On Wed, 29 Jan 2020 at 04:06, Paul Wouters <p...@nohats.ca> wrote:
>
> On Wed, 29 Jan 2020, Antony Antony wrote:
>
> > Antony foresee new type ttipcider(), as there are objections to reuse
> > subnet(). We will see when we add the code. If the subnet is left alone
> > without port and protocol it can used for ttipcider().
> >
> > Additionally:
> > suggests to  leave subnet as without ports and protocol, and create
> > traffic_selectior() for parsing keyword subnet from our config.

Just to be clear, any thing using ip_subnet and ttosubnet() will
accept ports.  For instance:
  subnet=1.2.3.4/32:10
(a quick test suggests it is silently ignored).

It isn't a question of reusing ip_subnet to implement traffic
selectors.   Rather its the reverse, we've already got a traffic
selector type and it's being used everywhere; it's just that it is
unfortunately called ip_subnet.

> Seems reasonable. Although for now I am also okay with using ip_subnet
> as was done for the vti case.
>
> Paul
_______________________________________________
Swan-dev mailing list
Swan-dev@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-dev

Reply via email to