Hi, I'm installing the net-misc/cisco-vpnclient-3des but the ebuild is pointing to the 4.8.01.0640 older version when the latest is 4.8.02.0030 Could you please add a new ebuild for the later? Rolando. Reproducible: Always Steps to Reproduce: 1. emerge -pv net-misc/cisco-vpnclient-3des => it tell to go to http://cco.cisco.com/en/US/products/sw/secursw/ps2308/index.html and download vpnclient-linux-x86_64-4.8.01.0640-k9.tar.gz to /usr/portage/distfiles 2. going to cisco's support web page you can see the latest version is vpnclient-linux-x86_64-4.8.02.0030-k9.tar.gz instead 3. Actual Results: emerge trying requesting to download and install vpnclient-linux-x86_64-4.8.01.0640-k9.tar.gz Expected Results: emerge trying requesting to download and install vpnclient-linux-x86_64-4.8.02.0030-k9.tar.gz emerge --info Portage 2.2_rc6 (default/linux/x86/2008.0, gcc-4.3.1, glibc-2.8_p20080602-r0, 2.6.26-tuxonice i686) ================================================================= System uname: Linux-2.6.26-tuxonice-i686-Genuine_Intel-R-_CPU_T2500_@_2.00GHz-with-glibc2.0 Timestamp of tree: Sun, 10 Aug 2008 08:00:01 +0000 app-shells/bash: 3.2_p39 dev-java/java-config: 1.3.7, 2.1.6-r1 dev-lang/python: 2.5.2-r7 sys-apps/baselayout: 2.0.0 sys-apps/openrc: 0.2.5 sys-apps/sandbox: 1.2.18.1-r3 sys-devel/autoconf: 2.13, 2.62-r1 sys-devel/automake: 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.1-r1 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 2.2.4 virtual/os-headers: 2.6.25-r4 ACCEPT_KEYWORDS="x86 ~x86" CBUILD="i686-pc-linux-gnu" CFLAGS="-march=native -msse3 -O2 -fomit-frame-pointer -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/config" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/terminfo /etc/udev/rules.d" CXXFLAGS="-march=native -msse3 -O2 -fomit-frame-pointer -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="distlocks parallel-fetch preserve-libs sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="http://linux.rz.ruhr-uni-bochum.de/download/gentoo-mirror/ http://ftp.uni-erlangen.de/pub/mirrors/gentoo http://ftp.snt.utwente.nl/pub/os/linux/gentoo " INSTALL_MASK="Changelog.gz TODO.gz Author.gz" LANG="en_US.UTF-8" LC_ALL="en_US.UTF-8" LDFLAGS="-Wl,-O1" LINGUAS="en es" MAKEOPTS="-j3" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="a52 aac acl acpi aiglx alsa apic avi berkdb bzip2 cddb cdr clflush cli cmov constant_tsc cracklib crypt cups cx8 dbus de dga dri dts dvd dvdnav dvdr dvdread est fortran fpu fxsr gdbm gif gpm hal ht iconv imlib isdnlog jpeg jpeg2k kde kipi live matroska mca mce midi mmx monitor mp3 mpeg msr mtrr mudflap ncurses nls nojoystick nptl nptlonly nsplugin nx oggvorbis opengl openmp pae pam pat pbe pcmcia pcre perl pge pmu png pni pppd pse python quicktime readline real reflection samba sdl sep session spl ss sse sse2 ssl sysfs tcpd theora tiff tm tm2 tsc unicode usb v4l vme vmx vorbis win32codecs wmf x86 xanim xcomposite xorg xtpr xv zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard synaptics evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en es" USERLAND="GNU" VIDEO_CARDS="i810" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Created attachment 165978 [details] ebuild that worked for me Hi, I'm attaching an ebuild that worked for me (it seems like the patches for the latest kernels has been included by Cisco already).
(In reply to comment #1) > Created an attachment (id=165978) [edit] > ebuild that worked for me > > Hi, > I'm attaching an ebuild that worked for me (it seems like the patches for the > latest kernels has been included by Cisco already). > Your ebuild didn't work for me - it seems you just took the standard one from current version in portage and only removed the patches - but one patch is necessary, especially for amd64 users like me (which you didn't notice as you seem to be using x86). I found this patch there: http://birdman.dynalias.org/CiscoVPN/ It is not the same one that was in portage for the last version, there are more changes in it. With that patch and an again slightly changed ebuild the new version of Cisco vpnclient works fine. I'm attaching both the new patch and the new ebuild. It solves the problem for me that I had with the last version - kernel panic when traffic went over the vpn connection. So this should be included in portage tree asap.
Created attachment 170645 [details] working ebuild with necessary changes for the amd64 patch
Created attachment 170646 [details, diff] amd64 patch for the new ebuild
I have this added into my overlay. If you'd like to test it out, just setup layman, if you haven't already, and "layman -ka wolf31o2" to get my overlay. I split the package into separate client and modules ebuilds, but I added an updates file to the overlay to do a package move. I have no clue if that will work or not, but if it doesn't, just "emerge -C cisco-vpnclient-3des && emerge cisco-vpnclient" and you'll be on your way. I've added Andrew to this bug, so he can proxy commit for me once you guys feel it is working for you.
Your svn repo overlay doesn't seem to be working: layman -ka wolf31o2 * Running command "/usr/bin/svn co "http://overlays.gentoo.org/svn/dev/wolf31o2/" "/usr/portage/local/layman/wolf31o2""... svn: Server sent unexpected return value (405 Method Not Allowed) in response to PROPFIND request for '/svn/dev/wolf31o2' * Failed to add overlay "wolf31o2". * Error was: Adding the overlay failed! (In reply to comment #5) > I have this added into my overlay. If you'd like to test it out, just setup > layman, if you haven't already, and "layman -ka wolf31o2" to get my overlay. I > split the package into separate client and modules ebuilds, but I added an > updates file to the overlay to do a package move. I have no clue if that will > work or not, but if it doesn't, just "emerge -C cisco-vpnclient-3des && emerge > cisco-vpnclient" and you'll be on your way. > > I've added Andrew to this bug, so he can proxy commit for me once you guys feel > it is working for you. >
Hi, I have a problem emerging cisco-vpnclient from wolf31o2 repo. Here's the log: >>> Emerging (1 of 1) net-misc/cisco-vpnclient-4.8.02.0030 * vpnclient-linux-x86_64-4.8.02.0030-k9.tar.gz RMD160 SHA1 SHA256 size ;-) ... [ ok ] * checking ebuild checksums ;-) ... [ ok ] * checking auxfile checksums ;-) ... [ ok ] * checking miscfile checksums ;-) ... [ ok ] >>> Unpacking source... >>> Unpacking vpnclient-linux-x86_64-4.8.02.0030-k9.tar.gz to /var/tmp/portage/net-misc/cisco-vpnclient-4.8.02.0030/work >>> Source unpacked. >>> Compiling source in /var/tmp/portage/net-misc/cisco-vpnclient-4.8.02.0030/work/vpnclient ... make -j5 make -C /lib/modules/2.6.27-gentoo-r8/build SUBDIRS=/var/tmp/portage/net-misc/cisco-vpnclient-4.8.02.0030/work/vpnclient modules make[1]: Entering directory `/usr/src/linux-2.6.27-gentoo-r8' Makefile:518: /usr/src/linux-2.6.27-gentoo-r8/arch/amd64/Makefile: No such file or directory make[1]: *** No rule to make target `/usr/src/linux-2.6.27-gentoo-r8/arch/amd64/Makefile'. Stop. make[1]: Leaving directory `/usr/src/linux-2.6.27-gentoo-r8' make: *** [default] Error 2 * * ERROR: net-misc/cisco-vpnclient-4.8.02.0030 failed. * Call stack: * ebuild.sh, line 49: Called src_compile * environment, line 2124: Called _eapi0_src_compile * ebuild.sh, line 595: Called _eapi2_src_compile * ebuild.sh, line 629: Called die * The specific snippet of code: * emake || die "emake failed" * The die message: * emake failed * * If you need support, post the topmost build error, and the call stack if relevant. * A complete build log is located at '/var/tmp/portage/net-misc/cisco-vpnclient-4.8.02.0030/temp/build.log'. * The ebuild environment file is located at '/var/tmp/portage/net-misc/cisco-vpnclient-4.8.02.0030/temp/environment'. * >>> Failed to emerge net-misc/cisco-vpnclient-4.8.02.0030, Log file: ----------------------------------------------------------------------- I have no idea why it tries to make stuff in the kernel source dir and also, where is the src_compile() part, where such things are being done, there's just src_install() in the ebuild. Could you please shed some light on this? Regards.
I think Cisco's stuff requires your kernel headers and/or sources to be installed. I suggest installing first sys-kernel/linux-headers and if the installation still fails try emerging the sources too (sys-kernel/gentoo-sources). BTW, yours seem to be "linux-2.6.27-gentoo-r8" and I'm not that sure but may be you'll have to update them to, at least, 2.6.28 but I might be wrong. Check somewhere else if 2.6.27 make it fail to compile. Rolando
The ebuild and patch from Andreas Simon worked for me. However, after I load the module by doing modprobe cisco_ipsec and connecting to my network, it hangs about ~8 seconds with initialization. Then I get promted for user&pass, connection gets established. I can ping 127.0.0.1, my local ip, my local gateway, the given vpn ip and the vpn gateway. As soon as I try to connect/ping any other address (e.g. www.gentoo.com) the computer freezes. Unfortunately, nothing gets written to /var/log/messages when the freeze occurs, maybe there is some way to disable caching for syslog-ng but I have to look for that first. this is emerge --info: camelion ~ # emerge --info Portage 2.1.6.7 (default/linux/amd64/2008.0/desktop, gcc-4.1.2, glibc-2.8_p20080602-r1, 2.6.29-gentoo-r1 x86_64) ================================================================= System uname: Linux-2.6.29-gentoo-r1-x86_64-Intel-R-_Core-TM-2_Duo_CPU_T9300_@_2.50GHz-with-glibc2.2.5 Timestamp of tree: Wed, 15 Apr 2009 15:00:01 +0000 app-shells/bash: 3.2_p39 dev-java/java-config: 1.3.7-r1, 2.1.7 dev-lang/python: 2.4.4-r14, 2.5.2-r7 dev-python/pycrypto: 2.0.1-r6 dev-util/cmake: 2.6.2-r1 sys-apps/baselayout: 1.12.11.1 sys-apps/sandbox: 1.2.18.1-r2 sys-devel/autoconf: 2.13, 2.63 sys-devel/automake: 1.5, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.2 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 1.5.26 virtual/os-headers: 2.6.27-r2 ACCEPT_KEYWORDS="amd64" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=nocona -O2 -pipe -fomit-frame-pointer" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/config" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo /etc/udev/rules.d" CXXFLAGS="-march=nocona -O2 -pipe -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" FEATURES="distlocks fixpackages parallel-fetch protect-owned sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="http://ftp.fi.muni.cz/pub/linux/gentoo/ http://distfiles.gentoo.org http://www.ibiblio.org/pub/Linux/distributions/gentoo" LDFLAGS="-Wl,-O1" MAKEOPTS="-j3" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="X acl acpi alsa amd64 apic arch_perfmon bash-completion berkdb bluetooth branding bts bzip2 cairo cdda cdr clflush cli cmov constant_tsc cracklib crypt cups cx16 cx8 dbus de directfb dri ds_cpl dts dvd dvdr dvdread eds emboss encode esd est evo fam firefox flac fortran fpu fxsr gdbm gif gimp gnome gnome-keyring gphoto2 gpm gstreamer gtk hal ht iconv ida ipv6 isdnlog java jpeg kde lahf_lm laptop libnotify lm loop-aes mad mca mce midi mikmod mmx monitor mp3 mpeg mplayer msr mtrr mudflap multilib ncurses nls nptl nptlonly nvidia nx ogg openal opengl openmp pae pam pat pbe pcre pdf pebs perl pge png pni ppds pppd pse pse36 python qt3 qt3support qt4 quicktime readline reflection rep_good sdl sep session smp spell spl ss sse sse2 sse4_1 ssl ssse3 startup-notification svg syscall sysfs tcpd tiff tm tm2 truetype tsc unicode usb vim-syntax vme vmx vorbis xml xorg xscreensaver xtpr xulrunner xv zlib" ALSA_CARDS="usb-audio emu10k1x" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="evdev keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" USERLAND="GNU" VIDEO_CARDS="fbdev nv nvidia vesa vga" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS this gets written to /var/log/messages when the module gets loaded. maybe the net_device_ops is the problem? Apr 15 18:43:15 camelion cipsec0 (): not using net_device_ops yet Apr 15 18:43:15 camelion Cisco Systems VPN Client Version 4.8.02 (0030) kernel module loaded Apr 15 18:44:05 camelion cipsec0: no IPv6 routers present Any help appreciated! Thanks, Dominik
(In reply to comment #9) > The ebuild and patch from Andreas Simon worked for me. > However, after I load the module by doing modprobe cisco_ipsec > and connecting to my network, it hangs about ~8 seconds with initialization. > Then I get promted for user&pass, connection gets established. > > I can ping 127.0.0.1, my local ip, my local gateway, the given vpn ip and the > vpn gateway. As soon as I try to connect/ping any other address (e.g. > www.gentoo.com) the computer freezes. > > Unfortunately, nothing gets written to /var/log/messages when the freeze > occurs, maybe there is some way to disable caching for syslog-ng but I have to > look for that first. > > this is emerge --info: > > camelion ~ # emerge --info > Portage 2.1.6.7 (default/linux/amd64/2008.0/desktop, gcc-4.1.2, > glibc-2.8_p20080602-r1, 2.6.29-gentoo-r1 x86_64) > ================================================================= > System uname: > Linux-2.6.29-gentoo-r1-x86_64-Intel-R-_Core-TM-2_Duo_CPU_T9300_@_2.50GHz-with-glibc2.2.5 > Timestamp of tree: Wed, 15 Apr 2009 15:00:01 +0000 > app-shells/bash: 3.2_p39 > dev-java/java-config: 1.3.7-r1, 2.1.7 > dev-lang/python: 2.4.4-r14, 2.5.2-r7 > dev-python/pycrypto: 2.0.1-r6 > dev-util/cmake: 2.6.2-r1 > sys-apps/baselayout: 1.12.11.1 > sys-apps/sandbox: 1.2.18.1-r2 > sys-devel/autoconf: 2.13, 2.63 > sys-devel/automake: 1.5, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.2 > sys-devel/binutils: 2.18-r3 > sys-devel/gcc-config: 1.4.0-r4 > sys-devel/libtool: 1.5.26 > virtual/os-headers: 2.6.27-r2 > ACCEPT_KEYWORDS="amd64" > CBUILD="x86_64-pc-linux-gnu" > CFLAGS="-march=nocona -O2 -pipe -fomit-frame-pointer" > CHOST="x86_64-pc-linux-gnu" > CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config > /usr/kde/3.5/shutdown /usr/share/config" > CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ > /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ > /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild > /etc/terminfo /etc/udev/rules.d" > CXXFLAGS="-march=nocona -O2 -pipe -fomit-frame-pointer" > DISTDIR="/usr/portage/distfiles" > FEATURES="distlocks fixpackages parallel-fetch protect-owned sandbox sfperms > strict unmerge-orphans userfetch" > GENTOO_MIRRORS="http://ftp.fi.muni.cz/pub/linux/gentoo/ > http://distfiles.gentoo.org > http://www.ibiblio.org/pub/Linux/distributions/gentoo" > LDFLAGS="-Wl,-O1" > MAKEOPTS="-j3" > PKGDIR="/usr/portage/packages" > PORTAGE_CONFIGROOT="/" > PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress > --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles > --exclude=/local --exclude=/packages" > PORTAGE_TMPDIR="/var/tmp" > PORTDIR="/usr/portage" > PORTDIR_OVERLAY="/usr/local/portage" > SYNC="rsync://rsync.gentoo.org/gentoo-portage" > USE="X acl acpi alsa amd64 apic arch_perfmon bash-completion berkdb bluetooth > branding bts bzip2 cairo cdda cdr clflush cli cmov constant_tsc cracklib crypt > cups cx16 cx8 dbus de directfb dri ds_cpl dts dvd dvdr dvdread eds emboss > encode esd est evo fam firefox flac fortran fpu fxsr gdbm gif gimp gnome > gnome-keyring gphoto2 gpm gstreamer gtk hal ht iconv ida ipv6 isdnlog java jpeg > kde lahf_lm laptop libnotify lm loop-aes mad mca mce midi mikmod mmx monitor > mp3 mpeg mplayer msr mtrr mudflap multilib ncurses nls nptl nptlonly nvidia nx > ogg openal opengl openmp pae pam pat pbe pcre pdf pebs perl pge png pni ppds > pppd pse pse36 python qt3 qt3support qt4 quicktime readline reflection rep_good > sdl sep session smp spell spl ss sse sse2 sse4_1 ssl ssse3 startup-notification > svg syscall sysfs tcpd tiff tm tm2 truetype tsc unicode usb vim-syntax vme vmx > vorbis xml xorg xscreensaver xtpr xulrunner xv zlib" ALSA_CARDS="usb-audio > emu10k1x" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty > extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw > multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias > auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm > authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache > dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache > filter headers include info log_config logio mem_cache mime mime_magic > negotiation rewrite setenvif speling status unique_id userdir usertrack > vhost_alias" ELIBC="glibc" INPUT_DEVICES="evdev keyboard mouse" KERNEL="linux" > LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses > text" USERLAND="GNU" VIDEO_CARDS="fbdev nv nvidia vesa vga" > Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, > LC_ALL, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, > PORTAGE_RSYNC_EXTRA_OPTS > > > this gets written to /var/log/messages when the module gets loaded. maybe the > net_device_ops is the problem? > > Apr 15 18:43:15 camelion cipsec0 (): not using net_device_ops yet > Apr 15 18:43:15 camelion Cisco Systems VPN Client Version 4.8.02 (0030) kernel > module loaded > Apr 15 18:44:05 camelion cipsec0: no IPv6 routers present > > Any help appreciated! > > Thanks, > Dominik > I'm also having problems with this and I think it's related to kernel 2.6.29. Try booting 2.6.28 and emerging cisco vpn client with that.
I agree with above comment. Even though I'm not using it by the moment, I do remember it was quite kernel dependent. Another way around would be to see if Cisco has a 2.6.29-ready version of it (I don't have access to their download section for now).
I have the same behavior as Dominik mentioned, Cisco vpn connects just fine , but I can not ping or remote desktop to any hostname in vpn network Cisco guys still do not have any new version bump fo us :( I tested vpnclient with versions sys-kernel/gentoo-sources-2.6.28-r6 sys-kernel/gentoo-sources-2.6.29-r4
Any reason why 4.8.02.0030 can't be put in portage with a note that it only works with < 2.6.29 in the mean time?
Here's the situation: I used to maintain this while I was a developer. I left Gentoo, so no longer have access to commit there. Instead, I have my forked version in my overlay. Getting it updated in the tree is beyond my control. That being said, if there are any bugs in my overlay versions, I would love to hear about it. I can try to get an updated version into the main tree via a proxy committer, but I would need to ensure that it was working prior to going down that path. Is the issue with my current ebuilds kernel-specific? I am still on a 2.6.28 kernel, myself, so I have not experienced any issues.
(In reply to comment #14) > Here's the situation: > > I used to maintain this while I was a developer. I left Gentoo, so no longer > have access to commit there. Instead, I have my forked version in my overlay. > Getting it updated in the tree is beyond my control. That being said, if there > are any bugs in my overlay versions, I would love to hear about it. I can try > to get an updated version into the main tree via a proxy committer, but I would > need to ensure that it was working prior to going down that path. > > Is the issue with my current ebuilds kernel-specific? I am still on a 2.6.28 > kernel, myself, so I have not experienced any issues. > Yes the latest ebuild is kernel specific. Version 4.8.02.0030 will not connect on any kernel > 2.6.28. If you can figure out a patch to get it working on the latest kernels, that would be appreciated since cisco doesn't seem to care. The module will compile and you can modprobe it. The problem happens when you try to bring up the vpn connection. I have to use a TCP connection so here's the error: Secure VPN Connection terminated locally by the Client Reason: Failed to establish a TCP connection. There are no new notification messages at this time. emerge --info Portage 2.1.6.13 (default/linux/x86/2008.0, gcc-4.3.2, glibc-2.9_p20081201-r2, 2.6.30-gentoo-r6 i686) ================================================================= System uname: Linux-2.6.30-gentoo-r6-i686-Genuine_Intel-R-_CPU_T2300_@_1.66GHz-with-gentoo-2.0.1 Timestamp of tree: Tue, 01 Sep 2009 13:15:01 +0000 ccache version 2.4 [enabled] app-shells/bash: 3.2_p39 dev-java/java-config: 1.3.7-r1, 2.1.8-r1 dev-lang/python: 2.4.4-r13, 2.5.4-r3, 2.6.2-r1 dev-python/pycrypto: 2.0.1-r8 dev-util/ccache: 2.4-r7 dev-util/cmake: 2.6.4 sys-apps/baselayout: 2.0.1 sys-apps/openrc: 0.4.3-r3 sys-apps/sandbox: 1.6-r2 sys-devel/autoconf: 2.13, 2.63-r1 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.2 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.6a virtual/os-headers: 2.6.28-r1 ACCEPT_KEYWORDS="x86" CBUILD="i686-pc-linux-gnu" CFLAGS="-march=prescott -O2 -pipe -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/config" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/udev/rules.d" CXXFLAGS="-march=prescott -O2 -pipe -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" FEATURES="ccache distlocks fixpackages metadata-transfer parallel-fetch protect-owned sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="http://portage.home http://lug.mtu.edu/gentoo/ http://gentoo.netnitco.net " LANG="en_US.UTF-8" LC_ALL="en_US.UTF-8" LDFLAGS="-Wl,-O1" LINGUAS="en ru" MAKEOPTS="-j6" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp/portage" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage/layman/sunrise /usr/local/portage" SYNC="rsync://rsync.namerica.gentoo.org/gentoo-portage" USE="X a52 aac acl acpi adns ads alsa apache2 async audiofile automount avi bcmath bdf berkdb bzip2 cairo calendar caps cddb cdparanoia cdr cjk clamav cli cracklib crypt ctype cups curl curlwrappers dbi dbus directfb djvu dri dts dvb dvd dvdnav dvdread encode exif fam fbcon ffmpeg flac foomaticdb fortran ftp gd gdbm gif git glib gmp gnutls gpm gstreamer gtk gtk2 hal hash iconv imagemagick imap imlib innodb ipv6 isdnlog java javascript jpeg jpeg2k json kde kipi kson lcms ldap ldap-sasl lirc live logrotate lzo mad matroska mcal mhash mime mjpeg mmap mmx mmxext mng mp2 mp3 mp4 mpeg mplayer msession msn mssql mudflap mysql mysqli ncurses network nls nptl nptlonly nsplugin nss ntfs offensive ofx ogg openal opengl openmp osc oss pam passwordsave pch pcntl pcre pdf pdo perl php png posix ppds pppd python qt3 qt3support qt4 quicktime readline reflection reiserfs resolvconf rtc samba sasl sdl seamonkey session simplexml soap sockets spell spl sqlite sse sse2 ssl subversion suexec suhosin svg swat sysfs syslog tcpd theora threads tidy tiff tokenizer transcode truetype unicode usb v4l v4l2 vcd vorbis wddx win32codecs winbind wxwindows x264 x86 xcomposite xforms xinerama xml xorg xpm xsl xv xvid xvmc zip zlib" ALSA_CARDS="hda-intel ens1371" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif so speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="evdev synaptics" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en ru" USERLAND="GNU" VIDEO_CARDS="intel i810 vesa" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Created attachment 205228 [details] ebulid 4.8.02 for kernel 2.6.31 please test it.
(In reply to comment #16) > Created an attachment (id=205228) [edit] > ebulid 4.8.02 for kernel 2.6.31 > > please test it. > ops.... this tarball in compressed in gzip not bz2
(In reply to comment #17) > (In reply to comment #16) > > Created an attachment (id=205228) [edit] > > ebulid 4.8.02 for kernel 2.6.31 > > > > please test it. > > > > ops.... this tarball in compressed in gzip not bz2 > I've tested this ebuild and I still get the same error as Matthew. Secure VPN Connection terminated locally by the Client Reason: Failed to establish a TCP connection. Also, the version of the vpnclient binary hasn't been updated. # vpnclient connect server Cisco Systems VPN Client Version 4.8.01 (0640) I'm running kernel 2.6.30-gentoo-r6.
(In reply to comment #7) > Hi, > > I have a problem emerging cisco-vpnclient from wolf31o2 repo. Here's the log: > > >>> Emerging (1 of 1) net-misc/cisco-vpnclient-4.8.02.0030 > * vpnclient-linux-x86_64-4.8.02.0030-k9.tar.gz RMD160 SHA1 SHA256 size ;-) ... > [ ok ] > * checking ebuild checksums ;-) ... > [ ok ] > * checking auxfile checksums ;-) ... > [ ok ] > * checking miscfile checksums ;-) ... > [ ok ] > >>> Unpacking source... > >>> Unpacking vpnclient-linux-x86_64-4.8.02.0030-k9.tar.gz to /var/tmp/portage/net-misc/cisco-vpnclient-4.8.02.0030/work > >>> Source unpacked. > >>> Compiling source in /var/tmp/portage/net-misc/cisco-vpnclient-4.8.02.0030/work/vpnclient ... > make -j5 > make -C /lib/modules/2.6.27-gentoo-r8/build > SUBDIRS=/var/tmp/portage/net-misc/cisco-vpnclient-4.8.02.0030/work/vpnclient > modules > make[1]: Entering directory `/usr/src/linux-2.6.27-gentoo-r8' > Makefile:518: /usr/src/linux-2.6.27-gentoo-r8/arch/amd64/Makefile: No such file > or directory > make[1]: *** No rule to make target > `/usr/src/linux-2.6.27-gentoo-r8/arch/amd64/Makefile'. Stop. > make[1]: Leaving directory `/usr/src/linux-2.6.27-gentoo-r8' > make: *** [default] Error 2 > * > * ERROR: net-misc/cisco-vpnclient-4.8.02.0030 failed. > * Call stack: > * ebuild.sh, line 49: Called src_compile > * environment, line 2124: Called _eapi0_src_compile > * ebuild.sh, line 595: Called _eapi2_src_compile > * ebuild.sh, line 629: Called die > * The specific snippet of code: > * emake || die "emake failed" > * The die message: > * emake failed > * > * If you need support, post the topmost build error, and the call stack if > relevant. > * A complete build log is located at > '/var/tmp/portage/net-misc/cisco-vpnclient-4.8.02.0030/temp/build.log'. > * The ebuild environment file is located at > '/var/tmp/portage/net-misc/cisco-vpnclient-4.8.02.0030/temp/environment'. > * > > >>> Failed to emerge net-misc/cisco-vpnclient-4.8.02.0030, Log file: > > > ----------------------------------------------------------------------- > > I have no idea why it tries to make stuff in the kernel source dir and also, > where is the src_compile() part, where such things are being done, there's just > src_install() in the ebuild. Could you please shed some light on this? > > Regards. > I'm getting this same error using gentoo-sources-2.6.28-r5
Created attachment 210069 [details, diff] 4.8.02.0030-frag.c.patch
Created attachment 210071 [details, diff] 4.8.02.0030-GenDefs.h.patch
Created attachment 210073 [details, diff] 4.8.02.0030-interceptor.c.patch
Created attachment 210075 [details, diff] 4.8.02.0030-linuxcniapi.c.patch
Created attachment 210076 [details, diff] 4.8.02.0030-linuxcniapi.h.patch
Created attachment 210078 [details, diff] 4.8.02.0030-linuxkernelapi.c.patch
Created attachment 210080 [details, diff] 4.8.02.0030-Makefile.patch
Created attachment 210081 [details, diff] 4.8.01.0640 -> 4.8.02.0030 -- tested and works on 2.6.31 x86 (patched for amd64 as well)
Created attachment 210090 [details, diff] 4.8.02.0030-interceptor.c.patch
Are you aware of these patches?: http://www.painfullscratch.nl/code/vpn/
Confirming the patches from Matthew work on 2.6.32.4 and .6. The patch 4.8.02.0030-amd64.patch does not apply after those due to too large offset diffs I guess. But, that is not a problem for me as I am on ~x86.
As for me, Matthew's patches work on x86_64, 2.6.31-gentoo-r6
Could one of you guys put together all files (or list which ones are needed), so normal noobs know what to fetch together into the localoverlaydirs, so we just need the usual "ebuild ... digest" to get cisco-vpnclient-3des installed? Or some rough HowTo would make me glad.. Sorry for being so dumb, but i dont know how to apply these patches manually, and also dont want to read the whole thread just to understand what "applying users" dont need to understand. Btw: Why anybody adds it to tree, nor to an overlay like Sunrise?
(In reply to comment #32) > Could one of you guys put together all files (or list which ones are needed), > so normal noobs know what to fetch together into the localoverlaydirs, so we > just need the usual "ebuild ... digest" to get cisco-vpnclient-3des installed? > Or some rough HowTo would make me glad.. > > Sorry for being so dumb, but i dont know how to apply these patches manually, > and also dont want to read the whole thread just to understand what "applying > users" dont need to understand. > > Btw: Why anybody adds it to tree, nor to an overlay like Sunrise? > (In reply to comment #32) > Could one of you guys put together all files (or list which ones are needed), > so normal noobs know what to fetch together into the localoverlaydirs, so we > just need the usual "ebuild ... digest" to get cisco-vpnclient-3des installed? > Or some rough HowTo would make me glad.. > > Sorry for being so dumb, but i dont know how to apply these patches manually, > and also dont want to read the whole thread just to understand what "applying > users" dont need to understand. > > Btw: Why anybody adds it to tree, nor to an overlay like Sunrise? Easiest thing to do would be to copy all the portage cisco files into your overlay directory structure. Then copy all the patches I submitted here to the files directory inside the cisco overlay directory. Then move the cisco-vpnclient-3des-4.8.02.0030.patch to one directory above the files directory. Then you'll create a new copy of the latest portage ebuild: cp cisco-vpnclient-3des-4.8.01.0640.ebuild cisco-vpnclient-3des-4.8.02.0030.ebuild Then you'll apply the patch to it like this (within that directory): patch -p0 < vpnclient-3des-4.8.02.0030.patch After that you can digest the new ebuild like this: GENTOO_MIRRORS="" ebuild cisco-vpnclient-3des-4.8.02.0030.ebuild digest You should now be able to emerge the new ebuild. In regards to sunrise, it's impossible to submit to it because the package already exists in portage. Only permission from the maintainer of this package would allow for it to be submitted to sunrise.
Weel, there is an issue with the ebuild. If you boot with one version of kernel and /usr/src/linux symlink points to another, the ebuild detects the one using the symlink but the actually compiled code is against the version currently booted. :( # ln -s linux-2.6.31.12 linux # emerge cisco-vpnclient-3des ... done! >>> Verifying ebuild manifests >>> Emerging (1 of 1) net-misc/cisco-vpnclient-3des-4.8.02.0030-r1 from unknown repo * vpnclient-linux-x86_64-4.8.02.0030-k9.tar.gz RMD160 SHA1 SHA256 size ;-) ... [ ok ] * checking ebuild checksums ;-) ... [ ok ] * checking auxfile checksums ;-) ... [ ok ] * checking miscfile checksums ;-) ... [ ok ] * CPV: net-misc/cisco-vpnclient-3des-4.8.02.0030-r1 * REPO: * USE: elibc_glibc kernel_linux userland_GNU x86 * Determining the location of the kernel source code * Found kernel source directory: * /usr/src/linux * Found kernel object directory: * /lib/modules/2.6.31.12/build * Found sources for kernel version: * 2.6.31.12 >>> Unpacking source... >>> Unpacking vpnclient-linux-x86_64-4.8.02.0030-k9.tar.gz to /var/tmp/portage/net-misc/cisco-vpnclient-3des-4.8.02.0030-r1/work /var/tmp/portage/net-misc/cisco-vpnclient-3des-4.8.02.0030-r1/work/vpnclient * Applying 4.8.02.0030-frag.c.patch ... [ ok ] * Applying 4.8.02.0030-GenDefs.h.patch ... [ ok ] * Applying 4.8.02.0030-interceptor.c.patch ... [ ok ] * Applying 4.8.02.0030-linuxcniapi.c.patch ... [ ok ] * Applying 4.8.02.0030-linuxcniapi.h.patch ... [ ok ] * Applying 4.8.02.0030-linuxkernelapi.c.patch ... [ ok ] * Applying 4.8.02.0030-Makefile.patch ... [ ok ] >>> Source unpacked in /var/tmp/portage/net-misc/cisco-vpnclient-3des-4.8.02.0030-r1/work >>> Compiling source in /var/tmp/portage/net-misc/cisco-vpnclient-3des-4.8.02.0030-r1/work/vpnclient ... ln: creating symbolic link `Module.symvers': File exists * Preparing cisco_ipsec module make HOSTCC=i686-pc-linux-gnu-gcc CROSS_COMPILE=i686-pc-linux-gnu- LDFLAGS= clean default rm -f linuxcniapi.o frag.o IPSecDrvOS_linux.o interceptor.o linuxkernelapi.o rm -f cisco_ipsec.mod.* rm -f cisco_ipsec.{o,ko} make -C /lib/modules/2.6.30.10/build SUBDIRS=/var/tmp/portage/net-misc/cisco-vpnclient-3des-4.8.02.0030-r1/work/vpnclient modules ^C
(In reply to comment #34) > Weel, there is an issue with the ebuild. If you boot with one version of kernel > and /usr/src/linux symlink points to another, the ebuild detects the one using > the symlink but the actually compiled code is against the version currently > booted. :( That is the standard way the ebuild should handle it. If you've ever used nvidia-drivers as an example, you'll notice that it exhibits same behavior.
Created attachment 232657 [details, diff] patch to fix autoconf.h error with kernel >= 2.6.33 The 4.8.02.0030 ebuild and attached patches fail on kernel 2.6.33 with an autoconf.h missing error. the attached patch fixes this error. add an epatch line for this patch before all other epatch lines in the 4.8.02.0030 ebuild. this autoconf patch is needed because autoconf.h moved from linux/autoconf.h to generated/autoconf.h in 2.6.33+
Hello, Seems authentication for cisco-vpn depends on gnutls being installed.
The patches posted by Matthew Schultz plus the autoconf patch from JTRiley compile properly on 2.6.36-gentoo-r5. There is a kernel panic as soon as traffic passes over the connection, however. I tried switching to run off a single core with the same result. Has anyone had stability with kernels >= 2.6.30?
(In reply to comment #38) > Has anyone had stability with kernels >= 2.6.30? I have to use 2.6.27.57 to get my x86-based laptop not hard-locking on moderate VPN network usage, reproducibly. Higher kernels locked up on my computer every once in a while. 2.6.27.57 crashes but not too badly, one can honestly reboot. ;) Go for vpnc or openswan (the latter is more tricky to configure) to connect to your cisco.
(In reply to comment #35) > That is the standard way the ebuild should handle it. If you've ever used > nvidia-drivers as an example, you'll notice that it exhibits same behavior. That's not true. A kernel module ebuild should be able to compile against whichever kernel source is linked to by /usr/src/linux. The nvidia-drivers package actually handles this properly and does not force you to compile against the current running kernel sources. Force instance I just compiled nvidia-drivers against my yet-to-be-booted 2.6.38-r1 sources while running a 2.6.36-r1 kernel. If this weren't the case it'd be extremely inconvenient to have to first boot into your new kernel to test if your modules will compile successfully...
Created attachment 272205 [details, diff] updated 4.8.02.0030-Makefile.patch The Makefile is the cause of the ebuild building against the active kernel (uname -r) instead of the selected kernel (/usr/src/linux). This Makefile patch doesn't fix the problem directly, it just prepares the Makefile so that a single line can easily be sed'ed inside of the ebuild at runtime (will attach separately) with the proper kernel module directory (/lib/modules/${KV_FULL}). (NOTE: This patch should obsolete the previous version of the patch from 2009 (it's included in this new one). However, the new Gentoo Bugs wiki is only showing me patches that I myself have contributed as attachments to obsolete...is this intended?)
Created attachment 272207 [details] updated 4.8.02.0030 ebuild that builds against /usr/src/linux This ebuild, along with my updated Makefile patch, will properly build the kernel modules against the kernel pointed to by /usr/src/linux rather than the currently active (uname -r) kernel. It does this by sed'ing the (patched) Makefile to insert the proper kernel module location (/lib/modules/${KV_FULL}).
Created attachment 272209 [details] updated 4.8.02.0030 ebuild that builds against /usr/src/linux cleanup: remove debugging lines from updated ebuild
Comment on attachment 210080 [details, diff] 4.8.02.0030-Makefile.patch Looks like http://bugs.gentoo.org/attachment.cgi?id=272205 obsoletes this patch.
(In reply to comment #43) > Created attachment 272209 [details] > updated 4.8.02.0030 ebuild that builds against /usr/src/linux > > cleanup: remove debugging lines from updated ebuild When updating a package, you should just post a patch to upgrade the ebuild and not the entire ebuild. If a gentoo maintainer were to ever pick this up, it would be easier for him or her to see the differences.
Just some info to whoever picks this up. Bumped version (with attached patches) still works as of today, even with kernel 3.1.0-gentoo-r1.
+*cisco-vpnclient-3des-4.8.02.0030 (12 Feb 2012) + + 12 Feb 2012; Pacho Ramos <pacho@gentoo.org> + +cisco-vpnclient-3des-4.8.02.0030.ebuild, +files/4.8.02.0030-GenDefs.h.patch, + +files/4.8.02.0030-Makefile.patch, +files/4.8.02.0030-autoconf.patch, + +files/4.8.02.0030-frag.c.patch, +files/4.8.02.0030-interceptor.c.patch, + +files/4.8.02.0030-linuxcniapi.c.patch, + +files/4.8.02.0030-linuxcniapi.h.patch, + +files/4.8.02.0030-linuxkernelapi.c.patch, + -cisco-vpnclient-3des-4.8.01.0640.ebuild: + Version bump, thanks a lot to Rolando J. Zappacosta, Andreas Simon, Andrea + Postiglione, Matthew Schultz, JTRiley. Drop old. + As this package is orphan maybe you could help to maintain it through proxy-maint: http://www.gentoo.org/proj/en/qa/proxy-maintainers/index.xml
