Hi,
I download latest package and put on SD card. Everything is going grate but I need to enable IPsec in kernel.
Could someone tell me what is easiest way to do that?
Enable IPsec
7 posts
• Page 1 of 1
Enable IPsec
by bl0ndynek » Thu Jan 29, 2015 11:46 am
- bl0ndynek
- Posts: 19
- Joined: Sat Jan 10, 2015 1:58 pm
Re: Enable IPsec
by WarheadsSE » Thu Jan 29, 2015 12:55 pm
Cleanly PR the kernel config at our github.
Do it right, follow the instructions inside the PKGBUILD.
Do it right, follow the instructions inside the PKGBUILD.
- WarheadsSE
- Developer
- Posts: 6807
- Joined: Mon Oct 18, 2010 2:12 pm
Re: Enable IPsec
by bl0ndynek » Mon Feb 02, 2015 12:46 am
Thank you for answer.
But is there way to cross compile it to create package?
I read on archlinux arm about distcc but this is not a option as me and raspberry are now on different networks.
Is there way to make makepkg use cross compiler?
Do you have plan to enable ipsec by default?
But is there way to cross compile it to create package?
I read on archlinux arm about distcc but this is not a option as me and raspberry are now on different networks.
Is there way to make makepkg use cross compiler?
Do you have plan to enable ipsec by default?
- bl0ndynek
- Posts: 19
- Joined: Sat Jan 10, 2015 1:58 pm
Re: Enable IPsec
by moonman » Mon Feb 02, 2015 1:42 am
WarheadsSE said you can submit a Pull Request on github to enable ipsec "by default"
Pogoplug V4 | GoFlex Home | Raspberry Pi 4 4GB | CuBox-i4 Pro | ClearFog | BeagleBone Black | Odroid U2 | Odroid C1 | Odroid XU4
-----------------------------------------------------------------------------------------------------------------------
[armv5] Updated U-Boot | [armv5] NAND Rescue System
-----------------------------------------------------------------------------------------------------------------------
[armv5] Updated U-Boot | [armv5] NAND Rescue System
- moonman
- Developer
- Posts: 3387
- Joined: Sat Jan 15, 2011 3:36 am
Re: Enable IPsec
by bl0ndynek » Wed Feb 04, 2015 10:44 pm
Sorry I don't understand.
Hope I do everything correctly.
Here is pool request:
https://github.com/archlinuxarm/PKGBUILDs/pull/1083
Hope I do everything correctly.
Here is pool request:
https://github.com/archlinuxarm/PKGBUILDs/pull/1083
- bl0ndynek
- Posts: 19
- Joined: Sat Jan 10, 2015 1:58 pm
Re: Enable IPsec
by moonman » Thu Feb 05, 2015 8:41 am
All the modules you PR'ed are already built. We will not make them built in, so you kust jave to load them manually with modprobe
Pogoplug V4 | GoFlex Home | Raspberry Pi 4 4GB | CuBox-i4 Pro | ClearFog | BeagleBone Black | Odroid U2 | Odroid C1 | Odroid XU4
-----------------------------------------------------------------------------------------------------------------------
[armv5] Updated U-Boot | [armv5] NAND Rescue System
-----------------------------------------------------------------------------------------------------------------------
[armv5] Updated U-Boot | [armv5] NAND Rescue System
- moonman
- Developer
- Posts: 3387
- Joined: Sat Jan 15, 2011 3:36 am
Re: Enable IPsec
by bl0ndynek » Fri Feb 06, 2015 10:52 am
Ok, big thanks and sorry for trouble, but I still have problem with IPsec may by some of you my help.
I got with tutorial:
https://raymii.org/s/tutorials/IPSEC_L2 ... Linux.html
At point where I have to execute command:
$this->bbcode_second_pass_code('', '
ipsec verify
')
I get output:
$this->bbcode_second_pass_code('', '
ipsec verify
Checking if IPsec got installed and started correctly:
Version check and ipsec on-path [OK]
Openswan U2.6.42/K(no kernel code presently loaded)
See `ipsec --copyright' for copyright information.
Checking for IPsec support in kernel [FAILED]
The ipsec service should be started before running 'ipsec verify'
Hardware random device check [N/A]
Two or more interfaces found, checking IP forwarding [OK]
Checking rp_filter [ENABLED]
/proc/sys/net/ipv4/conf/all/rp_filter [ENABLED]
Checking that pluto is running [FAILED]
Checking NAT and MASQUERADEing [TEST INCOMPLETE]
Checking 'ip' command [OK]
Checking 'iptables' command [OK]
')
I load all modules that are listed on this site:
https://wiki.strongswan.org/projects/st ... nelModules
$this->bbcode_second_pass_code('', '
sudo modprobe xfrm_ipcomp
sudo modprobe esp4
sudo modprobe ipcomp
sudo modprobe xfrm4_tunnel
sudo modprobe tunnel4
sudo modprobe xfrm4_mode_tunnel
sudo modprobe xfrm4_mode_transport
sudo modprobe xfrm4_mode_beet
sudo modprobe dccp_ipv6
sudo modprobe ipv6
sudo modprobe ah6
sudo modprobe esp6
sudo modprobe ipcomp6
sudo modprobe xfrm6_tunnel
sudo modprobe tunnel6
sudo modprobe xfrm6_mode_transport
sudo modprobe xfrm6_mode_tunnel
sudo modprobe xfrm6_mode_beet
sudo modprobe x_tables
sudo modprobe xt_tcpudp
sudo modprobe aead
sudo modprobe authenc
sudo modprobe authencesn
sudo modprobe deflate
')
and still output is the same do you have any idea why?
I got with tutorial:
https://raymii.org/s/tutorials/IPSEC_L2 ... Linux.html
At point where I have to execute command:
$this->bbcode_second_pass_code('', '
ipsec verify
')
I get output:
$this->bbcode_second_pass_code('', '
ipsec verify
Checking if IPsec got installed and started correctly:
Version check and ipsec on-path [OK]
Openswan U2.6.42/K(no kernel code presently loaded)
See `ipsec --copyright' for copyright information.
Checking for IPsec support in kernel [FAILED]
The ipsec service should be started before running 'ipsec verify'
Hardware random device check [N/A]
Two or more interfaces found, checking IP forwarding [OK]
Checking rp_filter [ENABLED]
/proc/sys/net/ipv4/conf/all/rp_filter [ENABLED]
Checking that pluto is running [FAILED]
Checking NAT and MASQUERADEing [TEST INCOMPLETE]
Checking 'ip' command [OK]
Checking 'iptables' command [OK]
')
I load all modules that are listed on this site:
https://wiki.strongswan.org/projects/st ... nelModules
$this->bbcode_second_pass_code('', '
sudo modprobe xfrm_ipcomp
sudo modprobe esp4
sudo modprobe ipcomp
sudo modprobe xfrm4_tunnel
sudo modprobe tunnel4
sudo modprobe xfrm4_mode_tunnel
sudo modprobe xfrm4_mode_transport
sudo modprobe xfrm4_mode_beet
sudo modprobe dccp_ipv6
sudo modprobe ipv6
sudo modprobe ah6
sudo modprobe esp6
sudo modprobe ipcomp6
sudo modprobe xfrm6_tunnel
sudo modprobe tunnel6
sudo modprobe xfrm6_mode_transport
sudo modprobe xfrm6_mode_tunnel
sudo modprobe xfrm6_mode_beet
sudo modprobe x_tables
sudo modprobe xt_tcpudp
sudo modprobe aead
sudo modprobe authenc
sudo modprobe authencesn
sudo modprobe deflate
')
and still output is the same do you have any idea why?
- bl0ndynek
- Posts: 19
- Joined: Sat Jan 10, 2015 1:58 pm
7 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 7 guests