<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN">
<html><body style='font-size: 10pt; font-family: Verdana,Geneva,sans-serif'>
<p>I was patching rpmbuild/SOURCES/..../programs/addconn/addconn.c directly by hand and I have checked it afterwards as well. I need to check the rpmbuild switches I was using when I get home, but I think I was OK. The other thing I want to do is uninstall libreswan before reinstalling it in case the forced update is not doing as I expected.</p>
<p>Regards your comment about addconn, I don't follow the relevance. I am only using addconn for debugging. I normally just start ipsec ot use "ipsec auto --replace conn". This always worked in Openswan without leftnexthop but fails in Libreswan.</p>
<p>FWIW, in Openswan left=%defaultroute right=%any in 2.4.x worked without setting protostack=netkey i.e. just implying it. In 2.6.x you have to explicitly set protostack=netkey for it to work. The implicit setting did not work and Paul did not know what had changed. (He used to maintain it did not work at all even when I was using it, but now accepts that it does work). In neither case did I ever set leftnexthop.</p>
<p>Regards,</p>
<p>Nick</p>
<div> </div>
<p>On 2014-05-08 12:26, Wolfgang Nothdurft wrote:</p>
<blockquote type="cite" style="padding-left:5px; border-left:#1010ff 2px solid; margin-left:5px"><!-- html ignored --><!-- head ignored --><!-- meta ignored -->
<pre>Am 08.05.2014 12:48, schrieb <a href="mailto:bugs@libreswan.org:">bugs@libreswan.org:</a></pre>
<blockquote type="cite" style="padding-left:5px; border-left:#1010ff 2px solid; margin-left:5px"><a href="https://bugs.libreswan.org/show_bug.cgi?id=86">https://bugs.libreswan.org/show_bug.cgi?id=86</a> --- Comment #30 from Nick Howitt <<a href="mailto:nick@howitts.co.uk">nick@howitts.co.uk</a>> 2014-05-08 13:48:35 EEST --- This is where I am a little confused. I patched the source by hand and recompiled the rpm. I then installed the rpm with a -Uvh --force as it is the same version number as I was running and then I tested. As far as I know I am running the patched version so I don't understand why the table number is not displayed. One thing I did notice was that when I changed left to IP I no longer got the whole routing table dumped when doing the addconn --verbose. Does it mean there is another place which needs patching.</blockquote>
<pre>I think we better use the mailing list for this.
Are you sure the latest patch applied properly and you have not one of the first ones applied.
That would explain the change of the addconn behaviour without the table id output.
You can have a look in the rpmbuild folder if addconn.c is correctly patched.</pre>
<blockquote type="cite" style="padding-left:5px; border-left:#1010ff 2px solid; margin-left:5px">Regarding the left and leftnexthop = %defaultroute, in Openswan leftnexthop is not needed and from the man pages is implied as soon as you make left = %defaultroute (perhaps also with interfaces=%defaultroute). See comment 13. Tuomo does not accept that and said the man pages are wrong, but why then does Openswan work? I believe Paul Wouters agrees with my view.</blockquote>
<pre>In openswan addconn get the info from command line parameters, which was changed in libreswan.
</pre>
</blockquote>
</body></html>