I unmasked net-misc/strongswan on my AMD64. It compiles just fine, but when I try to start after configuring I'm receiving the following error: Using Linux 2.6 IPsec interface code FATAL ERROR: socket() in init_netlink(). Errno 93: Protocol not supported Below is the output of the following command: strace -o /tmp/sstrc.txt -f -e trace=network -p PID. The PID is that of ipsec after it was started with: /usr/sbin/ipsec start --nofork 12565 --- SIGALRM (Alarm clock) @ 0 (0) --- 12618 socket(PF_FILE, SOCK_STREAM, 0) = 4 12618 setsockopt(4, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0 12618 bind(4, {sa_family=AF_FILE, path="/var/run/pluto.ctl"}, 20) = 0 12618 listen(4, 5) = 0 12618 socket(PF_KEY, SOCK_RAW, 2) = 3 12618 socket(PF_NETLINK, SOCK_DGRAM, 6 <unfinished ...> 12565 sendto(3, "<84>Aug 14 22:46:23 ipsec_starte"..., 76, MSG_NOSIGNAL, NULL, 0) = 76 12565 socket(PF_FILE, SOCK_STREAM, 0) = 4 12565 connect(4, {sa_family=AF_FILE, path="/var/run/pluto.ctl"}, 20) = 0 12565 socket(PF_FILE, SOCK_STREAM, 0) = 4 12565 connect(4, {sa_family=AF_FILE, path="/var/run/charon.ctl"}, 21) = 0 12565 socket(PF_FILE, SOCK_STREAM, 0) = 4 12565 connect(4, {sa_family=AF_FILE, path="/var/run/pluto.ctl"}, 20) = 0 12618 <... socket resumed> ) = -1 EPROTONOSUPPORT (Protocol not supported) 12565 --- SIGCHLD (Child exited) @ 0 (0) --- 12565 sendto(3, "<84>Aug 14 22:46:24 ipsec_starte"..., 85, MSG_NOSIGNAL, NULL, 0) = 85 12565 --- SIGALRM (Alarm clock) @ 0 (0) --- 12621 socket(PF_FILE, SOCK_STREAM, 0) = 4 12621 setsockopt(4, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0 12621 bind(4, {sa_family=AF_FILE, path="/var/run/pluto.ctl"}, 20) = 0 12621 listen(4, 5) = 0 12621 socket(PF_KEY, SOCK_RAW, 2) = 3 12621 socket(PF_NETLINK, SOCK_DGRAM, 6 <unfinished ...> 12565 sendto(3, "<84>Aug 14 22:46:29 ipsec_starte"..., 76, MSG_NOSIGNAL, NULL, 0) = 76 12565 socket(PF_FILE, SOCK_STREAM, 0) = 4 12565 connect(4, {sa_family=AF_FILE, path="/var/run/pluto.ctl"}, 20) = 0 12565 socket(PF_FILE, SOCK_STREAM, 0) = 4 12565 connect(4, {sa_family=AF_FILE, path="/var/run/charon.ctl"}, 21) = 0 12565 socket(PF_FILE, SOCK_STREAM, 0) = 4 12565 connect(4, {sa_family=AF_FILE, path="/var/run/pluto.ctl"}, 20) = 0 12621 <... socket resumed> ) = -1 EPROTONOSUPPORT (Protocol not supported) 12565 --- SIGCHLD (Child exited) @ 0 (0) --- 12565 sendto(3, "<84>Aug 14 22:46:29 ipsec_starte"..., 85, MSG_NOSIGNAL, NULL, 0) = 85 I have verified I have the correct network kernel options for strongswan/ipsec configured those being: <*> PF_KEY sockets <*> IP: AH transformation <*> IP: ESP transformation <*> IP: IPComp transformation <*> IP: IPsec transport mode <*> IP: IPsec tunnel mode I'm using 2.6.34-gentoo-r1, and I emerge -auDv world often. Reproducible: Always Steps to Reproduce: 1.start ipsec. 2. 3. Actual Results: Followed this guide to setup strongswan, http://wiki.polymorf.fr/index.php/Howto:Iphone_L2TP Expected Results: ipsec would start but the child process pluto fails with error message above. The charon process starts fine.
emerge --info please
Portage 2.1.8.3 (default/linux/amd64/10.0/no-multilib, gcc-4.4.3, glibc-2.11.2-r0, 2.6.34-gentoo-r1 x86_64) ================================================================= System uname: Linux-2.6.34-gentoo-r1-x86_64-AMD_Athlon-tm-_64_Processor_3200+-with-gentoo-1.12.13 Timestamp of tree: Fri, 13 Aug 2010 19:10:01 +0000 app-shells/bash: 4.0_p37 dev-java/java-config: 2.1.11 dev-lang/python: 2.6.5-r3, 3.1.2-r4 dev-util/cmake: 2.8.1-r2 sys-apps/baselayout: 1.12.13 sys-apps/sandbox: 1.6-r2 sys-devel/autoconf: 2.65 sys-devel/automake: 1.10.3, 1.11.1 sys-devel/binutils: 2.20.1-r1 sys-devel/gcc: 4.4.3-r2 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.6b virtual/os-headers: 2.6.30-r1 ACCEPT_KEYWORDS="amd64" ACCEPT_LICENSE="*" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=athlon64 -O2 -pipe -fomit-frame-pointer" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /var/bind" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-march=athlon64 -O2 -pipe -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" FEATURES="assume-digests distlocks fixpackages news parallel-fetch protect-owned sandbox sfperms strict unmerge-logs unmerge-orphans userfetch" GENTOO_MIRRORS="http://mirror.mcs.anl.gov/pub/gentoo/ http://prometheus.cs.wmich.edu/gentoo http://gentoo.mirrors.tds.net/gentoo http://gentoo.cites.uiuc.edu/pub/gentoo/" LDFLAGS="-Wl,-O1 -Wl,--as-needed" MAKEOPTS="" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/u2/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="acl alsa amd64 apache2 asterisk berkdb bzip2 cdr clamav cli cracklib crypt curl cxx dbus dri dvd dvdr extras fam fortran gdbm gpm hal iconv imap ipv6 maildir mmx modules mudflap mysql ncurses nls nptl nptlonly openmp pam pcre perl png pppd python readline reflection server session spamassassin spl sqlite sse sse2 ssl svg swat sysfs tcpd threads unicode vhosts xorg zlib" ALSA_CARDS="via82xx" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif so speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="nv" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY
Sorry for my late response but this is asap- Carlos, please check that you have all of the following kernel modules: http://wiki.strongswan.org/projects/strongswan/wiki/KernelModules Unfortunately the ebuild does not check if you have all required kernel modules configured because there are some influencing variables which make this not as easy as it seems (e.g. different kernel and strongswan versions sometimes require a different (sub)set of modules). I'd very much appreciate it if you could report back please, if this worked and what you missed or if it still fails. Thanks a lot.
Also, is this stilla problem with version 4.5.0 ?
Info provided by Mathias resolved my issue.