[Swan-dev] a question on whack exit codes (libreswan-up-down.sh)
Paul Wouters
paul at nohats.ca
Mon May 7 14:33:35 UTC 2018
On Mon, 7 May 2018, Andrew Cagney wrote:
> In the past, if the connection didn't come up immediately, 'ipsec auto
> --up ${config}' would fail and the script would stop. With recent
> changes, that operation now succeeds and the script continues
> executing wait-until-alive (that script runs ping, and the ping then
> tricks east into trying to bring up the connection ....):
> 002 "westnet-eastnet-ipv4-psk-ikev2" #4: IKE SA authentication
> request rejected: UNSUPPORTED_CRITICAL_PAYLOAD
This log message has the wrong RC_XXX type.
Looking closer, it seems that RC_WHACK_PROBLEM is unfortunately placed
in lswlog.h. I'll push a fix.
> Given the connection neither succeed nor failed, what should the exit code be?
It did fail if it really "rejected" the connection.
Paul
More information about the Swan-dev
mailing list