[Swan-dev] What should PLUTO_MY_CLIENT_NET contain?
Paul Wouters
paul at nohats.ca
Tue Aug 6 14:16:15 UTC 2019
On Tue, 6 Aug 2019, Andrew Cagney wrote:
Examples filled in for my vpn.nohats.ca connection:
> I'm looking at this code: jam(buf, "PLUTO_MY_CLIENT='");
> jam_subnet(buf, &sr->this.client);
> jam(buf, "' ");
PLUTO_MY_CLIENT='193.111.228.70/32'
> jam(buf, "PLUTO_MY_CLIENT_NET='");
> ta = subnet_endpoint(&sr->this.client);
> jam_address(buf, &ta);
> jam(buf, "' ");
PLUTO_MY_CLIENT_NET='193.111.228.70'
> jam(buf, "PLUTO_MY_CLIENT_MASK='");
> ta = subnet_mask(&sr->this.client);
> jam_address(buf, &ta);
> jam(buf, "' ");
PLUTO_MY_CLIENT_MASK='255.255.255.255'
> If you go by the names you'd think that an ip_subnet contained network-prefix + mask-bits, but based on how it is used, it can contain
>
> NETWORK_PREFIX+HOST_IDENTIFIER : PORT / MASK-BITS
>
> which means in the above, PLUTO_MY_CLIENT_NET= is set to NETWORK_PREFIX+HOST_IDENTIFIER.
That's not what seems to happen. Anyway, we should have named
PLUTO_MY_CLIENT PLUTO_MY_CLIENT_CIDR or something, but we cannot
rename anything or put different content in any of these without
breaking every single custom updown script out there.
Paul
More information about the Swan-dev
mailing list