[Swan-dev] an official alternative to whack --impair revival
Paul Wouters
paul at nohats.ca
Tue Apr 30 20:14:24 UTC 2019
On Tue, 30 Apr 2019, Andrew Cagney wrote:
> I added the option:
> whack --impair revival
> so we can cripple pluto's desire revive SAs when they are deleted.
Hmm, not sure I fully agree with this :P
> However, I wonder if what we really need is a way to tell pluto that a
> connection should only try to come up once:
> ipsec auto --try connection
> I think even end users would find it helpful to have a way of
> preventing pluto from wondering off and doing stuff in the background.
That's a way too confusing knob in the hand of a inexperienced ipsec
admin.
Paul
More information about the Swan-dev
mailing list