[Swan-dev] Fwd: Re: libreswan 3.9rc1 Release Candidate: please test!
Ruben Laban
r.laban+lists at ism.nl
Fri Jul 4 12:27:45 EEST 2014
Hi,
On 2014-06-30 21:28, The Libreswan Project wrote:
> The Libreswan Project is about to release libreswan-3.9. It includes
> a
> very large bugfix and enhancement patch set. Therefor, we would
> really
> like people to do some additional testing before we release it.
I needed to apply to tiny patches to make it work for me:
diff --git a/initsystems/upstart/ipsec.conf.in
b/initsystems/upstart/ipsec.conf.in
index 50dd97d..c2cc783 100644
--- a/initsystems/upstart/ipsec.conf.in
+++ b/initsystems/upstart/ipsec.conf.in
@@ -23,7 +23,7 @@ script
@FINALLIBEXECDIR@/pluto --config @FINALCONFFILE@ --nofork
$PLUTO_OPTIONS
end script
-post-stop script
+pre-stop script
ipsec whack --shutdown
ip xfrm policy flush
ip xfrm state flush
diff --git a/programs/_stackmanager/_stackmanager.in
b/programs/_stackmanager/_stackmanager.in
index 6c2a98f..0ad1066 100644
--- a/programs/_stackmanager/_stackmanager.in
+++ b/programs/_stackmanager/_stackmanager.in
@@ -367,7 +367,6 @@ startklips() {
if ($1 == "inet")
sub(" [^ ]+:[^ ]+"," ",$0)
sub("/.*","",$2)
- sub("dynamic","",$7)
for (i = 2; i < NF; i++) {
if ($i == "brd" || $i == "peer" || $i ==
"secondary")
i++
First hunk: it'd complain during stop/restart that it failed during
stop (ipsec whack --shutdown being executed after pluto got shot down by
init probably).
Second hunk: the sub() makes it that NF becomes 7, breaking the for()
loop after it. Another option is to replace that line with
sub("dynamic","",$0). I don't think it's needed at all, as the first
line of the awk stuff already excludes dynamic IP addresses.
Regards,
Ruben
More information about the Swan-dev
mailing list