Hi,
I have tried to enable IPSec support for my
FreeBSD( 4.11-RELEASE) system.
First, I copied the generic kernel configuration file
to a file I called MYKERNEL:
#cp /usr/src/sys/i386/conf/GENERIC
/usr/src/sys/i386/conf/MYKERNEL
Then, I added the following three lines to the options
section of /usr/src/sys/i386/conf/MYKERNEL:
options IPSEC
options IPSEC_ESP
options IPSEC_DEBUG
After that I recompile the kernel with the following
command:
# cd /usr/src
# make buildkernel KERNCONF=IPSEC && make
installkernel KERNCONF=IPSEC
And also installed IKE support on my system with the
following command using racoon:
cd /usr/ports/security/racoon
make install clean
Afterall completion of build, still IPSec support is
not appearing in the system. Suggest me,is there any
configuration or modifications need to be done?
Please, anyone give me some suggestion to enable IPSec
support on FreeBSD.
Any Help will be very much appeciated..
Thanx,
Regards,
Mohan..
________________________________________________________________________
Yahoo! India Matrimony: Find your life partner online
Go to: http://yahoo.shaadi.com/india-matrimony
At 09:45 AM 17/05/2005, mohan chandra wrote:>Hi, > > I have tried to enable IPSec support for my >FreeBSD( 4.11-RELEASE) system.Hi, You need to reboot after installing the new kernel. ---Mike
mc> /usr/src/sys/i386/conf/MYKERNEL ... mc> # cd /usr/src mc> # make buildkernel KERNCONF=IPSEC && make mc> installkernel KERNCONF=IPSEC If this is what you've really done, then you should do make buildkernel KERNCONF=MYKERNEL make installkernel KERNCONF=MYKERNEL And you can also change the 'ident' option in the kernel to the ident MYKERNEL -- Best regards, Danil V. Gerun danil@hate.spam.625.ru
Hi Danil, Thanks to all for replying.. I executed (build) the kernel with hte propely commands by changing the "GENERIC" with "MYKERNEL" at the "ident" option. #commands used are make buildkernel KERNCONF=MYKERNEL make installkernel KERNCONF=MYKERNEL && reboot But still ipsec support is not there. If ipsec exists the file ipsec.conf should be there under " /etc " folder,but it is not there.. I found ' MYKERNEL ' folder under the following directory: :/usr/obj/usr/src/sys/MYKERNEL It contains so many object files and C-header files, In that ipsec.o, ipsec.h and other ipsec related file like esp,ah etc., are appearing. So with this can I do anything to add ipsec, Please reply me soon. Also I tried using 'setkey' to find the ipsec support with following commands and I got the following output: ------------------------- mohan# setkey -D No SAD entries. mohan# setkey -DP No SPD entries. mohan# -------------------------- And atlast can I use any ipsec patches for FreeBSD. So, please suggest me any sort of solution to get ipsec on my FreeBSD (4.11) with Regards, Mohan.. --- "Danil V. Gerun" <news@625.ru> wrote:> mc> /usr/src/sys/i386/conf/MYKERNEL > ... > mc> # cd /usr/src > mc> # make buildkernel KERNCONF=IPSEC && make > mc> installkernel KERNCONF=IPSEC > > If this is what you've really done, then you should > do > > make buildkernel KERNCONF=MYKERNEL > make installkernel KERNCONF=MYKERNEL > > > And you can also change the 'ident' option in the > kernel to the > ident MYKERNEL > > > > -- > Best regards, Danil V. Gerun > danil@hate.spam.625.ru > > _______________________________________________ > freebsd-security@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-security> To unsubscribe, send any mail to > "freebsd-security-unsubscribe@freebsd.org"> mohan chandra wrote: > Hi, > > I have tried to enable IPSec support for my > FreeBSD( 4.11-RELEASE) system. > First, I copied the generic kernel configurationfile> to a file I called MYKERNEL: > > #cp /usr/src/sys/i386/conf/GENERIC > /usr/src/sys/i386/conf/MYKERNEL > > > Then, I added the following three lines to theoptions> section of /usr/src/sys/i386/conf/MYKERNEL: > > options IPSEC > options IPSEC_ESP > options IPSEC_DEBUG > > After that I recompile the kernel with the following > command: > > # cd /usr/src > # make buildkernel KERNCONF=IPSEC && make > installkernel KERNCONF=IPSEC > > And also installed IKE support on my system with the > following command using racoon: > > cd /usr/ports/security/racoon > make install clean > > Afterall completion of build, still IPSec support is > not appearing in the system. Suggest me,is there any > configuration or modifications need to be done? > > Please, anyone give me some suggestion to enableIPSec> support on FreeBSD. > Any Help will be very much appeciated.. > > Thanx, > > Regards, > Mohan..________________________________________________________________________ Yahoo! India Matrimony: Find your life partner online Go to: http://yahoo.shaadi.com/india-matrimony
Created kernel name is MYKERNEL. Why you trying to compile kernel IPSEC ?? On Tue, 2005-05-17 at 14:45 +0100, mohan chandra wrote:> Hi, > > I have tried to enable IPSec support for my > FreeBSD( 4.11-RELEASE) system. > First, I copied the generic kernel configuration file > to a file I called MYKERNEL: > > #cp /usr/src/sys/i386/conf/GENERIC > /usr/src/sys/i386/conf/MYKERNEL > > > Then, I added the following three lines to the options > section of /usr/src/sys/i386/conf/MYKERNEL: > > options IPSEC > options IPSEC_ESP > options IPSEC_DEBUG > > After that I recompile the kernel with the following > command: > > # cd /usr/src > # make buildkernel KERNCONF=IPSEC && make > installkernel KERNCONF=IPSEC > > And also installed IKE support on my system with the > following command using racoon: > > cd /usr/ports/security/racoon > make install clean > > Afterall completion of build, still IPSec support is > not appearing in the system. Suggest me,is there any > configuration or modifications need to be done? > > Please, anyone give me some suggestion to enable IPSec > support on FreeBSD. > Any Help will be very much appeciated.. > > Thanx, > > Regards, > Mohan.. > > > ________________________________________________________________________ > Yahoo! India Matrimony: Find your life partner online > Go to: http://yahoo.shaadi.com/india-matrimony > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"-- Best regards, Hamlet mailto:hamlet@hamlet.lv