[Swan-dev] better name for {left,right}ifaceip?

[Andrew Cagney]

I noticed this user visible addition:
    whack.h:  ip_subnet ifaceip;
    keywords.c:509:  { "iface-ip", kv_conn | kv_leftright ,
kt_subnet, KSCF_IFACE_IP, NULL, NULL, },
the problem I see is that, contrary to the name, it isn't an IP (i.e,
ip address).  Rather, to use IKEv2 terminology, its a traffic
selector.  In fact while:
   1.2.3.0/24
   101.102.103.104/32:65535
are valid, a simple IP address such as:
  1.2.3.4
is not (see ip_subnet_check.c).

A quick fix would be to drop the "ip" from the new user-visible name?

However, this is confounded by libreswan's existing plithera of
options that either implicitly, or explicitly, specify traffic
selectors (these are the ones I stumbled across, there are probably
more):
  sourceip= - only allows IP addresses and is considered mutually
exclusive to ifaceip=, I'm not sure why
  subnet=
  subnets= - who knew there was already a way to describe multiple
traffic selectors
  addresspool=

This makes me wonder if the new ifaceip= option is needed, and instead
one of the above should be reused?
Strongswan, for instance, seems to have extended sourceip= so that it
accepts subnets, see  interop-ikev2-strongswan-39-mobike-responder).

Andrew

PS: per the below from ip_subnet.h, ip_subnet is becoming a really
unfortunate choice of name

 * This is not the subnet you're looking for.
 *
 * In libreswan ip_subnet is used to store client routing information.
 * IKEv2 calls this traffic selectors and it allows the negotiation
 * of:
 *
 *    LO_ADDRESS..HI_ADDRESS : LO_PORT..HI_PORT
 *
 * The structures below can only handle a limited subset of this,
 * namely:
 *
 *    NETWORK_PREFIX | 0 / MASK : PORT
 *
 * where PORT==0 imples 0..65535, and (presumably) port can only be
 * non-zero when the NETWORK_PREFIX/MASK is for a single address.