addconn does not like defaultroutenexthop set to %direct

Andreas Unterkircher Wed, 20 Jan 2010 23:05:03 -0800

Package: openswan
Version: 1:2.6.23+dfsg-2
Severity: normal


I hit a problem on a DSL Internet connection using pppd for PPPoE
dialin. If I try to add a new connection to OpenSWAN 2.6.23 it
fails with

invalid default route: illegal (non-DNS-name) character in name

I dig further and found /usr/lib/ipsec/auto is invoking
/usr/lib/ipsec/addconn at the end of the script with the following
syntax:

ipsec addconn --defaultroute 78.137.x.x \
              --defaultroutenexthop %direct $connname

By removing the "--defaultroutenexthop %direct" from
/usr/lib/ipsec/auto it works.

I already posted to the mailing list ([1]) but got no reply. It
seems to be specific with the PPP-interface. On "common" routed
Internet accesses I do not encounter this problem.

Could you please pack the new 2.6.24 so I can test if this problem
is still there?

Regards,
Andreas

[1] http://archives.free.net.ph/message/20100119.183716.591cd156.en.html

Config:

config setup 
nat_traversal=no 
OE=off 
protostack=klips 
interfaces="%defaultroute" 
uniqueids=no 

conn rtr-vpn 
type=transport 
leftrsasigkey="%cert" 
leftcert=... 
leftid="..." 
left=%defaultroute 
rightid="..." 
rightrsasigkey="%cert" 
right=91.213.x.x 
auto=start

Routing-Table:

rtr-vpncust01:/etc/ipsec.d/conf.d# ip ro sh dev ppp0 
193.0.x.x proto kernel scope link src 78.137.x.x 
default scope link

-- System Information:
Debian Release: 5.0.3
  APT prefers stable
  APT policy: (990, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-2-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages openswan depends on:
ii  bind9-host [hos 1:9.5.1.dfsg.P3-1+lenny1 Version of 'host' bundled with BIN
ii  bsdmainutils    6.1.10                   collection of more utilities from 
ii  debconf [debcon 1.5.24                   Debian configuration management sy
ii  debianutils     2.30                     Miscellaneous utilities specific t
ii  iproute         20080725-2               networking and traffic control too
ii  libc6           2.7-18                   GNU C Library: Shared libraries
ii  libcurl3        7.18.2-8lenny3           Multi-protocol file transfer libra
ii  libgmp3c2       2:4.2.2+dfsg-3           Multiprecision arithmetic library
ii  libldap-2.4-2   2.4.11-1+lenny1          OpenLDAP libraries
ii  libpam0g        1.0.1-5+lenny1           Pluggable Authentication Modules l
ii  openssl         0.9.8g-15+lenny6         Secure Socket Layer (SSL) binary a

openswan recommends no packages.

Versions of packages openswan suggests:
ii  curl                      7.18.2-8lenny3 Get a file from an HTTP, HTTPS or 
pn  openswan-modules-source | <none>         (no description available)

-- debconf information excluded



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#566092: openswan: /usr/lib/ipsec/addconn does not like defaultroutenexthop set to %direct

Reply via email to