2008/12/16 Miika Komu <miika.komu@xxxxxxx <mailto:miika.komu@xxxxxxx>>
antonio quisillo wrote:
Hi Antonio,
I would like to initially test a HIP connection with an
IPv4-only application and to do that I followed the chapter 7 of
the online manual.
In the /etc/hip directory was not present the hosts file, but
it was present in the /etc directory, so I copied and I added it
in the previous one. then i ran the command hipconf add map
OOPS_HIT OOPS_IP [OOPS_LSI] but I get the following messages:
action=1 optc=3
inet_pton: OOPS_HIT: not a valid network address
string to address conversion failed
Failed to send a message to the HIP daemon.
Error: Cannot configure the HIP daemon.
can you actually copy paste here the hipconf command *exactly* as
you typed it without trying to hide the actual identifiers?
yes, it is what I did.
so I added the peer IP ( OOP_IP oops ) in the file /etc/hosts.
Then, I continued to follow the instructions but:
1. I did'n find the directory hipl but I found the
/etc/init.d/hipl executable file and here I run ./hipl start, I
do not know if I did the right thing;
2. I found hipd under /usr/sbin directory and so I run ./hipd -b
command;
3. In the same directory there is hipfw file and I run it with
-A and -l option but I get the following messages:
info(firewall.c:1766@main): firewall pid=1168 starting
debug(firewall.c:1769@main): Using ipv4 and ipv6
debug(rule_management.c:1048@read_file): read_file: file
/etc/hip/firewall_conf
debug(rule_management.c:443@parse_hit): parse_hit error
debug(rule_management.c:909@parse_rule): error parsing rule:
src_hit value
debug(rule_management.c:394@free_rule): freeing
debug(rule_management.c:31@print_rule): rule:
debug(rule_management.c:34@print_rule): INPUT
debug(rule_management.c:96@print_rule): ACCEPT
debug(rule_management.c:1097@read_file): unable to parse rule:
INPUT -src_hit OOPS_HIT ACCEPT
The same here. Please show your /etc/hip/firewall_conf as it is.
my /etc/hip/firewall_conf is
on oops machine:
# format: HOOK [match] TARGET
# HOOK = INPUT, OUTPUT or FORWARD
# TARGET = ACCEPT or DROP
# match = -src_hit [!] <hit value> --hi <file name>
# -dst_hit [!] <hit>
# -type [!] <hip packet type>
# -i [!] <incoming interface>
# -o [!] <outgoing interface>
# -state [!] <state> --verify_responder --accept_mobile
--decrypt_con
#
INPUT -dst_hit OOPS_HIT ACCEPT
OUTPUT -src_hit OOPS_HIT ACCEPT
