Port: security/vpnc pkg-message question
Justin Hendrickson
justin at onyourmark.com
Fri Jun 4 20:56:04 UTC 2004
In the pkg-message file, it states:
If vpnc under FreeBSD 4 fails with
socket(SOCK_RAW): Protocol not supported
check your kernel configuration. The ESP protocol may be only
enabled for FAST_IPSEC (this cannot be configured together with
IPSEC). See LINT for further details.
Under FreeBSD 5 vpnc should work without any IPSEC enabled.
This description seems to contradict LINT, which states:
# Experimental IPsec implementation that uses the kernel crypto
# framework. This cannot be configured together with IPSEC and
# (currently) supports only IPv4. To use this you must also
# configure the crypto device (see below). Note that with this
# you get all the IPsec protocols (e.g. there is no FAST_IPSEC_ESP).
# IPSEC_DEBUG is used, as above, to configure debugging support
# within the IPsec protocols.
I've found this a bit confusing, as the port suggests that FAST_IPSEC and IPSEC_ESP be enabled in the kernel config file, while LINT states that IPSEC_ESP is basically part of FAST_IPSEC. When FAST_IPSEC and IPSEC_ESP are both defined, compilation fails saying the IPSEC_ESP shouldn't be enabled, so it would appear the LINT message is correct and thus the information in the pkg-message file is totally useless because if you follow it's instructions, you get an uncompilable kernel config and as a result, I'm still stuck with this socket(SOCK_RAW) problem.
Justin Hendrickson justin at onyourmark.com
----------------------------------------------------------------------------
Web Development Specialist
Klein Internet Marketing Group
a division of Keith Klein & Associates, Inc.
www.kleininternet.com Phone: 262-820-8201
22603 West Main Street or: 800-747-3399
Sussex, WI 53089 Fax: 262-820-8202
More information about the freebsd-ports-bugs
mailing list