That was a one-line bug fix that should have been backported from ClearOS 7 for 6.8. That fix is now done (git diff) and the update is on the way to the mirrors. I'll push it through the updates systems quickly -- it's a trivial fix.

Are you sure IPsec is not starting?

There is a known bug where the tunnel status does not show correctly (at all?) on systems running libreswan - bug 9201. I may try and ping Tim sometime as he is hardly around on the forums anymore.


There is also a major bug which has recently been filed where you can't manage the interface if IPsec is not running.

For your last issue about auto starting, you can make libreswan start automatically through the webconfig (system > modules?) but I can't check exactly where at the moment. The easiest thing to do is issue the command "chkconfig libreswan on"

Thanks for responding and your right 'ipsec' was not in the chkconfig list so I added it as you stated. I would have thought that the ClearOS update should have done that automatically though!
No matter auto start or ipsec works now.

As far as stop and start from the GUI is concerned - Yes I have checked if the ipsec/pluto process is running or not and the GUI does not affect it. Like I said only the 'service ipsec [start/stop]' command actually stops or starts pluto.

The /var/log/system log shows the following:

Attempt to start from GUI

Jan 10 16:21:14 firewall4 engine: exception: error: /usr/clearos/apps/base/libraries/Daemon.php (511): Software is not installed

Jan 10 16:21:14 firewall4 engine: exception: debug backtrace: /usr/clearos/apps/base/controllers/daemon.php (122): set_running_state

Jan 10 16:21:14 firewall4 engine: exception: debug backtrace: GUI (0): start

Jan 10 16:21:14 firewall4 engine: exception: debug backtrace: /usr/clearos/framework/system/core/CodeIgniter.php (359): call_user_func_array

Jan 10 16:21:14 firewall4 engine: exception: debug backtrace: /usr/clearos/framework/htdocs/app/index.php (222): require_once

Jan 10 16:21:14 firewall4 engine: exception: error: /usr/clearos/apps/base/libraries/Daemon.php (511): Software is not installed

Jan 10 16:21:14 firewall4 engine: exception: debug backtrace: /usr/clearos/apps/base/controllers/daemon.php (128): set_running_state

Jan 10 16:21:14 firewall4 engine: exception: debug backtrace: GUI (0): start

Jan 10 16:21:14 firewall4 engine: exception: debug backtrace: /usr/clearos/framework/system/core/CodeIgniter.php (359): call_user_func_array

Jan 10 16:21:14 firewall4 engine: exception: debug backtrace: /usr/clearos/framework/htdocs/app/index.php (222): require_once

Attempt to stop from GUI

Jan 10 16:18:31 firewall4 engine: exception: error: /usr/clearos/apps/base/libraries/Daemon.php (511): Software is not installed

Jan 10 16:18:31 firewall4 engine: exception: debug backtrace: /usr/clearos/apps/base/controllers/daemon.php (146): set_running_state

Jan 10 16:18:31 firewall4 engine: exception: debug backtrace: GUI (0): stop

Jan 10 16:18:31 firewall4 engine: exception: debug backtrace: /usr/clearos/framework/system/core/CodeIgniter.php (359): call_user_func_array

Jan 10 16:18:31 firewall4 engine: exception: debug backtrace: /usr/clearos/framework/htdocs/app/index.php (222): require_once

That looks like it could be the major bug I referenced.

@Peter,
I've just e-mailed Tim, mentioning that the Tunnel Status does not work. It has always been known that it does not work properly with libreswan. It used to work a bit but now it does not work at all.

Peter,

Thanks for git diff link, I don't know how long the update will take to come through, but I applied the packaging/ipsec.php change and now I can control ipsec from the GUI.
Presumably that shouldn't upset the update, will it?

Andy Ludgate wrote:

Thanks for git diff link, I don't know how long the update will take to come through, but I applied the packaging/ipsec.php change and now I can control ipsec from the GUI.
Presumably that shouldn't upset the update, will it?

That won't upset the update - you are good to go.