Installing from the source:
To compile/install the kernel :
- install fresh kernel source rpm from Redhat
- cd /usr/src
- make sure linux and linux-2.4 point to the right kernel source
- ln -s linux-2.4.20-30.9 linux
- ln -s linux-2.4.20-30.9 linux-2.4
- cd linux-2.4
- make mrproper
- cp ./configs/kernel-2.4.20-i686.conf .config
- download openswan source to /usr/src
- now cd /usr/src
- tar -zxvf openswan-2.1.4.tar.gz
- cp openswan-2.1.4.kern.patch.gz openswan-2.1.4/
- cp openswan-2.1.4.natt.patch.gz openswan-2.1.4/
- cd /usr/src/linux-2.4
- make menuconfig
- select code and maturity options
- unselect prompt for development and/or incomplete code/drivers
- select exit again exit
- when prompted to save your new kernel configuration select yes
- mkdir /lib/modules/2.4.20-30custom
- cd /usr/src/openswan-2.1.4
- patch the kernel and install the kernel (Always have a backup kernel to boot)
- make nattpatch | (cd /usr/src/linux-2.4 && patch -p1 && make bzImage)
- cd /usr/src/linux && make dep bzImage install
- After the kernel is compiled and installed
- cd /usr/src/linux-2.4
- make modules
- make modules_install
- now we verify kernel in the boot etc
- ls /boot
- you should see vmlinuz-2.4.20-30.9custom System.map-2.4.20-30.9custom
- initrd-2.4.20-30.9custom.img
- for some reason the initrd-2.4.20-30.9custom.img file resulted in a kernel
- panic :) so I moved this file some where else
- mv initrd-2.4.20-30.9custom.img /root
- The I recreated this file by issuing
- mkinitrd /boot/initrd-2.4.20-30.9custom.img 2.4.20-30.9custom
- you will see this file will be larger than the original
- Now reboot the machine with the new kernel
- Once you successfully reboot we shall now proceed with
- creating userland tools and ipsec.o
- cd /usr/src/openswan-2.1.4
- make KERNELSRC=/usr/src/linux-2.4 programs module
- make KERNELSRC=/usr/src/linux-2.4 install minstall
- verify ipsec.o is installed
- ls /lib/modules/2.4.20-30.9custom/kernel/
- the output should be something like
- arch crypto drivers fs ipsec.o lib net
- now its time to install openswan
- cd /usr/src/openswan-2.1.4
- make programs
- make install
- now you should be ready to test this baby
- service ipsec start
- The output should look like below
- ipsec_setup: Starting Openswan IPsec 2.1.4...
- ipsec_setup: Using /lib/modules/2.4.20-30.9custom/kernel/ipsec.o
- I guess if this is what you see you are set to configure
- for help on that lookup
- http://www.natecarlson.com/linux/ipsec-x509.php
