vpnc RAW_SOCKET (again)
Philip M. Gollucci
pgollucci at p6m7g8.com
Tue Jan 30 07:15:21 UTC 2007
sudo vpnc /etc/vpnc/conf
add host a.b.c.d: gateway 64.183.12.161
add net 192.168.52.0: gateway 172.26.7.141
add net e.0.0.0: gateway 172.26.7.141
add net a.b.c.d: gateway 172.26.7.141
add net 172.26.0.0: gateway 172.26.7.141
add net 192.168.34.0: gateway 172.26.7.141
add net 172.28.0.0: gateway 172.26.7.141
add net 192.168.62.0: gateway 172.26.7.141
add net 192.168.38.0: gateway 172.26.7.141
add net 172.22.40.0: gateway 172.26.7.141
add net 172.24.54.0: gateway 172.26.7.141
add net 172.24.40.0: gateway 172.26.7.141
add net 192.168.66.0: gateway 172.26.7.141
add net 192.168.64.0: gateway 172.26.7.141
add net 192.168.46.0: gateway 172.26.7.141
add net 192.168.48.0: gateway 172.26.7.141
add net 192.168.56.0: gateway 172.26.7.141
add net 172.27.106.0: gateway 172.26.7.141
add net 172.25.109.10: gateway 172.26.7.141
add net 192.168.162.0: gateway 172.26.7.141
add net 172.16.20.0: gateway 172.26.7.141
add net 192.168.196.0: gateway 172.26.7.141
add net 192.168.248.0: gateway 172.26.7.141
add net 192.168.180.0: gateway 172.26.7.141
add net 192.168.67.0: gateway 172.26.7.141
add net 192.168.148.0: gateway 172.26.7.141
add net 192.168.54.0: gateway 172.26.7.141
add net 192.168.68.0: gateway 172.26.7.141
add net 172.29.0.0: gateway 172.26.7.141
add net 192.168.92.0: gateway 172.26.7.141
add net 192.168.123.0: gateway 172.26.7.141
add net 172.28.10.32: gateway 172.26.7.141
add net 172.28.11.32: gateway 172.26.7.141
socket(SOCK_RAW): Protocol not supported
This used to work on this exact computer. I have _not_ recompiled the
kernel or user land. The kernel config is attached (it does include
IPSEC_ESP)
What did change was the hostname
a.y.net -> b.y.net.
Also, I switched from Comcast to TimeWarner, then to TimeWarner business
class. The 3rd switch moved from me having 1 static ip and a router
with this computer having an ip of 192.168.100 to several static ips.
It now has a REAL routable ip address and is behind a routable gateway.
As far as I can tell this problem started happening because of this
networking switch. Coincidentally, the hostname switch was at the same
time.
The computer is still physically in the same location.
$ uname -a
FreeBSD goku.p6m7g8.net 6.2-PRERELEASE FreeBSD 6.2-PRERELEASE #0: Sun
Jan 14 17:12:17 PST 2007
root at goku.p6m7g8.net:/usr/obj/usr/src/sys/HOME i386
$ /usr/local/sbin/vpnc --version
vpnc version 0.3.3
Copyright (C) 2002-2004 Geoffrey Keating, Maurice Massar
vpnc comes with NO WARRANTY, to the extent permitted by law.
You may redistribute copies of vpnc under the terms of the GNU General
Public License. For more information about these matters, see the files
named COPYING.
Supported DH-Groups: nopfs dh1 dh2 dh5
Supported Hash-Methods: md5 sha1
Supported Encryptions: des 3des aes128 aes192 aes256
Supported Auth-Methods: psk psk+xauth
--
------------------------------------------------------------------------
Philip M. Gollucci (pgollucci at p6m7g8.com) 323.219.4708
Consultant - P6M7G8 Consutling - http://p6m7g8.net/Resume/resume.shtml
Senior Software Engineer - Ticketmaster - http://ticketmaster.com
1024D/EC88A0BF 0DE5 C55C 6BF3 B235 2DAB B89E 1324 9B4F EC88 A0BF
We're halfway there
Livin' on a prayer
Take my hand and we'll make it-I swear
Livin' on a prayer
-------------- next part --------------
###############################################################################
################################## Architecture ###############################
###############################################################################
machine i386
maxusers 0
cpu I686_CPU # aka Pentium Pro(tm)
ident HOME
device npx
###############################################################################
################################# Compatibility ###############################
###############################################################################
options COMPAT_43
options COMPAT_LINUX
options SCHED_ULE
###############################################################################
################################# Networking ##################################
###############################################################################
options INET #Internet communications protocols
options IPSEC #IP security
options IPSEC_ESP #IP security (crypto; define w/ IP
device loop #Network loopback device
device ether #Generic Ethernet
device tun
device tap
device bpf # Berkeley packet filter
device if_bridge
device miibus
device em # <Accton MPX 5030/5038 10/100BaseTX>
###############################################################################
########################## Firewalls ##########################################
###############################################################################
options IPFIREWALL #firewall
options IPFIREWALL_VERBOSE #enable logging to syslogd(8)
options IPFIREWALL_VERBOSE_LIMIT=100 #limit verbosity
options IPFIREWALL_DEFAULT_TO_ACCEPT
options IPDIVERT #divert sockets
options IPFILTER #ipfilter support
options IPFILTER_LOG #ipfilter logging
options IPSTEALTH #support for stealth forwarding
options TCP_DROP_SYNFIN #drop TCP packets with SYN+FIN
options ACCEPT_FILTER_DATA
options ACCEPT_FILTER_HTTP
options ZERO_COPY_SOCKETS
###############################################################################
################################# FileSystems #################################
###############################################################################
options FFS #Memory File System
options CD9660 #ISO 9660 filesystem
options NFSCLIENT
options MD_ROOT
options LINPROCFS
options PSEUDOFS # Pseudo-filesystem framework
options PROCFS # Process filesystem (requires PSEUDOFS)
options SOFTUPDATES
options UFS_DIRHASH
options QUOTA #enable disk quotas
###############################################################################
############################## ATA Devices ####################################
###############################################################################
device isa
device pci
device ata
device atadisk
device atapicd # ATAPI CDROM drives
device atapifd # ATAPI floppy drives
options ATA_STATIC_ID
########## SCSI
device ahc
device scbus
device da
device cd
###############################################################################
############################### Misc Devices ##################################
###############################################################################
device pty #Pseudo ttys
device speaker #Play IBM BASIC-style noises out your speaker
device snp #Snoop device - to look at pty/vty/etc..
device md
device atkbdc
device atkbd
device psm
device random
device vga
device agp
# USB support
device uhci # UHCI PCI->USB interface
device ohci # OHCI PCI->USB interface
device ehci # EHCI PCI->USB interface (USB 2.0)
device usb # USB Bus (required)
device ugen # Generic
device uhid # "Human Interface Devices"
device ukbd # Keyboard
device ums # Mouse
###############################################################################
################################## Terminal Options ###########################
###############################################################################
device sc
options MAXCONS=16 # number of virtual consoles
options SYSVSHM #SYSV-style shared memory
options SYSVMSG #SYSV-style message queues
options SYSVSEM #SYSV-style semaphores
makeoptions DEBUG=-g
More information about the freebsd-questions
mailing list