[Swan] SELinux labeled ipsec
Paul Wouters
paul at nohats.ca
Wed Feb 8 01:30:35 UTC 2017
On Tue, 7 Feb 2017, Jeff Becker wrote:
>> It should not take a while. It is all instant. You might want to look at
>> the logs to see what happened? Look for "pluto" logs in /var/log/secure.
>
> Could this be the problem?
>
> #grep errno /var/log/secure
> Feb 7 23:20:15 dtn1 pluto[4320]: "dtsd-tunnel" #1: ERROR: netlink response
> for Del SA esp.71664063 at 198.9.7.198 included errno 3: No such process
That shows an IPsec SA that it expected to be there to be deleted was
not there. That is odd, and I would expect to see an earlier message
about a problem?
Paul
More information about the Swan
mailing list