racoon with freebsd-4.11 crashes
VANHULLEBUS Yvan
vanhu_bsd at zeninc.net
Wed Dec 7 06:57:18 PST 2005
On Wed, Dec 07, 2005 at 02:21:48PM +0000, priya yelgar wrote:
> Hi
Hi.
> Running racoon on a Freebsd-4.11 machine gives a
> kernel panic.
> I am using the racoon from ports directory which comes
> with the freebsd installation.
It may not change lots of things for this kernel crash, but do you use
port security/racoon (obsolete) or security/ipsec-tools ?
> Steps followed are as shown below:
>
> racoon -f /usr/local/etc/racoon/raccon.conf
> setkey -f ipsec.conf
>
> ping -c 1 <ip_of_the_other_gw>
It would be really interesting if we could also have your ipsec.conf
file.
> The ping will lead into a crash.
> The crash dump looks like for th ping packet it is
> going to apply a SA.
> It is going in "key_checkrequest" in key.c file and
> crashing there.
>
> As I know "key_checkrequest" is used to apply a
> exsiting SA to a outgoing packet.
Not exactly.
It searches for an existing SA for the packet, and sends an ACQUIRE
message to the IKE daemon if needed.
> But in case of racoon the first ping packet is used
> for negotiation with other gateway to establish the
> SA.
>
> I am not understading as to why it is going in
> key_checkrequest ans crashing.
There are 3 panic() in this function, could you give us the panic
message ?
Yvan.
--
NETASQ - Secure Internet Connectivity
http://www.netasq.com
More information about the freebsd-security
mailing list