[Bug 867055] New: ipsec-tools not working in specific setup
https://bugzilla.novell.com/show_bug.cgi?id=867055 https://bugzilla.novell.com/show_bug.cgi?id=867055#c0 Summary: ipsec-tools not working in specific setup Classification: openSUSE Product: openSUSE 13.1 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Network AssignedTo: jbohac@suse.com ReportedBy: meissner@suse.com QAContact: qa-bugs@suse.de CC: mt@suse.com Found By: --- Blocker: --- customer report via security@suse.de Date: Thu, 06 Mar 2014 15:07:41 +1100 Subject: [security@suse.de] [DOS][openSuSE13.1] ipsec-tools-0.7.3-29.2.2 Hi, I have found an issue that causes IPSEC to fail in unexpected ways. This was discovered in the process of upgrading some router/firewalls from openSuSE 12.1 to openSuSE 13.1. It was found that simple IPSEC setups do indeed work, but the more complicated setup in use here fails. Impact: The following scenario *DOES* work with the RPM as supplied network -- router/fw == ipsec tunnel == router/fw -- network The following scenario *FAILS* to work with the RPM as supplied network -- router -- network -- router/fw == ipsec tunnel == router/fw -- network -- router -- network Reason: In the SPD no forward rules are installed. Workaround: 1. install ipsec-tools-0.7.3-19.1.3 (from openSuSE 12.1) - all others between openSuSE 12.1 and openSuSE 13.1 are similarly broken. alternatively 2. recompile ipsec-tools-0.7.3-29.2.2.src.rpm on a machine with openSuSE 12.1 build environment. If you have any further queries, please do not hesitate to contact me. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=867055
https://bugzilla.novell.com/show_bug.cgi?id=867055#c1
Jiri Bohac
https://bugzilla.novell.com/show_bug.cgi?id=867055
https://bugzilla.novell.com/show_bug.cgi?id=867055#c2
Jiri Bohac
https://bugzilla.novell.com/show_bug.cgi?id=867055
https://bugzilla.novell.com/show_bug.cgi?id=867055#c3
Tom Burkart
https://bugzilla.novell.com/show_bug.cgi?id=867055
https://bugzilla.novell.com/show_bug.cgi?id=867055#c4
--- Comment #4 from Tom Burkart
https://bugzilla.novell.com/show_bug.cgi?id=867055
https://bugzilla.novell.com/show_bug.cgi?id=867055#c5
Jiri Bohac
https://bugzilla.novell.com/show_bug.cgi?id=867055
https://bugzilla.novell.com/show_bug.cgi?id=867055#c6
Tom Burkart
https://bugzilla.novell.com/show_bug.cgi?id=867055
https://bugzilla.novell.com/show_bug.cgi?id=867055#c7
--- Comment #7 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=867055
https://bugzilla.novell.com/show_bug.cgi?id=867055#c9
--- Comment #9 from Tom Burkart
https://bugzilla.novell.com/show_bug.cgi?id=867055
https://bugzilla.novell.com/show_bug.cgi?id=867055#c10
--- Comment #10 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=867055
https://bugzilla.novell.com/show_bug.cgi?id=867055#c11
Jiri Bohac
https://bugzilla.novell.com/show_bug.cgi?id=867055
https://bugzilla.novell.com/show_bug.cgi?id=867055#c12
--- Comment #12 from Jiri Bohac
https://bugzilla.novell.com/show_bug.cgi?id=867055
https://bugzilla.novell.com/show_bug.cgi?id=867055#c13
--- Comment #13 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=867055
https://bugzilla.novell.com/show_bug.cgi?id=867055#c14
Tom Burkart
bnc#856625. Fixed packages now in r29.5.1 works correctly here (BTW, using i586 or rather i686 machines here as fw's)
-- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=867055
https://bugzilla.novell.com/show_bug.cgi?id=867055#c15
--- Comment #15 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=867055
https://bugzilla.novell.com/show_bug.cgi?id=867055#c16
--- Comment #16 from Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=867055
https://bugzilla.novell.com/show_bug.cgi?id=867055#c17
--- Comment #17 from Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=867055
https://bugzilla.novell.com/show_bug.cgi?id=867055#c18
Jiri Bohac
participants (1)
-
bugzilla_noreply@novell.com