[Swan-dev] config file diagnostics

D. Hugh Redelmeier hugh at mimosa.com
Tue Jul 4 16:02:09 UTC 2017


| From: D. Hugh Redelmeier <hugh at mimosa.com>

| Thanks, Paul, for dealing with the one I reported.

Paul's commit was 22e805518d6948b1991fd5d97a004a361a903af4

It removed a lot of definitions of conn us (and some others).

Unfortunately there are still references to conn us.  All six
that I've found have been in
	baseconfigs/all/etc/ipsec.d/ipsec.conf.common
Of course they fail.  The failure is silent except on my system.

I'm just going to delete them for now.  That hardly seems dangerous
because conn us is never defined.  But before Paul's change, it was
sometimes defined.

That leaves several pointless conns.  It makes me wonder whether the right 
choice would have been to define conn us more places, not fewer. But as 
what?  Where?

conn us-clear
	also=clear

conn us-clear-or-private
	also=clear-or-private

conn us-private-or-clear
	also=private-or-clear

conn us-private-or-clear-all
	also=private-or-clear

conn us-private
	also=private

conn us-block
	also=block


More information about the Swan-dev mailing list