(A late reply) On Mon, Jan 19, 2004 at 10:41:46AM -0800, Adam Morley wrote: > Hi, > > I have a server where I'd like to be able to use functionality > provided by later versions of the freeswan kernel patch --- namely, > 0.9.14 of the X.509 patches provided support for the > leftprotoport/rightprotoport. > (http://www.strongsec.com/freeswan/install.htm#section_4.5).
That's a nice page. > I'd rather not have to build my own versions of the freeswan > package, but use the one already included with Debian Woody. > Is this possible if I'm running a later version of the freeswan > kernel patch (like this one: > http://www.strongsec.com/freeswan/x509patch-0.9.37-freeswan-1.99.tar.gz)? > Or will I have to track both the kernel patch and a later version > of the freeswan tools? > > I thought I could use sarge's freeswan package, but being that > I'm rather new to Debian, I don't know a whole lot about just > upgrading that one package. Suggestions for the best "debian way" > to do something like this would be helpful. I can't answer your first question about whether you need to upgrade freeswan to work with the later kernel patch, but I might say, in order to install something from sarge, just update to sarge, install it and then update to stable and noone will be any the wiser (ducks) You can simulate install with apt-get -s install freeswan If it goes in and you change your mind, you will need to explicitly downgrade, e.g.: apt-get install freeswan=<version-number> Some people do this, using mixed releases with debian stable, testing, and unstable quite routinely. I think it's a nice thing about Debian that it very often works, because of the dependency checking in .deb files. It is basically deprecated though, I guess because some core things have to be in one distribution or other or they don't work properly, but I don't really know. More thorough is to backport it, or find a woody backport from someone reputable. This avoids recompiling (if possible) the testing or unstable source on your woody system, which is also good of course. Actually, looking now, you may need to recompile it (not difficult). This better answer to the second question, from the archives of this very list: http://lists.debian.org/debian-user/2003/debian-user-200306/msg02995.html Patrick Lesslie -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
