[CentOS] Re: Openswan 2.4.6rc5 under CentOS 4.3

Thu Aug 17 17:40:58 UTC 2006
Bas Rijniersce <bas at brijn.nu>

Hello,

My problem was solved by the excellent support of the openswan people (Paul 
Wouters).

If other people run into the same problem, this whas the solution:

I wanted to keep the stock kernel but wanted KLIPS, I don't need 
NAT-Traversal

When the current release is used (2.4.6rc5) the module caused a kernel panic 
when unloading (that means also rebooting) the system. A bad thing for a 
firewall that is probably locked somewhere in a closet.

The current CVS version contains the fix for the unload bug. The CVS version 
can be retrieved by:
cd /usr/src
rm -rf openswan-2
cvs -d :pserver:anoncvs at anoncvs.openswan.org:/public/cvs login
cvs -d :pserver:anoncvs at anoncvs.openswan.org:/public/cvs co openswan-2

Then edit /usr/src/openswan-2/packaging/linus/config-all.h and change the 
define for NAT_TRAVERSAL for 1 to 0

Compile the programs and module with:
make KERNELSRC=/lib/modules/`uname -r`/build programs module
make KERNELSRC=/lib/modules/`uname -r`/build install minstall

This solved the problem for me

Bas