[Swan] New machine, getting libreswan working

John Serink jserink2004 at yahoo.com
Fri May 18 03:55:39 UTC 2018 

Hi all:
I shifted laptops a few months back after a Video card failure and mirrored everything over.I've just today set aside some time to get my IPsec stuff up and running and ma having a few problems.
Version:jserinki7 /usr/src/linux # ipsec --versionLinux Libreswan 3.23 (netkey) on 4.15.5-gentoo

I can't get past ipsec verify:jserinki7 /usr/src/linux # ipsec verifyVerifying installed system and configuration files
Version check and ipsec on-path                    [OK]Libreswan 3.23 (netkey) on 4.15.5-gentooChecking for IPsec support in kernel               [OK] NETKEY: Testing XFRM related proc values         ICMP default/send_redirects               [OK]         ICMP default/accept_redirects             [OK]         XFRM larval drop                          [OK]Pluto ipsec.conf syntax                            [OK]Two or more interfaces found, checking IP forwarding [OK]Checking rp_filter                                 [ENABLED] /proc/sys/net/ipv4/conf/all/rp_filter             [ENABLED] /proc/sys/net/ipv4/conf/default/rp_filter         [ENABLED] /proc/sys/net/ipv4/conf/erspan0/rp_filter         [ENABLED] /proc/sys/net/ipv4/conf/gre0/rp_filter            [ENABLED] /proc/sys/net/ipv4/conf/gretap0/rp_filter         [ENABLED] /proc/sys/net/ipv4/conf/ip_vti0/rp_filter         [ENABLED]  rp_filter is not fully aware of IPsec and should be disabledChecking that pluto is running                     [FAILED]Checking 'ip' command                              [OK]Checking 'iptables' command                        [OK]Checking 'prelink' command does not interfere with FIPS [OK]Checking for obsolete ipsec.conf options           [OBSOLETE KEYWORD]Traceback (most recent call last):  File "/usr/libexec/ipsec/verify", line 426, in <module>    main()  File "/usr/libexec/ipsec/verify", line 417, in main    configsetupcheck()  File "/usr/libexec/ipsec/verify", line 398, in configsetupcheck    err = err.replace("Warning"," Warning")TypeError: a bytes-like object is required, not 'str'
So, I get to the OBSOLETE keywords warning and then the verify script burps.
Any tips on getting verify to complete?
Cheers,john
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20180518/49e6de57/attachment.html>

More information about the Swan mailing list