On 05/26/05 11:32, Lee Johnston wrote:
At 17:27 26/05/2005, Kris Kennaway wrote:On Thu, May 26, 2005 at 05:22:47PM +0100, Lee Johnston wrote: > Hi, >> I'm trying to configure a 5.4 box with Quagga to support TCP MD5 Passwords.> I've achieved this previously with 4.10, but when I try to add the > following kernel options, 5.4 doesn't like it: > > options FAST_IPSEC > options crypto > options TCP_MD5 > > config gives: > VENUS: unknown option "TCP_MD5" > > > I have this in /etc/ipsec.conf > > add 192.168.1.1 192.168.1.2 tcp 0x1000 -A tcp-md5 "[password]"; > > setkey -f /etc/ipsec.conf gives: > pfkey_open: Protocol not supported > > > What is the correct way for enabling TCP MD5 signatures on 5.4?When in doubt, check the two NOTES files.Thanks for your reply.. I've checked /usr/src/sys/i386/conf/NOTES but can't see any mention of the options anymore.. Any other ideas?
So that was one of the NOTES files, what about the other? Kris said to check the *two* NOTES files...
$ grep MD5 /sys/i386/conf/NOTES /sys/conf/NOTES/sys/conf/NOTES:# TCP_SIGNATURE adds support for RFC 2385 (TCP-MD5) digests. These are /sys/conf/NOTES:# This is enabled on a per-socket basis using the TCP_MD5SIG socket option.
-- Jonathan Noack | [EMAIL PROTECTED] | OpenPGP: 0x991D8195
signature.asc
Description: OpenPGP digital signature
