From owner-freebsd-security@FreeBSD.ORG Wed May 18 07:45:16 2005 Return-Path: <owner-freebsd-security@FreeBSD.ORG> Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C0C8B16A4E7 for <freebsd-security@freebsd.org>; Wed, 18 May 2005 07:45:16 +0000 (GMT) Received: from mail.yazzy.org (mail.yazzy.org [217.8.140.16]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2DB0943DA7 for <freebsd-security@freebsd.org>; Wed, 18 May 2005 07:45:16 +0000 (GMT) (envelope-from lists@yazzy.org) Received: from 217-13-2-82.dd.nextgentel.com ([217.13.2.82] helo=h311r4z3r) by mail.yazzy.org with esmtps (TLSv1:AES256-SHA:256) (YazzY.org) id 1DYJEy-0003jf-DN; Wed, 18 May 2005 09:45:18 +0200 Date: Wed, 18 May 2005 09:45:13 +0200 From: Marcin Jessa <lists@yazzy.org> To: mohan chandra <mohanchandra_01@yahoo.co.in> Message-Id: <20050518094513.0f28d288.lists@yazzy.org> In-Reply-To: <20050518073122.21373.qmail@web8505.mail.in.yahoo.com> References: <20050518073122.21373.qmail@web8505.mail.in.yahoo.com> Organization: YazzY.org X-Mailer: Sylpheed version 1.9.9 (GTK+ 2.6.7; i386-portbld-freebsd5.4) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Spam-Score: -2.6 (--) cc: freebsd-security@freebsd.org Subject: Re: HOW TO Enable IPSec for FreeBSD.......??? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] <freebsd-security.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security> List-Post: <mailto:freebsd-security@freebsd.org> List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, <mailto:freebsd-security-request@freebsd.org?subject=subscribe> X-List-Received-Date: Wed, 18 May 2005 07:45:17 -0000 I wrote an IPSec HowTo http://www.ezunix.org/modules.php?op=modload&name=Sections&file=index&req=viewarticle&artid=75&page=1 You don't need any patches. Try to use google.com, you'd be surprised how much you can find on the internet... On Wed, 18 May 2005 08:31:22 +0100 (BST) mohan chandra <mohanchandra_01@yahoo.co.in> wrote: > Hi Danil, > > Thanks to all for replying.. > > I executed (build) the kernel with hte propely > commands by changing the "GENERIC" with "MYKERNEL" at > the "ident" option. > > #commands used are > make buildkernel KERNCONF=MYKERNEL > make installkernel KERNCONF=MYKERNEL && reboot > > But still ipsec support is not there. If ipsec exists > the file ipsec.conf should be there under " /etc " > folder,but it is not there.. > > I found ' MYKERNEL ' folder under the following > directory: > > :/usr/obj/usr/src/sys/MYKERNEL > > It contains so many object files and C-header files, > In that ipsec.o, ipsec.h and other ipsec related file > like esp,ah etc., are appearing. > > So with this can I do anything to add ipsec, Please > reply me soon. > > Also I tried using 'setkey' to find the ipsec support > with following commands and I got the following > output: > ------------------------- > mohan# setkey -D > No SAD entries. > mohan# setkey -DP > No SPD entries. > mohan# > -------------------------- > > And atlast can I use any ipsec patches for FreeBSD. > So, please suggest me any sort of solution to get > ipsec on my FreeBSD (4.11) > > with Regards, > > Mohan.. > > > --- "Danil V. Gerun" <news@625.ru> wrote: > > mc> /usr/src/sys/i386/conf/MYKERNEL > > ... > > mc> # cd /usr/src > > mc> # make buildkernel KERNCONF=IPSEC && make > > mc> installkernel KERNCONF=IPSEC > > > > If this is what you've really done, then you should > > do > > > > make buildkernel KERNCONF=MYKERNEL > > make installkernel KERNCONF=MYKERNEL > > > > > > And you can also change the 'ident' option in the > > kernel to the > > ident MYKERNEL > > > > > > > > -- > > Best regards, Danil V. Gerun > > danil@hate.spam.625.ru > > > > _______________________________________________ > > freebsd-security@freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > To unsubscribe, send any mail to > > "freebsd-security-unsubscribe@freebsd.org" > > > > mohan chandra wrote: > > Hi, > > > > I have tried to enable IPSec support for my > > FreeBSD( 4.11-RELEASE) system. > > First, I copied the generic kernel configuration > file > > to a file I called MYKERNEL: > > > > #cp /usr/src/sys/i386/conf/GENERIC > > /usr/src/sys/i386/conf/MYKERNEL > > > > > > Then, I added the following three lines to the > options > > section of /usr/src/sys/i386/conf/MYKERNEL: > > > > options IPSEC > > options IPSEC_ESP > > options IPSEC_DEBUG > > > > After that I recompile the kernel with the following > > command: > > > > # cd /usr/src > > # make buildkernel KERNCONF=IPSEC && make > > installkernel KERNCONF=IPSEC > > > > And also installed IKE support on my system with the > > following command using racoon: > > > > cd /usr/ports/security/racoon > > make install clean > > > > Afterall completion of build, still IPSec support is > > not appearing in the system. Suggest me,is there any > > configuration or modifications need to be done? > > > > Please, anyone give me some suggestion to enable > IPSec > > support on FreeBSD. > > Any Help will be very much appeciated.. > > > > Thanx, > > > > Regards, > > Mohan.. > > ________________________________________________________________________ > Yahoo! India Matrimony: Find your life partner online > Go to: http://yahoo.shaadi.com/india-matrimony > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"