服务器 Gind.cn
  1. 服务器 Gind.cn
  3. StrongSwan在FreeBSD 10.0上出现问题。 Charon拒绝开始
Intereting Posts
SNMP代理代理? 转发snmp请求 关于SYN的信息 “作为批处理作业login”用户权限由什么GPO删除? 如何判断一个软件包是否可以正常使用,而且不需要任何关注 计划任务由于networking连接条件而无法启动,即使连接可用 pipe理和监控(Ubuntu)机器的解决scheme MySQL保持每分钟100X的“连接”命令 是否有必要更新内核和有什么优势? 用户crontab不可访问 Arp代表Linux上的其他设备回复 没有硬件防火墙的Windows服务器 域随机变得无法parsing 将SBS 2003迁移至2012年标准 还有什么需要让iptableslogin到我创build的这个文件? EFSencryption的文件夹问题?

StrongSwan在FreeBSD 10.0上出现问题。 Charon拒绝开始

具有完整debugging级别(4)的charon.log如下所示: 

Jan 21 16:09:47 00[DMN] Starting IKE charon daemon (strongSwan 5.0.4, FreeBSD 10.0-RELEASE, amd64) Jan 21 16:09:47 00[LIB] plugin 'aes': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'des': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'blowfish': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'sha1': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'sha2': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'md4': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'md5': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'random': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'nonce': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'x509': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'revocation': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'constraints': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'pubkey': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'pkcs1': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'pkcs8': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'pgp': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'dnskey': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'pem': loaded successfully Jan 21 16:09:47 00[LIB] openssl FIPS mode(0) unavailable Jan 21 16:09:47 00[LIB] plugin 'openssl': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'fips-prf': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'xcbc': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'cmac': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'hmac': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'attr': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'kernel-pfkey': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'kernel-pfroute': loaded successfully Jan 21 16:09:47 00[KNL] known interfaces and IP addresses: Jan 21 16:09:47 00[KNL] bce0 Jan 21 16:09:47 00[KNL] -snip- Jan 21 16:09:47 00[KNL] -snip- Jan 21 16:09:47 00[KNL] lo0 Jan 21 16:09:47 00[KNL] ::1 Jan 21 16:09:47 00[KNL] fe80::1 Jan 21 16:09:47 00[KNL] 127.0.0.1 Jan 21 16:09:47 00[LIB] plugin 'resolve': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'socket-default': loaded successfully Jan 21 16:09:47 00[KNL] unable to set UDP_ENCAP: Invalid argument Jan 21 16:09:47 00[NET] enabling UDP decapsulation for IPv6 on port 4500 failed Jan 21 16:09:47 00[KNL] unable to set UDP_ENCAP: Invalid argument Jan 21 16:09:47 00[NET] enabling UDP decapsulation for IPv4 on port 4500 failed Jan 21 16:09:47 00[LIB] plugin 'stroke': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'updown': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'eap-identity': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'eap-md5': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'eap-mschapv2': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'eap-tls': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'eap-ttls': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'eap-peap': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'whitelist': loaded successfully Jan 21 16:09:47 00[LIB] plugin 'addrblock': loaded successfully Jan 21 16:09:47 00[CFG] loading ca certificates from '/usr/local/etc/ipsec.d/cacerts' Jan 21 16:09:47 00[CFG] loading aa certificates from '/usr/local/etc/ipsec.d/aacerts' Jan 21 16:09:47 00[CFG] loading ocsp signer certificates from '/usr/local/etc/ipsec.d/ocspcerts' Jan 21 16:09:47 00[CFG] loading attribute certificates from '/usr/local/etc/ipsec.d/acerts' Jan 21 16:09:47 00[CFG] loading crls from '/usr/local/etc/ipsec.d/crls' Jan 21 16:09:47 00[CFG] loading secrets from '/usr/local/etc/ipsec.secrets' Jan 21 16:09:47 00[CFG] loaded IKE secret for %any Jan 21 16:09:47 00[CFG] secret: -snip- Jan 21 16:09:47 00[LIB] feature CUSTOM:libcharon in 'charon' plugin has unsatisfied dependency: CUSTOM:libcharon-receiver Jan 21 16:09:47 00[LIB] feature CUSTOM:libcharon-receiver in 'charon' plugin has unsatisfied dependency: HASHER:HASH_SHA1 Jan 21 16:09:47 00[LIB] feature PRIVKEY:DSA in 'pem' plugin has unsatisfied dependency: PRIVKEY:DSA Jan 21 16:09:47 00[LIB] feature PUBKEY:DSA in 'pem' plugin has unsatisfied dependency: PUBKEY:DSA Jan 21 16:09:47 00[LIB] feature CERT_DECODE:X509_OCSP_REQUEST in 'pem' plugin has unsatisfied dependency: CERT_DECODE:X509_OCSP_REQUEST Jan 21 16:09:47 00[LIB] failed to load CUSTOM:libcharon in critical plugin 'charon' Jan 21 16:09:47 00[LIB] failed to load CUSTOM:libcharon-receiver in critical plugin 'charon' Jan 21 16:09:47 00[LIB] failed to load 2 features in critical plugin 'charon' Jan 21 16:09:47 00[DMN] initialization failed - aborting charon

在9.2上相同的configuration工作正常,但现在升级到10.0后不再工作。 系统的其余部分按预期工作。

uname -a如下所示(如您所见,支持IPSec的定制内核) 

 FreeBSD icefox 10.0-RELEASE FreeBSD 10.0-RELEASE #3: Tue Jan 21 15:49:28 CET 2014 doridian@icefox:/usr/obj/usr/src/sys/IPSEC amd64

我记得有一个strongSwan 5.0.4的问题,我认为这是在FreeBSD 10 rc3。 我知道最新版本的端口在二月份已经更新了,现在已经在5.1.1上了,并且它在testing环境中工作。