On Wed, 29 Jan 2020 at 04:06, Paul Wouters <p...@nohats.ca> wrote: > > On Wed, 29 Jan 2020, Antony Antony wrote: > > > Antony foresee new type ttipcider(), as there are objections to reuse > > subnet(). We will see when we add the code. If the subnet is left alone > > without port and protocol it can used for ttipcider(). > > > > Additionally: > > suggests to leave subnet as without ports and protocol, and create > > traffic_selectior() for parsing keyword subnet from our config.
Just to be clear, any thing using ip_subnet and ttosubnet() will accept ports. For instance: subnet=1.2.3.4/32:10 (a quick test suggests it is silently ignored). It isn't a question of reusing ip_subnet to implement traffic selectors. Rather its the reverse, we've already got a traffic selector type and it's being used everywhere; it's just that it is unfortunately called ip_subnet. > Seems reasonable. Although for now I am also okay with using ip_subnet > as was done for the vti case. > > Paul _______________________________________________ Swan-dev mailing list Swan-dev@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-dev