Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
When I run ipsec setup start I get the following errors:
ipsec setup start
ERROR: /etc/ipsec.d/vpn.conf: 2: keyword type, invalid value: tunnel
ERROR: /etc/ipsec.d/vpn.conf: 2: keyword type, invalid value: tunnel
ERROR: /etc/ipsec.d/vpn.conf: 2: keyword type, invalid value: tunnel
unknown stack
Redirecting to: systemctl start ipsec.service
Job for ipsec.service failed because the control process exited with error code. See "systemctl status ipsec.service" and "journalctl -xe" for details.
I have edited and recreated the file thinking that there were some non-printable character - but I can't seem to get past this. If I comment out that line it errors onauthby=secret
It's driving me crazy - any help would be appreciated.
All subsequent non-empty lines which begin with white space are part of the section.
The file listing you provided shows no white space before the section contents. The page I referred to appears to use a tab as its white space character in the examples it shows.
No problem. You can manually surround output with CODE tags, or select the output and press # on the LQ Advanced Editor (see "Go Advanced" at the bottom of the text box if this isn't showing), like this:
One other link that I find on the web indicating a similar error message concluded that the poster had strange characters somewhere in the config file - you probably saw that thread too, hence your looking for non-printable characters.
Just so that we can exhaust that line of enquiry, can you paste the output from:
Me too. Those are Windows line endings, not Linux line endings though, but I don't know if that makes a difference. How did you get those?
How good are you at reading C code? The reason I ask is that I'm now looking at the LibreSwan source code to try to narrow down why those errors are generated. I'm not too au fait with C - if you are then you might want a look.
I save the file in unix format in vi and the CR/LF is now just LF
00000000 63 6f 6e 6e 20 6d 79 74 75 6e 6e 65 6c 0a 20 20 |conn mytunnel. |
00000010 74 79 70 65 3d 74 75 6e 6e 65 6c 0a 20 20 6c 65 |type=tunnel. le|
00000020 66 74 3d 31 39 32 2e 31 36 38 2e 32 2e 32 33 0a |ft=192.168.2.23.|
00000030 20 20 72 69 67 68 74 3d 31 39 32 2e 31 36 38 2e | right=192.168.|
00000040 32 2e 34 35 0a 20 20 61 75 74 68 62 79 3d 73 65 |2.45. authby=se|
00000050 63 72 65 74 0a 20 20 61 75 74 6f 3d 61 64 64 0a |cret. auto=add.|
New error message
ipsec setup start
'arning: could not open include filename: '/etc/ipsec.d/*.conf
]annot load config '/etc/ipsec.conf': /etc/ipsec.conf:2: syntax error, unexpected STRING, expecting $end [
'arning: could not open include filename: '/etc/ipsec.d/*.conf
]annot load config '/etc/ipsec.conf': /etc/ipsec.conf:2: syntax error, unexpected STRING, expecting $end [
'arning: could not open include filename: '/etc/ipsec.d/*.conf
]annot load config '/etc/ipsec.conf': /etc/ipsec.conf:2: syntax error, unexpected STRING, expecting $end [
unknown stack
Redirecting to: systemctl start ipsec.service
I'll take a look at the code in the AM. In the mean time I'll save the file in unix format
Ok. The ERROR: /etc/ipsec.d/vpn.conf: 2: keyword type, invalid value: tunnel errors get generated in lib/libipsecconf/keywords.c, and the unknown stack error gets generated in programs/_stackmanager.in.
Which version of LibreSwan are you using and which Linux distro (and version)?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.