Re: [Users] SuperFreeS/WAN 1.99_kb3 w/ NAT-T: pfkey write() invalid argument

From: Ken Bantoft (ken_at_freeswan.ca)
Date: Thu Dec 26 2002 - 01:00:52 CET

• Next message: Stephen J. Bevan: "Re: [Users] SuperFreeS/WAN 1.99_kb3 w/ NAT-T: pfkey write() invalid argument"
• Previous message: jsa62_at_tid.es: "[Users] NAT doubt"
• In reply to: Charles Duffy: "Re: [Users] SuperFreeS/WAN 1.99_kb3 w/ NAT-T: pfkey write() invalid argument"
• Next in thread: Stephen J. Bevan: "Re: [Users] SuperFreeS/WAN 1.99_kb3 w/ NAT-T: pfkey write() invalid argument"
• Reply: Stephen J. Bevan: "Re: [Users] SuperFreeS/WAN 1.99_kb3 w/ NAT-T: pfkey write() invalid argument"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

-----BEGIN PGP SIGNED MESSAGE-----

On Wed, 25 Dec 2002, Charles Duffy wrote:

> Quoting "Stephen J. Bevan" <stephen_at_dino.dnsalias.com>:
> > If both the user-level and kernel are
> > reporting _kb3 then that can probably be ruled out. In that case, any
> > chance you could try out your scenario with an older version of Super
> > FreeS/WAN say, 1.99_kb2 or 1.99_kb1? If your scenario works with
> > either of those then it would definitely point the finger at a bad
> > NAT-T and selectors interaction. If your scenario still fails with
> > _kb[12] then I'm off the hook :-)
>
> Both kernel and userspace components agreed on kb3rc3 (equivalent to kb3 release
> except in documentation, if I read my diffs correctly). Downgrading to _kb2
> fixed the issue (though I'm still fighting a few other issues relating to
> routing and virtual IP assignement, I'm fairly sure they're misconfiguration
> issues on my part and hope to be able to power through them on my own).
>
> Thanks!

Charles,

Thanks for confirming that... so port selection conflict with NAT-T patch.
Argh... so much for a relaxing holiday season.

I've pulled the kb3 final release for now, and left kb3rc3 up for people
to beat more on. The only diff's from kb3rc3 -> kb3 was in the
documentation.

So yes, Stephen, you're somewhat off the hook, since Andreas has merged
your code into 0.9.17. Unfortunatly, there's now a conflict between the
X.509 patch and NAT-T 0.4 patches, specifically in the pfkey area. Ugly.

I'll see what I can come up with, but it'll be a few days since I'm not at
home or work, so I don't have any sort of testbed until monday. It
currently compiles okay, I had to do some manual merges, so it's either a
full on conflict, or I screwed up the merge, and somehow it manages to
still compile cleanly :(

- --
Ken Bantoft The Unoffical FreeS/WAN Site:
ken_at_freeswan.ca http://www.freeswan.ca
                           PGP Key: finger ken_at_bantoft.org
"We can factor the number 15 with quantum computers. We
can also factor the number 15 with a dog trained to bark
three times." -- Robert Harley, 5/12/01, Sci.crypt

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv

iQCVAwUBPgpGt1iWUusaxGxpAQHznQP/TT3GCtHIOwk07SBtvMU0TIgqPd65w0Pp
1BFDyhfeyx721KHmO5p9ezP7GKVKU5kxjzQbfpXsDiijKUTlsdjOeJNalVeTRRqB
0Vvh9hZ/UhiYA7AncC76kvbbgaB1a37yhxMf6oL33icSp51r1wAYAq7XwPpIBh7+
pBzadgI2iVo=
=Bdqk
-----END PGP SIGNATURE-----

_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

• Next message: Stephen J. Bevan: "Re: [Users] SuperFreeS/WAN 1.99_kb3 w/ NAT-T: pfkey write() invalid argument"
• Previous message: jsa62_at_tid.es: "[Users] NAT doubt"
• In reply to: Charles Duffy: "Re: [Users] SuperFreeS/WAN 1.99_kb3 w/ NAT-T: pfkey write() invalid argument"
• Next in thread: Stephen J. Bevan: "Re: [Users] SuperFreeS/WAN 1.99_kb3 w/ NAT-T: pfkey write() invalid argument"
• Reply: Stephen J. Bevan: "Re: [Users] SuperFreeS/WAN 1.99_kb3 w/ NAT-T: pfkey write() invalid argument"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.5 : Thu Dec 26 2002 - 05:21:13 CET