[Swan-dev] config file diagnostics
Paul Wouters
paul at nohats.ca
Tue Jul 4 17:21:50 UTC 2017
Those are all old obsolete conns not used since freeswan. Just delete them all
Sent from my iPhone
> On Jul 4, 2017, at 18:02, D. Hugh Redelmeier <hugh at mimosa.com> wrote:
>
> | From: D. Hugh Redelmeier <hugh at mimosa.com>
>
> | Thanks, Paul, for dealing with the one I reported.
>
> Paul's commit was 22e805518d6948b1991fd5d97a004a361a903af4
>
> It removed a lot of definitions of conn us (and some others).
>
> Unfortunately there are still references to conn us. All six
> that I've found have been in
> baseconfigs/all/etc/ipsec.d/ipsec.conf.common
> Of course they fail. The failure is silent except on my system.
>
> I'm just going to delete them for now. That hardly seems dangerous
> because conn us is never defined. But before Paul's change, it was
> sometimes defined.
>
> That leaves several pointless conns. It makes me wonder whether the right
> choice would have been to define conn us more places, not fewer. But as
> what? Where?
>
> conn us-clear
> also=clear
>
> conn us-clear-or-private
> also=clear-or-private
>
> conn us-private-or-clear
> also=private-or-clear
>
> conn us-private-or-clear-all
> also=private-or-clear
>
> conn us-private
> also=private
>
> conn us-block
> also=block
> _______________________________________________
> Swan-dev mailing list
> Swan-dev at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan-dev
More information about the Swan-dev
mailing list