Differences between version 24 and revision by previous author of IPSecInstallation.
Other diffs: Previous Major Revision, Previous Revision, or view the Annotated Edit History
| Newer page: | version 24 | Last edited on Thursday, November 6, 2003 10:45:52 am | by DanielLawson | Revert |
| Older page: | version 22 | Last edited on Wednesday, November 5, 2003 11:56:13 am | by MichaelBordignon | Revert |
@@ -7,8 +7,14 @@
* [X509] patches [1]
----
!!Kernel preparation
+
+!Linux 2.6.0 or later
+
+The 2.6.0 stable series of kernel has native IPSec support. This means you dont need to patch it - you do need to compile in IPSec support and any other required features, and you do still need the FreeS/WAN UserSpace tools as far as I know.
+
+2.6.0 is currently (6 Nov 2003) nearing its final test release, and should be deemed 'final' very soon. I am already running 2.6.0 quite happily, although not with IPSec.
!Vanilla Kernel/FreeS/WAN from source
Get the latest FreeS/WAN source package - the FreeS/WAN homepage recommends typing
@@ -17,18 +23,21 @@
cd /usr/src/my-kernel-source-is-unpacked-here/
<configure your kernel here. this is important.>
<compile your kernel here. this is important.>
-If you're using the [FreeS/WAN kernel installation method|http://www.freeswan.org/freeswan_trees/freeswan-2.02
/doc/kernel.html] it seems you actually need to compile a kernel here, which is a bit odd.
+If you're using the [FreeS/WAN kernel installation method|http://www.freeswan.org/freeswan_trees/freeswan-2.03
/doc/kernel.html] it seems you actually need to compile a kernel here, which is a bit odd.
cd /usr/src/
- tar xzf ~/download/freeswan-2.02
.tar.gz
+ tar xzf ~/download/freeswan-2.03
.tar.gz
The next stepinstalls the IPSec binaries in /usr/local/lib/ipsec. The "ipsec" command itself is put in /usr/local/sbin. If you later find you can't find "ipsec", check your path.
- cd /usr/src/freeswan-1
.99
/
+ cd /usr/src/freeswan-2
.03
/
make oldgo
'oldgo' is the target for compiling statically against the kernel source. Alternatives are 'menugo' and `xgo' to get a normal kernel config menu up respectively. For the menus, IPSec related options are under 'Networking Options'. Always save the config when you leave, whether or not you have changed anything!
+
+Note the the build process outlined above assumes your kernel is built in /usr/src/linux. If this isn't the case, you can "fix" it by setting the KERNELSRC environment variable on the command line as you run make, eg
+ make KERNELSRC=/path/to/kernel/src/ oldgo
You now have a newly compiled kernel in wherever your kernel normally lives (/usr/src/linux/arch/i386/boot/bzImage for me). You are probably going to want to copy it somewhere and either restart or rerun lilo and restart, depending on your preferences.
!Debian
