1、首先安装RHL5.
2、下载linux-2.6.18和openswan-2.4.12,放到/usr/src/目录.
3、进入/usr/src/linux-2.6.18/目录,运行make menuconfig 如果不能则在RHL5的第5张CD上的networking目录中拷贝ncurses-devel-5.5-24.20060715.i386.rpm,运行则rpm -ivh ncurses-devel-5.5-24.20060715.i386.rpm,
4、在networking opetions 中去掉x
< > IPsec user configuration interface x x
x x< > PF_KEY sockets
x< > IP: AH transformation x x
x x< > IP: ESP transformation
x< > IP: IPsec transport mode x x
x x< > IP: IPsec tunnel mode
x< > IPv6: AH transformation x x
x x< > IPv6: ESP transformation
x x< > IPv6: IPsec transport mode x x
x x< > IPv6: IPsec tunnel mode
去掉,防止和RHL5本身自带的ipsec冲突,保存配置。
5、运行make && make moduls (此项可省)&& make modules_install && make install
6、重启进行linux-2.6.18内核系统
7、cd /usr/src
8、ln -s linux-2.6.18 linux
下面安装openswan
9、进行/usr/src/openswan/
10、make nattpatch | (cd /usr/src/linux-2.6.18 && patch -p1 && make bzImage)
11、cd /usr/src/linux && make dep bzImage install
12、cd /usr/src/openswan-2.4.12/
1) From the openswan source directory, build the userland tools, and
ipsec.o kernel module:
13、 make KERNELSRC=/usr/src/linux-2.6.18 programs module
2) As root, install the userland tools, and the ipsec.o module:
14、 make KERNELSRC=/usr/src/linux-2.6.18 install minstall
To use the native (aka, Netkey) stack:
0) Please use at least version kernel version 2.6.6, as prior
versions of the kernel have serious bugs in the IPsec stack.
1) From the openswan source directory:
14、make programs
2) As root, install the userland tools:
16、 make install
17、cd /etc/sysctl.conf
18、编辑/etc/sysctl.conf
vi /etc/sysctl.conf |
将下面两项:
net.ipv4.ip_forward = 0 |
改为:
net.ipv4.ip_forward = 1 |
19、default.re_filter = 0
20、sysctl –p
21、cd /usr/src/linux-2.6.28/
22、make menuconfig
23、klips下面都打星号
24、make
25、make modules
26、make modules_install
27、make install
28、进入/boot/grup/下改成linux-2.6.18开机启动
29、重启即可