From owner-freebsd-security  Mon Mar  8 10: 4:42 1999
Delivered-To: freebsd-security@freebsd.org
Received: from arthur.axion.bt.co.uk (arthur.axion.bt.co.uk [132.146.5.4])
	by hub.freebsd.org (Postfix) with ESMTP id 6F2B914BDB
	for <freebsd-security@FreeBSD.ORG>; Mon,  8 Mar 1999 10:04:32 -0800 (PST)
	(envelope-from jerome.privat@bt-sys.bt.co.uk)
Received: from rambo (actually rambo.futures.bt.co.uk) by arthur (local) 
          with SMTP; Mon, 8 Mar 1999 18:02:41 +0000
Received: from mussel.futures.bt.co.uk (actually mussel) by rambo 
          with SMTP (PP); Mon, 8 Mar 1999 18:03:54 +0000
Received: by mussel.futures.bt.co.uk 
          with SMTP (Microsoft Exchange Server Internet Mail Connector Version 4.0.996.62) 
          id <01BE698D.0AFE0F40@mussel.futures.bt.co.uk>;
          Mon, 8 Mar 1999 17:56:50 -0000
Message-ID: <c=GB%a=_%p=BT%l=TB-PLUTO-990308180116Z-372@mussel.futures.bt.co.uk>
From: Jerome Privat <jerome.privat@bt-sys.bt.co.uk>
To: "'freebsd-security@FreeBSD.ORG'" <freebsd-security@FreeBSD.ORG>
Subject: compiling IPSec
Date: Mon, 8 Mar 1999 18:01:16 -0000
X-Mailer: Microsoft Exchange Server Internet Mail Connector Version 4.0.996.62
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Hi,
I'm currently trying to install an IPSec package in our 2.2.8 FreeBSD
boxes and I chose the Kame version. 

I downloaded the file kame-1999131-fbsd228-stable.tgz and followed all
the instructions contained in the kit/INSTALL. I applied the patch:
patch -p1 -f < $SOMEWHERE/kit/sys-228.diff
and then edit the IP6 conf file maintaining the option IPSEC.

'make depend' produces many warnings, all of the same kind, like:

../../netid/in.h:355: warning: IP_ESP_TRANS_LEVEL redefined
../../netid/in.h:351: this is the location of the previous definition

These warnings appear for several #define macro name like
IP_ESP_NETWORK_LEVEL,
IPSEC_LEVEL_BYPASS, etc. This is normal (and wrong I guess) because the
#ifdef IPSEC clause contains a second definition for all these macros
without putting them in #else.
Then the make depend exits with the 'Error code 1'.

Beeing a stable release, I guess I missed something. I've noticed that
at www.kame.net there is an include-1999131-fbsd228-stable.tgz:
should I include this one too? If yes, where to explode the tar file?

We would like to have IPSec for the IPv4 stack, somewhere on the mailing
lists I read it's sufficient ot mask the option "INET6". Is that enough?
(Btw the errors I got are with the above option in)

Tia
Jerome



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message