Possible IPSec issue
Dmitri Nikulin
dnikulin at optusnet.com.au
Wed Jul 27 04:16:24 PDT 2005
I haven't tried IPSec in DragonFly BSD in a few months, but now setkey
doesn't appear to be able to do anything at all. With IPSEC and
IPSEC_ESP in the kernel (-current from yesterday, calls itself
1.3.2-development #0), and this in ipsec.conf (among other things, but
here's where it chokes):
add 192.168.0.4 192.168.0.1 esp 0x42 -E rijndael-cbc 0x(the key);
It gives an 'Invalid argument' error which I know to be the lazy 'return
1' condition. Choice of crypto algorithm has no effect.
The same thing works in Linux 2.6.12 with ipsec-tools 0.4 (not much else
does work with Linux IPSec, but this is only transport mode which
appears to be fine).
Is there anything happening in the tree (e.g. system calls or data
structures for ipsec changing) that could possibly cause such an issue?
While this is certainly not urgent for me, for somebody else it might be.
More information about the Bugs
mailing list