freeswan 文档摘录

zqqa

1)Building and installing the software
2)Testing to see if install succeeded
Building and installing the software
There are several ways to build and install the software. All require that
you have kernel source, correctly configured for your machine, as a starting
point. If you don't have that yet, see the previous
section
Whatever method you choose, it will do all of the following:

• add FreeS/WAN code to the kernel
  
  • insert patches into standard kernel code to provide an interface
    
  • add additional files which use that interface
  
  
• re-configure and re-compile the kernel to activate that code
  
• install the new kernel
  
• build the non-kernel FreeS/WAN programs and install them
  
  • 
    ipsec(8)
    in /usr/local/sbin
    
  • others in /usr/local/lib/ipsec
  
  
• install FreeS/WAN
  man pages
  under
  /usr/local/man
  
• create the configuration file
  ipsec.conf(5)
  . Editing this file to
  configure your IPSEC gateway is described in the next
  section.
  
• create an RSA public/private key pair for your system and place it in
  ipsec.secrets(5)
  
  
• install the initialisation script /etc/rc.d/init.d/ipsec
  
• create links to that script from the /etc/rc.d/rc[0-6].d
  directories so that each run level starts or stops IPSEC. (If the previous
  sentence makes no sense to you, try the From
  Power-up to Bash Prompt HowTo).
  

Testing to see if install succeeded
To check that you have a sucessful install, you can reboot and check (by
watching messages during boot or by looking at them later with dmesg(8))
that:

• the kernel reports the right version. If not, you are likely still running
  your old kernel. Check your lilo.conf(5) file and the installation directory
  (defined in the kernel make file, often /boot but the default is /), then rerun
  lilo(8).
  
• KLIPS initialisation messages appear
  
• Pluto reports that it is starting
  

You can also try the commands:

• ipsec --version, to test whether /usr/local/bin is in your path
  so you can use IPSEC administration commands
  
• ipsec whack --status, using
  ipsec_whack(8)
  to ask Pluto for status
  information
  

Of course any status information at this point should be uninteresting since
you have not yet configured connections.


本文来自ChinaUnix博客，如果查看原文请点：http://blog.chinaunix.net/u/4329/showart_12671.html