[Swan] Weren't all your problems caused by the parser.l change ?

Philippe Vouters philippe.vouters at laposte.net
Tue Jan 8 19:43:15 EET 2013 

Dear everyone,

Paul stated that he believed all the problems you reported were caused 
by the orientation issue. So far I can't see any with. Wouldn't your 
problems be related by the parser.l issue I worked on yesterday and 
today prematurely exiting ?

To check whether the orientation issue is an actual problem for you, set 
in your /etc/ipsec.conf the following item to the following value:

    plutodebug=controlmore


You should then read in your /var/log/secure the following sequence when 
pluto is started. Especially note that the order is important.

Jan  8 18:19:21 victor pluto[19103]: listening for IKE messages
Jan  8 18:19:21 victor pluto[19103]: | Inspecting interface lo
Jan  8 18:19:21 victor pluto[19103]: | found lo with address 127.0.0.1
Jan  8 18:19:21 victor pluto[19103]: | Inspecting interface eth0
Jan  8 18:19:21 victor pluto[19103]: | found eth0 with address 192.168.1.2
Jan  8 18:19:21 victor pluto[19103]: *adding interface* eth0/eth0 
192.168.1.2:500
Jan  8 18:19:21 victor pluto[19103]: *adding interface* eth0/eth0 
192.168.1.2:4500
Jan  8 18:19:21 victor pluto[19103]: *adding interface* lo/lo 127.0.0.1:500
Jan  8 18:19:21 victor pluto[19103]: *adding interface* lo/lo 127.0.0.1:4500
Jan  8 18:19:21 victor pluto[19103]: *adding interface* lo/lo ::1:500
Jan  8 18:19:21 victor pluto[19103]: loading secrets from 
"/etc/ipsec.secrets"
Jan  8 18:19:21 victor pluto[19103]: loading secrets from 
"/etc/ipsec.d/ipsec.secrets"
Jan  8 18:19:21 victor pluto[19103]: loaded private key for keyid: 
PPK_RSA:AwEAAcc+7
Jan  8 18:19:22 victor pluto[19129]: | *calling addconn helper using execve*
Jan  8 18:19:22 victor pluto[19103]: | find_host_pair_conn 
(check_connection_end): 192.168.1.2:500 %any:500 -> *hp:none*
Jan  8 18:19:22 victor pluto[19103]: added connection description 
"roadwarrior-l2tp-updatedwin"
Jan  8 18:19:22 victor pluto[19103]: | find_host_pair_conn 
(check_connection_end): 192.168.1.2:500 %any:500 -> *hp:none*
Jan  8 18:19:22 victor pluto[19103]: added connection description 
"roadwarrior-l2tp"
Jan  8 18:19:22 victor pluto[19103]: | find_host_pair_conn 
(check_connection_end): 192.168.1.2:500 %any:500 -> *hp:none*
Jan  8 18:19:22 victor pluto[19103]: added connection description 
"macintosh-l2tp"
Jan  8 18:19:22 victor pluto[19103]: | find_host_pair_conn 
(check_connection_end): 192.168.1.2:500 %any:500 -> *hp:none*
Jan  8 18:19:22 victor pluto[19103]: added connection description 
"roadwarrior"
Jan  8 18:19:22 victor pluto[19103]: | *reaped addconn helper child*
Jan  8 18:19:22 victor pluto[19103]: | *connect_to_host_pair: 
*192.168.1.2:500 0.0.0.0:500 -> *hp:none*
Jan  8 18:19:22 victor pluto[19103]: | find_host_pair: comparing to 
192.168.1.2:500 0.0.0.0:500
Jan  8 18:19:22 victor pluto[19103]: | *connect_to_host_pair: 
*192.168.1.2:500 0.0.0.0:500 -> *hp:roadwarrior*
Jan  8 18:19:22 victor pluto[19103]: | find_host_pair: comparing to 
192.168.1.2:500 0.0.0.0:500
Jan  8 18:19:22 victor pluto[19103]: | *connect_to_host_pair:* 
192.168.1.2:500 0.0.0.0:500 -> *hp:macintosh-l2tp*
Jan  8 18:19:22 victor pluto[19103]: | find_host_pair: comparing to 
192.168.1.2:500 0.0.0.0:500
Jan  8 18:19:22 victor pluto[19103]: | *connect_to_host_pair*: 
192.168.1.2:500 0.0.0.0:500 -> *hp:roadwarrior-l2tp*
Jan  8 18:20:21 victor pluto[19103]: | event added at head of queue
Jan  8 18:21:21 victor pluto[19103]: | event added after event 
EVENT_PENDING_PHASE2

Then all your conns should be working provided you configured them 
correctly. This is unless there are other unreported bugs within Libreswan.

Regards to everyone.

-- 
Philippe Vouters (Fontainebleau/France)
URL: http://vouters.dyndns.org/
SIP: sip:Vouters at sip.linphone.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20130108/7edb55c1/attachment-0001.html>

More information about the Swan mailing list