| Summary: | Request for openswan/shorewall support in hardened kernel | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Natanael Copa <natanael.copa> |
| Component: | Hardened | Assignee: | The Gentoo Linux Hardened Team <hardened> |
| Status: | RESOLVED INVALID | ||
| Severity: | enhancement | ||
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
|
Description
Natanael Copa
2006-06-29 04:20:41 UTC
from http://gentoo-wiki.com/HOWTO_Shorewall_Firewall_IPsec_VPN_and_2.6_kernel: "Update: As of kernel 2.6.16, policy match support is built-in. No patching needed (tested with gentoo-sources-2.6.16-r1, iptables-1.3.5 + extensions USE flag, ipsec-tools-0.6.2-r1 on ~x86). Just follow this guide until the first emerge instruction in "Get the software" section (if necessary, add sys-kernel/gentoo-sources to /etc/portage/package.keywords), then jump to "Recompile your kernel" and finally jump down to "Test Shorewall"." so just try the 2.6.16 hardened sources, and it looks like the other tools also have the relevant support. So nothing to fix :) So what I actually wanted was to get 2.6.16 marked stable, since it also fixes #137061 thanks! .16 probably wont be marked stable unless the grsec/pax patches come out of http://grsecurity.net/~spender/ and find themselves here http://grsecurity.net/download.php ; Perhaps you could/should start a thread on the grsec ml and find out whats the status.. (In reply to comment #3) > .16 probably wont be marked stable unless the grsec/pax patches come > out of http://grsecurity.net/~spender/ and find themselves here > http://grsecurity.net/download.php ; > > Perhaps you could/should start a thread on the grsec ml and find out > whats the status.. I joined list and posted message. List is moderated and my message has still not been accepted. Look slike nothing have been accepted since May. |
