From: Sam Sgro (sam_at_freeswan.org)
Date: Sun Dec 29 2002 - 06:31:53 CET
-----BEGIN PGP SIGNED MESSAGE-----
On Fri, 27 Dec 2002, Mimmus wrote:
> It seems that specific RPM package with X.509 patch:
> freeswan-module-1.99_x509_0.9.15_2.4.9_34-0.i386.rpm
> cause the:
> > pluto[24331]: INTERNAL ERROR: /proc/net/ipsec_eroute line 1 SA ID field
> > malformed: SA specifier lacks valid protocol prefix
> error message.
>
> I removed this and installed freeswan-module-1.99_2.4.9_34-0.i386.rpm but
> I'm still unable to ping internal hosts. Debug log is:
Your error could easily be gateway related. You should clear your logs, start
FreeS/WAN, connect with the RW, take the barf, and post it to a website for
the list to examine. quick mentions: ip_forward should be set to 1, rp_filter
not set to 0 on the underlying physical interface. You can rule out iptables
rules via a diff of "iptables -L -n -v", though given your previous mail, I
doubt them to be the issue.
Have you used tcpdump to see whether or not packets ever make it to the
internal network?
- --
Sam Sgro
sam_at_freeswan.org
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv
Comment: For the matching public key, finger the Reply-To: address.
iQCVAwUBPg6Iy0OSC4btEQUtAQG7OAQAoFGatKRWDrbWDR0nu23vH3rSjPKjTjQO
YzX5M3m9DZWxJzc0K0NZjcjomAdYGFbjvYsGsws15coDeufknDwcMZR00gVLr1LY
4iR/srb30d3ewIK3T45Z0EndVfXqKwGf2v+nVpn09eoS893lh+PUrtwX518UckGH
misGTLXdHm0=
=mSoy
-----END PGP SIGNATURE-----
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Mon Dec 30 2002 - 05:21:12 CET