jeffrey buan
2015-07-08 23:47:18 UTC
I manage to put my ipsec/xauth-psk server on my vps.client connects.can
ping server but not internet,even with iptables -snat..then I read about
compiling strongwan on with kernel-libipsec but cant run it
successfully..here;s my log
0[DMN] Starting IKE charon daemon (strongSwan 5.3.2, Linux
2.6.32-042stab093.4, x86_64)
00[LIB] failed to open /dev/net/tun: Operation not permitted
00[KNL] failed to create TUN device
00[LIB] plugin 'kernel-libipsec': failed to load -
kernel_libipsec_plugin_create returned NULL
00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
00[CFG] loading crls from '/etc/ipsec.d/crls'
00[CFG] loading secrets from '/etc/ipsec.secrets'
00[CFG] loaded IKE secret for 176.126.243.160 %any
00[CFG] loaded EAP secret for jef
00[CFG] loaded EAP secret for lei
00[LIB] loaded plugins: charon aes des rc2 sha1 sha2 md5 random nonce x509
revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey
pem fips-prf gmp xcbc cmac hmac attr kernel-netlink resolve socket-default
stroke updown xauth-generic
00[JOB] spawning 16 worker threads
08[DMN] thread 8 received 11
09[DMN] thread 9 received 11
10[DMN] thread 10 received 11
08[LIB] dumping 7 stack frame addresses:
08[LIB] /lib/x86_64-linux-gnu/libpthread.so.0 @ 0x7f773f463000
[0x7f773f473340]
09[LIB] dumping 7 stack frame addresses:
09[LIB] /lib/x86_64-linux-gnu/libpthread.so.0 @ 0x7f773f463000
[0x7f773f473340]
10[LIB] dumping 7 stack frame addresses:
10[LIB] /lib/x86_64-linux-gnu/libpthread.so.0 @ 0x7f773f463000
[0x7f773f473340]
12[CFG] received stroke: add connection 'ios'
12[CFG] left nor right host is our side, assuming left=local
12[CFG] adding virtual IP address pool 10.7.0.2/24
12[CFG] added configuration 'ios'
09[LIB] -> ??:?
09[LIB] /usr/local/lib/ipsec/libipsec.so.0 @ 0x7f773b092000
[0x7f773b095c7b]
08[LIB] -> ??:?
08[LIB] /usr/local/lib/ipsec/libipsec.so.0 @ 0x7f773b092000
[0x7f773b0951ae]
10[LIB] -> ??:?
10[LIB] /usr/local/lib/ipsec/libipsec.so.0 @ 0x7f773b092000
[0x7f773b09603b]
08[LIB] ->
/usr/src/strongswan/strongswan-5.3.2/src/libipsec/ipsec_event_relay.c:114
08[LIB] /usr/local/lib/ipsec/libstrongswan.so.0 @ 0x7f773fb06000
[0x7f773fb3341e]
09[LIB] ->
/usr/src/strongswan/strongswan-5.3.2/src/libipsec/ipsec_processor.c:99
09[LIB] /usr/local/lib/ipsec/libstrongswan.so.0 @ 0x7f773fb06000
[0x7f773fb3341e]
10[LIB] ->
/usr/src/strongswan/strongswan-5.3.2/src/libipsec/ipsec_processor.c:196
10[LIB] /usr/local/lib/ipsec/libstrongswan.so.0 @ 0x7f773fb06000
[0x7f773fb3341e]
08[LIB] ->
/usr/src/strongswan/strongswan-5.3.2/src/libstrongswan/processing/jobs/callback_job.c:78
08[LIB] /usr/local/lib/ipsec/libstrongswan.so.0 @ 0x7f773fb06000
[0x7f773fb33cb2]
09[LIB] ->
/usr/src/strongswan/strongswan-5.3.2/src/libstrongswan/processing/jobs/callback_job.c:78
09[LIB] /usr/local/lib/ipsec/libstrongswan.so.0 @ 0x7f773fb06000
[0x7f773fb33cb2]
10[LIB] ->
/usr/src/strongswan/strongswan-5.3.2/src/libstrongswan/processing/jobs/callback_job.c:78
10[LIB] /usr/local/lib/ipsec/libstrongswan.so.0 @ 0x7f773fb06000
[0x7f773fb33cb2]
08[LIB] ->
/usr/src/strongswan/strongswan-5.3.2/src/libstrongswan/processing/processor.c:235
08[LIB] /usr/local/lib/ipsec/libstrongswan.so.0 @ 0x7f773fb06000
[0x7f773fb436c8]
10[LIB] ->
/usr/src/strongswan/strongswan-5.3.2/src/libstrongswan/processing/processor.c:235
10[LIB] /usr/local/lib/ipsec/libstrongswan.so.0 @ 0x7f773fb06000
[0x7f773fb436c8]
09[LIB] ->
/usr/src/strongswan/strongswan-5.3.2/src/libstrongswan/processing/processor.c:235
09[LIB] /usr/local/lib/ipsec/libstrongswan.so.0 @ 0x7f773fb06000
[0x7f773fb436c8]
08[LIB] ->
/usr/src/strongswan/strongswan-5.3.2/src/libstrongswan/threading/thread.c:304
(discriminator 2)
08[LIB] /lib/x86_64-linux-gnu/libpthread.so.0 @ 0x7f773f463000
[0x7f773f46b182]
10[LIB] ->
/usr/src/strongswan/strongswan-5.3.2/src/libstrongswan/threading/thread.c:304
(discriminator 2)
10[LIB] /lib/x86_64-linux-gnu/libpthread.so.0 @ 0x7f773f463000
[0x7f773f46b182]
09[LIB] ->
/usr/src/strongswan/strongswan-5.3.2/src/libstrongswan/threading/thread.c:304
(discriminator 2)
09[LIB] /lib/x86_64-linux-gnu/libpthread.so.0 @ 0x7f773f463000
[0x7f773f46b182]
08[LIB] -> ??:?
08[LIB] /lib/x86_64-linux-gnu/libc.so.6 @ 0x7f773f09e000 (clone+0x6d)
[0x7f773f19847d]
10[LIB] -> ??:?
10[LIB] /lib/x86_64-linux-gnu/libc.so.6 @ 0x7f773f09e000 (clone+0x6d)
[0x7f773f19847d]
09[LIB] -> ??:?
09[LIB] /lib/x86_64-linux-gnu/libc.so.6 @ 0x7f773f09e000 (clone+0x6d)
[0x7f773f19847d]
08[LIB] -> ??:?
10[LIB] -> ??:?
09[LIB] -> ??:?
10[DMN] killing ourself, received critical signal
ping server but not internet,even with iptables -snat..then I read about
compiling strongwan on with kernel-libipsec but cant run it
successfully..here;s my log
0[DMN] Starting IKE charon daemon (strongSwan 5.3.2, Linux
2.6.32-042stab093.4, x86_64)
00[LIB] failed to open /dev/net/tun: Operation not permitted
00[KNL] failed to create TUN device
00[LIB] plugin 'kernel-libipsec': failed to load -
kernel_libipsec_plugin_create returned NULL
00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
00[CFG] loading crls from '/etc/ipsec.d/crls'
00[CFG] loading secrets from '/etc/ipsec.secrets'
00[CFG] loaded IKE secret for 176.126.243.160 %any
00[CFG] loaded EAP secret for jef
00[CFG] loaded EAP secret for lei
00[LIB] loaded plugins: charon aes des rc2 sha1 sha2 md5 random nonce x509
revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey
pem fips-prf gmp xcbc cmac hmac attr kernel-netlink resolve socket-default
stroke updown xauth-generic
00[JOB] spawning 16 worker threads
08[DMN] thread 8 received 11
09[DMN] thread 9 received 11
10[DMN] thread 10 received 11
08[LIB] dumping 7 stack frame addresses:
08[LIB] /lib/x86_64-linux-gnu/libpthread.so.0 @ 0x7f773f463000
[0x7f773f473340]
09[LIB] dumping 7 stack frame addresses:
09[LIB] /lib/x86_64-linux-gnu/libpthread.so.0 @ 0x7f773f463000
[0x7f773f473340]
10[LIB] dumping 7 stack frame addresses:
10[LIB] /lib/x86_64-linux-gnu/libpthread.so.0 @ 0x7f773f463000
[0x7f773f473340]
12[CFG] received stroke: add connection 'ios'
12[CFG] left nor right host is our side, assuming left=local
12[CFG] adding virtual IP address pool 10.7.0.2/24
12[CFG] added configuration 'ios'
09[LIB] -> ??:?
09[LIB] /usr/local/lib/ipsec/libipsec.so.0 @ 0x7f773b092000
[0x7f773b095c7b]
08[LIB] -> ??:?
08[LIB] /usr/local/lib/ipsec/libipsec.so.0 @ 0x7f773b092000
[0x7f773b0951ae]
10[LIB] -> ??:?
10[LIB] /usr/local/lib/ipsec/libipsec.so.0 @ 0x7f773b092000
[0x7f773b09603b]
08[LIB] ->
/usr/src/strongswan/strongswan-5.3.2/src/libipsec/ipsec_event_relay.c:114
08[LIB] /usr/local/lib/ipsec/libstrongswan.so.0 @ 0x7f773fb06000
[0x7f773fb3341e]
09[LIB] ->
/usr/src/strongswan/strongswan-5.3.2/src/libipsec/ipsec_processor.c:99
09[LIB] /usr/local/lib/ipsec/libstrongswan.so.0 @ 0x7f773fb06000
[0x7f773fb3341e]
10[LIB] ->
/usr/src/strongswan/strongswan-5.3.2/src/libipsec/ipsec_processor.c:196
10[LIB] /usr/local/lib/ipsec/libstrongswan.so.0 @ 0x7f773fb06000
[0x7f773fb3341e]
08[LIB] ->
/usr/src/strongswan/strongswan-5.3.2/src/libstrongswan/processing/jobs/callback_job.c:78
08[LIB] /usr/local/lib/ipsec/libstrongswan.so.0 @ 0x7f773fb06000
[0x7f773fb33cb2]
09[LIB] ->
/usr/src/strongswan/strongswan-5.3.2/src/libstrongswan/processing/jobs/callback_job.c:78
09[LIB] /usr/local/lib/ipsec/libstrongswan.so.0 @ 0x7f773fb06000
[0x7f773fb33cb2]
10[LIB] ->
/usr/src/strongswan/strongswan-5.3.2/src/libstrongswan/processing/jobs/callback_job.c:78
10[LIB] /usr/local/lib/ipsec/libstrongswan.so.0 @ 0x7f773fb06000
[0x7f773fb33cb2]
08[LIB] ->
/usr/src/strongswan/strongswan-5.3.2/src/libstrongswan/processing/processor.c:235
08[LIB] /usr/local/lib/ipsec/libstrongswan.so.0 @ 0x7f773fb06000
[0x7f773fb436c8]
10[LIB] ->
/usr/src/strongswan/strongswan-5.3.2/src/libstrongswan/processing/processor.c:235
10[LIB] /usr/local/lib/ipsec/libstrongswan.so.0 @ 0x7f773fb06000
[0x7f773fb436c8]
09[LIB] ->
/usr/src/strongswan/strongswan-5.3.2/src/libstrongswan/processing/processor.c:235
09[LIB] /usr/local/lib/ipsec/libstrongswan.so.0 @ 0x7f773fb06000
[0x7f773fb436c8]
08[LIB] ->
/usr/src/strongswan/strongswan-5.3.2/src/libstrongswan/threading/thread.c:304
(discriminator 2)
08[LIB] /lib/x86_64-linux-gnu/libpthread.so.0 @ 0x7f773f463000
[0x7f773f46b182]
10[LIB] ->
/usr/src/strongswan/strongswan-5.3.2/src/libstrongswan/threading/thread.c:304
(discriminator 2)
10[LIB] /lib/x86_64-linux-gnu/libpthread.so.0 @ 0x7f773f463000
[0x7f773f46b182]
09[LIB] ->
/usr/src/strongswan/strongswan-5.3.2/src/libstrongswan/threading/thread.c:304
(discriminator 2)
09[LIB] /lib/x86_64-linux-gnu/libpthread.so.0 @ 0x7f773f463000
[0x7f773f46b182]
08[LIB] -> ??:?
08[LIB] /lib/x86_64-linux-gnu/libc.so.6 @ 0x7f773f09e000 (clone+0x6d)
[0x7f773f19847d]
10[LIB] -> ??:?
10[LIB] /lib/x86_64-linux-gnu/libc.so.6 @ 0x7f773f09e000 (clone+0x6d)
[0x7f773f19847d]
09[LIB] -> ??:?
09[LIB] /lib/x86_64-linux-gnu/libc.so.6 @ 0x7f773f09e000 (clone+0x6d)
[0x7f773f19847d]
08[LIB] -> ??:?
10[LIB] -> ??:?
09[LIB] -> ??:?
10[DMN] killing ourself, received critical signal