Mailinglist Archive: opensuse-security (334 mails)

< Previous Next >
Re: [suse-security] KLIPS Debugging no longer supported in Suse 8.2 ????
  • From: r.maurizzi@xxxxxxxxxxxxx
  • Date: Tue, 9 Sep 2003 11:52:28 +0200
  • Message-id: <OF6727002B.58E8060E-ONC1256D9C.002E1A86@xxxxxxxxxxxxx>

> It seems that KLIPS debugging is no longer possible since
> SuSE 8.2.

NAT-Traversal patch isn't enabled, too.

> What's the point behind this change??

Probably, the fact that in 2.4.22 crypto routine were added in the kernel,
and IPSEC changed a lot.

> I've tried installing the km_freeswan package and compiling
> stuff there but just get compile errors.

You should:
- install the kernel sources for your running kernel
- copy the config for your running kernet to the source dir (usually, go in
/usr/src/linux, and do zcat /proc/config.gz > .config)
- "make menuconfig" and check the options. Save the config and do "make
- go in /usr/src/kernel_modules/zz_freeswan
- type "make insert", this inserts the IPSEC patches in the kernel tree
- go back in /usr/src/linux, do "make menuconfig" and go in the Network
Option to check the IPSEC settings
- recompile the kernel :-)

Beware: doing so will trash all other SuSE kernel modules that are added
independently from the main kernel sources... check that you do not use any
module that have its sources in a km_*.rpm packages, and eventually compile


If someone has a better way to do some of the things II explained here,
comments and corrections are VERY welcome :-)

< Previous Next >
This Thread