[Swan-dev] 182 "westnet-eastnet-ikev2" #2: STATE_PARENT_I2: sent v2I2, expected v2R2 {auth=IKEv2 cipher=AES_GCM_16_256 integ=n/a prf=HMAC_SHA2_512 group=MODP2048}

Paul Wouters paul at nohats.ca
Wed Mar 11 13:10:43 UTC 2020

On Wed, 11 Mar 2020, Andrew Cagney wrote:

>>> - drop "STATE_PARENT_I2: "
>> It sounds like bad idea to rush this change. An identifier without spaces is
>> easy grep.
> This is an internal variable, it doesn't belong in user visible logs.
> It should be removed.

I agree with both of you.

> The text paul Proposes, namely:
>  sent IKE_AUTH request
> is more than sufficient
> I pulled the first part of the change as I discovered tests running:
>   ipsec status | grep STATE_
> that's wrong at so many levels.

It is, but it was easy. But those can be changed to "ipsec briefstatus"
which also just displays the states, without depending on the STATE_
string. But it will change the output slightly so it will require fixing
up a bunch of tests.


More information about the Swan-dev mailing list