Differences between version 22 and predecessor to the previous major change of IPSecInstallation.
Other diffs: Previous Revision, Previous Author, or view the Annotated Edit History
| Newer page: | version 22 | Last edited on Wednesday, November 5, 2003 11:56:13 am | by MichaelBordignon | Revert |
| Older page: | version 18 | Last edited on Wednesday, November 5, 2003 10:13:10 am | by CraigBox | Revert |
@@ -32,9 +32,11 @@
You now have a newly compiled kernel in wherever your kernel normally lives (/usr/src/linux/arch/i386/boot/bzImage for me). You are probably going to want to copy it somewhere and either restart or rerun lilo and restart, depending on your preferences.
!Debian
-Note: if you want to do all the cool new things like OpportunisticEncryption, you should be using FreeS/WAN 2.01+. If you're running [Debian] [Stable], you can get the a [backport|BackPorts] from [backports.org's FreeS/WAN directory|http://www.backports.org/debian/dists/woody/freeswan/], by adding the following line to /etc/apt/sources.list:
+Note 1: Apparently the Debian backport below comes with X509 support compiled in.
+
+Note 2
: if you want to do all the cool new things like OpportunisticEncryption, you should be using FreeS/WAN 2.01+. If you're running [Debian] [Stable], you can get the a [backport|BackPorts] from [backports.org's FreeS/WAN directory|http://www.backports.org/debian/dists/woody/freeswan/], by adding the following line to /etc/apt/sources.list:
deb http://www.backports.org/debian woody freeswan
Now,
@@ -72,8 +74,10 @@
----
[1]: [X509] certificate support is required if you want to interoperate with Windows. You can either get [X509 patch for vanilla FreeS/WAN|http://www.strongsec.com/freeswan/] or you can get [Super FreeS/WAN|http://www.freeswan.ca/], which has lots more patches, but tends to be a version or two behind the original FreeS/WAN release. If you don't know what you need, compile X509 in if you're going to interoperate with Windows, and don't bother otherwise.
[2]: The makefile has changed in the kernel source, so the patch needs to change as well. You might have to play with this to make it work (run a make-kpkg clean first perhaps) but I took the best part of a day getting a patch that would apply.
+
+Or you could get the FreeS/WAN 2.02 patch (which works with kernel 2.4.21+) from ftp://ftp.xs4all.nl/pub/crypto/freeswan/old/freeswan-2.02.k2.4.patch.gz
dev:/usr/src/kernel-patches/all/freeswan/linux/net# less Makefile.fs2_4.ipsec_alg.patch
--- Makefile-orig Tue Oct 21 11:35:47 2003
+++ Makefile Tue Oct 21 11:35:57 2003
