[Swan-dev] when is ttosubnet(addr/mask:port) valid?
Andrew Cagney
andrew.cagney at gmail.com
Thu Dec 31 21:51:05 UTC 2020
One of the quirks of ttosubnet() is that it will parse:
1.2.3.0/24:10
(I suspect the idea is to allow 1.2.3.4/32:10, i.e., a selector with
one address and one port)?
So when, if ever, is this valid? I couldn't find it being used in
test cases (at least the pattern /[0-9]*: didn't match).
Looking around I found ttosubnet() is called for:
{left,right}subnet=... as ttosubnet() and one_subnet_from_string()
--client <subnet>
if anything these are selectors and could allow a port; but
perhaps only protoport= is ever used?
virtual-private= aka virtual_ip.c:read_subnet()
maybe?
read_foodgroup() (the policies files)
perhaps
More information about the Swan-dev
mailing list