddr
NOARP MTU:0 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:10
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:52 errors:0 dropped:0 overruns:0 frame:0
TX packets:52 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3396 (3.3 Kb) TX bytes:3396 (3.3 Kb)
+ _________________________ ipsec/directory
+ ipsec --directory
/usr/local/lib/ipsec
+ _________________________ hostname/fqdn
+ hostname --fqdn
earth
+ _________________________ hostname/ipaddress
+ hostname --ip-address
127.0.0.1
+ _________________________ uptime
+ uptime
5:30pm up 56 min, 2 users, load average: 0.00, 0.03, 0.05
+ _________________________ ps
+ ps alxwf
+ egrep -i 'ppid|pluto|ipsec|klips'
F UID PID PPID PRI NI VSZ RSS WCHAN STAT TTY TIME COMMAND
040 0 956 1 17 0 2152 1036 wait4 S ? 0:00 /bin/sh /usr/local/lib/ipsec/_plutorun --debug none --uniqueids
040 0 961 956 18 0 2152 1036 wait4 S ? 0:00 \_ /bin/sh /usr/local/lib/ipsec/_plutorun --debug none --uniqu
100 0 967 961 15 0 1936 772 schedu S ? 0:00 | \_ /usr/local/lib/ipsec/pluto --nofork --debug-none --uniq
000 0 1023 967 15 0 1412 288 schedu S ? 0:00 | \_ _pluto_adns 7 10
000 0 962 956 15 0 2132 1016 pipe_w S ? 0:00 \_ /bin/sh /usr/local/lib/ipsec/_plutoload --load %search --st
000 0 957 1 17 0 1344 364 pipe_w S ? 0:00 logger -p daemon.error -t ipsec__plutorun
000 0 2043 1741 16 0 2240 1032 wait4 S pts/0 0:00 \_ /bin/sh /usr/local/sbin/ipsec barf
000 0 2044 2043 19 0 2268 1080 wait4 S pts/0 0:00 \_ /bin/sh /usr/local/lib/ipsec/barf
040 0 2096 2044 20 0 2268 1080 - R pts/0 0:00 \_ /bin/sh /usr/local/lib/ipsec/barf
+ _________________________ ipsec/showdefaults
+ ipsec showdefaults
routephys=eth0
routephys=eth0
routevirt=ipsec0
routevirt=ipsec0
routeaddr=194.14.14.221
routeaddr=194.14.14.221
routenexthop=194.14.14.27
routenexthop=194.14.14.27
defaultroutephys=eth0
defaultroutevirt=ipsec0
defaultrouteaddr=194.14.14.221
defaultroutenexthop=194.14.14.27
+ _________________________ ipsec/conf
+ ipsec _include /etc/ipsec.conf
+ ipsec _keycensor
#< /etc/ipsec.conf 1
# /etc/ipsec.conf - FreeS/WAN IPsec configuration file
# More elaborate and more varied sample configurations can be found
# in FreeS/WAN's doc/examples file, and in the HTML documentation.
# basic configuration
config setup
# THIS SETTING MUST BE CORRECT or almost nothing will work;
# %defaultroute is okay for most simple cases.
interfaces=%defaultroute
# Debug-logging controls: "none" for (almost) none, "all" for lots.
klipsdebug=none
plutodebug=none
# Use auto= parameters in conn descriptions to control startup actions.
plutoload=%search
plutostart=%search
# Close down old connection when new one using same ID shows up.
uniqueids=yes
# defaults for subsequent connection descriptions
# (these defaults will soon go away)
conn %default
keyingtries=0
disablearrivalcheck=no
authby=rsasig
leftrsasigkey=%dnsondemand
rightrsasigkey=%dnsondemand
# connection description for opportunistic encryption
# (requires KEY record in your DNS reverse map; see doc/opportunism.howto)
conn me-to-anyone
left=%defaultroute
right=%opportunistic
keylife=1h
rekey=no
# for initiator only OE, uncomment and uncomment this
# after putting your key in your forward map
#leftid=@myhostname.example.com
# uncomment this next line to enable it
#auto=route
# sample VPN connection
conn sample
# Left security gateway, subnet behind it, next hop toward right.
left=10.0.0.1
leftsubnet=172.16.0.0/24
leftnexthop=10.22.33.44
# Right security gateway, subnet behind it, next hop toward left.
right=10.12.12.1
rightsubnet=192.168.0.0/24
rightnexthop=10.101.102.103
# To authorize this connection, but not actually start it, at startup,
# uncomment this.
#auto=add
+ _________________________ ipsec/secrets
+ ipsec _include /etc/ipsec.secrets
+ ipsec _secretcensor
#< /etc/ipsec.secrets 1
: RSA {
# RSA 2192 bits earth Thu Jul 11 18:23:12 2002
# for signatures only, UNSAFE FOR ENCRYPTION
#pubkey=[keyid AQNuo+n9y]
#IN KEY 0x4200 4 1 [keyid AQNuo+n9y]
# (0x4200 = auth-only host-level, 4 = IPSec, 1 = RSA)
Modulus: [...]
PublicExponent: [...]
# everything after this point is secret
PrivateExponent: [...]
Prime1: [...]
Prime2: [...]
Exponent1: [...]
Exponent2: [...]
Coefficient: [...]
}
# do not change the indenting of that "[sums to 7d9d...]"
+ _________________________ ipsec/ls-dir
+ ls -l /usr/local/lib/ipsec
total 2520
-rwxr-xr-x 1 root root 11102 Jun 27 19:31 _confread
-rwxr-xr-x 1 root root 46761 Jun 27 19:31 _copyright
-rwxr-xr-x 1 root root 2163 Jun 27 19:31 _include
-rwxr-xr-x 1 root root 1472 Jun 27 19:31 _keycensor
-rwxr-xr-x 1 root root 71737 Jun 27 19:31 _pluto_adns
-rwxr-xr-x 1 root root 3495 Jun 27 19:31 _plutoload
-rwxr-xr-x 1 root root 4376 Jun 27 19:31 _plutorun
-rwxr-xr-x 1 root root 7450 Jun 27 19:31 _realsetup
-rwxr-xr-x 1 root root 1971 Jun 27 19:31 _secretcensor
-rwxr-xr-x 1 root root 6933 Jun 27 19:31 _startklips
-rwxr-xr-x 1 root root 5014 Jun 27 19:31 _updown
-rwxr-xr-x 1 root root 11404 Jun 27 19:31 auto
-rwxr-xr-x 1 root root 7195 Jun 27 19:31 barf
-rwxr-xr-x 1 root root 816 Jun 27 19:31 calcgoo
-rwxr-xr-x 1 root root 225933 Jun 27 19:31 eroute
-rwxr-xr-x 1 root root 98456 Jun 27 19:32 ikeping
-rwxr-xr-x 1 root root 2916 Jun 27 19:31 ipsec
-rw-r--r-- 1 root root 1950 Jun 27 19:31 ipsec_pr.template
-rwxr-xr-x 1 root root 161618 Jun 27 19:31 klipsdebug
-rwxr-xr-x 1 root root 2437 Jun 27 19:31 look
-rwxr-xr-x 1 root root 16157 Jun 27 19:31 manual
-rwxr-xr-x 1 root root 1847 Jun 27 19:31 newhostkey
-rwxr-xr-x 1 root root 140177 Jun 27 19:31 pf_key
-rwxr-xr-x 1 root root 792423 Jun 27 19:31 pluto
-rwxr-xr-x 1 root root 53070 Jun 27 19:31 ranbits
-rwxr-xr-x 1 root root 76538 Jun 27 19:31 rsasigkey
-rwxr-xr-x 1 root root 16671 Jun 27 19:31 send-pr
lrwxrwxrwx 1 root root 22 Jul 11 18:19 setup -> /etc/rc.d/init.d/ipsec
-rwxr-xr-x 1 root root 1041 Jun 27 19:31 showdefaults
-rwxr-xr-x 1 root root 4205 Jun 27 19:31 showhostkey
-rwxr-xr-x 1 root root 246942 Jun 27 19:31 spi
-rwxr-xr-x 1 root root 202766 Jun 27 19:31 spigrp
-rwxr-xr-x 1 root root 71219 Jun 27 19:31 tncfg
-rwxr-xr-x 1 root root 17032 Jun 27 19:32 uml_netjig
-rwxr-xr-x 1 root root 3353 Jun 27 19:31 verify
-rwxr-xr-x 1 root root 136091 Jun 27 19:31 whack
+ _________________________ ipsec/updowns
++ ls /usr/local/lib/ipsec
++ egrep updown
+ cat /usr/local/lib/ipsec/_updown
#! /bin/sh
# default updown script
# Copyright (C) 2000, 2001 D. Hugh Redelmeier, Henry Spencer
#
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the
# Free Software Foundation; either version 2 of the License, or (at your
# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# for more details.
#
# RCSID $Id: _updown,v 1.19 2002/03/25 18:04:42 henry Exp $
# CAUTION: Installing a new version of FreeS/WAN will install a new
# copy of this script, wiping out any custom changes you make. If
# you need changes, make a copy of this under another name, and customize
# that, and use the (left/right)updown parameters in ipsec.conf to make
# FreeS/WAN use yours instead of this default one.
# check interface version
case "$PLUTO_VERSION" in
1.[0]) # Older Pluto?!? Play it safe, script may be using new features.
echo "$0: obsolete interface version \`$PLUTO_VERSION'," >&2
echo "$0: called by obsolete Pluto?" >&2
exit 2
;;
1.*) ;;
*) echo "$0: unknown interface version \`$PLUTO_VERSION'" >&2
exit 2
;;
esac
# check parameter(s)
case "$1:$*" in
':') # no parameters
;;
ipfwadm:ipfwadm) # due to (left/right)firewall; for default script only
;;
custom:*) # custom parameters (see above CAUTION comment)
;;
*) echo "$0: unknown parameters \`$*'" >&2
exit 2
;;
esac
# utility functions for route manipulation
# Meddling with this stuff should not be necessary and requires great care.
uproute() {
doroute add
}
downroute() {
doroute del
}
doroute() {
parms="-net $PLUTO_PEER_CLIENT_NET netmask $PLUTO_PEER_CLIENT_MASK"
parms2="dev $PLUTO_INTERFACE gw $PLUTO_NEXT_HOP"
case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in
"0.0.0.0/0.0.0.0")
# horrible kludge for obscure routing bug with opportunistic
it="route $1 -net 0.0.0.0 netmask 128.0.0.0 $parms2 &&
route $1 -net 128.0.0.0 netmask 128.0.0.0 $parms2"
;;
*) it="route $1 $parms $parms2"
;;
esac
eval $it
st=$?
if test $st -ne 0
then
# route has already given its own cryptic message
echo "$0: \`$it' failed" >&2
if test " $1 $st" = " add 7"
then
# another totally undocumented interface -- 7 and
# "SIOCADDRT: Network is unreachable" means that
# the gateway isn't reachable.
echo "$0: (incorrect or missing nexthop setting??)" >&2
fi
fi
return $st
}
# the big choice
case "$PLUTO_VERB:$1" in
prepare-host:*|prepare-client:*)
# delete possibly-existing route (preliminary to adding a route)
case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in
"0.0.0.0/0.0.0.0")
# horrible kludge for obscure routing bug with opportunistic
it="route del -net 0.0.0.0 netmask 128.0.0.0 2>&1 ;
route del -net 128.0.0.0 netmask 128.0.0.0 2>&1"
;;
*)
it="route del -net $PLUTO_PEER_CLIENT_NET \
netmask $PLUTO_PEER_CLIENT_MASK 2>&1"
;;
esac
oops="`eval $it`"
status="$?"
if test " $oops" = " " -a " $status" != " 0"
then
oops="silent error, exit status $status"
fi
case "$oops" in
'SIOCDELRT: No such process'*)
# This is what route (currently -- not documented!) gives
# for "could not find such a route".
oops=
status=0
;;
esac
if test " $oops" != " " -o " $status" != " 0"
then
echo "$0: \`$it' failed ($oops)" >&2
fi
exit $status
;;
route-host:*|route-client:*)
# connection to me or my client subnet being routed
uproute
;;
unroute-host:*|unroute-client:*)
# connection to me or my client subnet being unrouted
downroute
;;
up-host:*)
# connection to me coming up
# If you are doing a custom version, firewall commands go here.
;;
down-host:*)
# connection to me going down
# If you are doing a custom version, firewall commands go here.
;;
up-client:)
# connection to my client subnet coming up
# If you are doing a custom version, firewall commands go here.
;;
down-client:)
# connection to my client subnet going down
# If you are doing a custom version, firewall commands go here.
;;
up-client:ipfwadm)
# connection to client subnet, with (left/right)firewall=yes, coming up
# This is used only by the default updown script, not by your custom
# ones, so do not mess with it; see CAUTION comment up at top.
ipfwadm -F -i accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \
-D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK
;;
down-client:ipfwadm)
# connection to client subnet, with (left/right)firewall=yes, going down
# This is used only by the default updown script, not by your custom
# ones, so do not mess with it; see CAUTION comment up at top.
ipfwadm -F -d accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \
-D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK
;;
*) echo "$0: unknown verb \`$PLUTO_VERB' or parameter \`$1'" >&2
exit 1
;;
esac
+ _________________________ proc/net/dev
+ cat /proc/net/dev
Inter-| Receive | Transmit
face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed
lo: 3396 52 0 0 0 0 0 0 3396 52 0 0 0 0 0 0
eth0: 397661 1657 0 0 0 0 0 0 64620 658 0 0 0 0 3 0
ipsec0: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
ipsec1: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
ipsec2: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
ipsec3: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
+ _________________________ proc/net/route
+ cat /proc/net/route
Iface Destination Gateway Flags RefCnt Use Metric Mask MTU Window IRTT
eth0 000E0EC2 00000000 0001 0 0 0 00FFFFFF 40 0 0
ipsec0 000E0EC2 00000000 0001 0 0 0 00FFFFFF 40 0 0
lo 0000007F 00000000 0001 0 0 0 000000FF 40 0 0
eth0 00000000 1B0E0EC2 0003 0 0 0 00000000 40 0 0
+ _________________________ proc/sys/net/ipv4/ip_forward
+ cat /proc/sys/net/ipv4/ip_forward
0
+ _________________________ proc/sys/net/ipv4/conf/star-rp_filter
+ cd /proc/sys/net/ipv4/conf
+ egrep '^' all/rp_filter default/rp_filter eth0/rp_filter ipsec0/rp_filter lo/rp_filter
all/rp_filter:0
default/rp_filter:1
eth0/rp_filter:1
ipsec0/rp_filter:1
lo/rp_filter:1
+ _________________________ uname-a
+ uname -a
Linux earth 2.4.18-3 #1 Thu Apr 18 07:37:53 EDT 2002 i686 unknown
+ _________________________ redhat-release
+ test -r /etc/redhat-release
+ cat /etc/redhat-release
Red Hat Linux release 7.3 (Valhalla)
+ _________________________ proc/net/ipsec_version
+ cat /proc/net/ipsec_version
FreeS/WAN version: 1.98b
+ _________________________ iptables/list
+ iptables -L -v -n
Chain INPUT (policy ACCEPT 118 packets, 11158 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 124 packets, 8499 bytes)
pkts bytes target prot opt in out source destination
+ _________________________ ipchains/list
+ ipchains -L -v -n
ipchains: Incompatible with this kernel
+ _________________________ ipfwadm/forward
+ ipfwadm -F -l -n -e
Generic IP Firewall Chains not in this kernel
+ _________________________ ipfwadm/input
+ ipfwadm -I -l -n -e
Generic IP Firewall Chains not in this kernel
+ _________________________ ipfwadm/output
+ ipfwadm -O -l -n -e
Generic IP Firewall Chains not in this kernel
+ _________________________ iptables/nat
+ iptables -t nat -L -v -n
Chain PREROUTING (policy ACCEPT 9 packets, 549 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 9 packets, 545 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 9 packets, 545 bytes)
pkts bytes target prot opt in out source destination
+ _________________________ ipchains/masq
+ ipchains -M -L -v -n
ipchains: cannot open file `/proc/net/ip_masquerade'
+ _________________________ ipfwadm/masq
+ ipfwadm -M -l -n -e
Generic IP Firewall Chains not in this kernel
+ _________________________ iptables/mangle
+ iptables -t mangle -L -v -n
Chain PREROUTING (policy ACCEPT 118 packets, 11158 bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 118 packets, 11158 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 124 packets, 8499 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 124 packets, 8499 bytes)
pkts bytes target prot opt in out source destination
+ _________________________ proc/modules
+ cat /proc/modules
iptable_mangle 3136 0 (autoclean) (unused)
iptable_nat 21012 0 (autoclean) (unused)
ip_conntrack 21164 1 (autoclean) [iptable_nat]
iptable_filter 2752 0 (autoclean) (unused)
ip_tables 13984 5 [iptable_mangle iptable_nat iptable_filter]
sr_mod 16920 0 (autoclean)
maestro3 27912 0 (autoclean)
ac97_codec 11904 0 (autoclean) [maestro3]
soundcore 6692 2 (autoclean) [maestro3]
agpgart 39488 3 (autoclean)
NVdriver 1066336 11 (autoclean)
ipsec 259552 2
autofs 12164 0 (autoclean) (unused)
ds 8608 2
yenta_socket 12384 2
pcmcia_core 50752 0 [ds yenta_socket]
3c59x 28520 1
ide-scsi 9664 0
scsi_mod 108608 2 [sr_mod ide-scsi]
ide-cd 30272 0
cdrom 32192 0 [sr_mod ide-cd]
usb-uhci 24484 0 (unused)
usbcore 73152 1 [usb-uhci]
ext3 67136 2
jbd 49400 2 [ext3]
+ _________________________ proc/meminfo
+ cat /proc/meminfo
total: used: free: shared: buffers: cached:
Mem: 261959680 219279360 42680320 0 6955008 130916352
Swap: 534601728 0 534601728
MemTotal: 255820 kB
MemFree: 41680 kB
MemShared: 0 kB
Buffers: 6792 kB
Cached: 127848 kB
SwapCached: 0 kB
Active: 145992 kB
Inact_dirty: 1264 kB
Inact_clean: 40128 kB
Inact_target: 37476 kB
HighTotal: 0 kB
HighFree: 0 kB
LowTotal: 255820 kB
LowFree: 41680 kB
SwapTotal: 522072 kB
SwapFree: 522072 kB
Committed_AS: 82272 kB
+ _________________________ dev/ipsec-ls
+ ls -l '/dev/ipsec*'
ls: /dev/ipsec*: No such file or directory
+ _________________________ proc/net/ipsec-ls
+ ls -l /proc/net/ipsec_eroute /proc/net/ipsec_klipsdebug /proc/net/ipsec_spi /proc/net/ipsec_spigrp /proc/net/ipsec_tncfg /proc/net/ipsec_version
-r--r--r-- 1 root root 0 Jul 12 17:30 /proc/net/ipsec_eroute
-r--r--r-- 1 root root 0 Jul 12 17:30 /proc/net/ipsec_klipsdebug
-r--r--r-- 1 root root 0 Jul 12 17:30 /proc/net/ipsec_spi
-r--r--r-- 1 root root 0 Jul 12 17:30 /proc/net/ipsec_spigrp
-r--r--r-- 1 root root 0 Jul 12 17:30 /proc/net/ipsec_tncfg
-r--r--r-- 1 root root 0 Jul 12 17:30 /proc/net/ipsec_version
+ _________________________ usr/src/linux/.config
+ test -f /usr/src/linux/.config
+ _________________________ etc/syslog.conf
+ cat /etc/syslog.conf
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.* /dev/console
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none /var/log/messages
# The authpriv file has restricted access.
authpriv.* /var/log/secure
# Log all the mail messages in one place.
mail.* /var/log/maillog
# Log cron stuff
cron.* /var/log/cron
# Everybody gets emergency messages
*.emerg *
# Save news errors of level crit and higher in a special file.
uucp,news.crit /var/log/spooler
# Save boot messages also to boot.log
local7.* /var/log/boot.log
+ _________________________ etc/resolv.conf
+ cat /etc/resolv.conf
nameserver 130.244.127.161
nameserver 130.244.127.169
+ _________________________ lib/modules-ls
+ ls -ltr /lib/modules
total 8
drwxr-xr-x 4 root root 4096 May 17 13:17 2.4.18-3
drwxr-xr-x 4 root root 4096 Jul 10 15:37 2.4.18-5
+ _________________________ proc/ksyms-netif_rx
+ egrep netif_rx /proc/ksyms
c01c9be0 netif_rx_R35fec680
+ _________________________ lib/modules-netif_rx
+ modulegoo kernel/net/ipv4/ipip.o netif_rx
+ set +x
2.4.18-3: U netif_rx_R35fec680
2.4.18-5: U netif_rx_Rc17f7005
+ _________________________ kern.debug
+ test -f /var/log/kern.debug
+ _________________________ klog
+ sed -n '1671,$p' /var/log/boot.log
+ egrep -i 'ipsec|klips|pluto'
+ cat
Jul 12 16:34:54 earth ipsec: ipsec_setup: Starting FreeS/WAN IPsec 1.98b...
Jul 12 16:34:55 earth ipsec: ipsec_setup: Using /lib/modules/2.4.18-3/kernel/net/ipsec/ipsec.o
Jul 12 16:34:56 earth ipsec: ipsec_setup: WARNING: eth0 has route filtering turned on, KLIPS may not work
Jul 12 16:34:56 earth ipsec: ipsec_setup: (/proc/sys/net/ipv4/conf/eth0/rp_filter = `1', should be 0)
Jul 12 16:34:56 earth rc: Starting ipsec: succeeded
+ _________________________ plog
+ sed -n '65,$p' /var/log/secure
+ egrep -i pluto
+ cat
Jul 12 16:34:56 earth ipsec__plutorun: Starting Pluto subsystem...
Jul 12 16:34:57 earth pluto[967]: Starting Pluto (FreeS/WAN Version 1.98b)
Jul 12 16:34:58 earth pluto[967]: listening for IKE messages
Jul 12 16:34:58 earth pluto[967]: adding interface ipsec0/eth0 194.14.14.221
Jul 12 16:34:58 earth pluto[967]: loading secrets from "/etc/ipsec.secrets"
+ _________________________ date
+ date
Fri Jul 12 17:30:09 CEST 2002
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:23 CEST