[Swan-dev] 182 "westnet-eastnet-ikev2" #2: STATE_PARENT_I2: sent v2I2, expected v2R2 {auth=IKEv2 cipher=AES_GCM_16_256 integ=n/a prf=HMAC_SHA2_512 group=MODP2048}
Paul Wouters
paul at nohats.ca
Wed Mar 11 13:10:43 UTC 2020
On Wed, 11 Mar 2020, Andrew Cagney wrote:
>>> - drop "STATE_PARENT_I2: "
>>
>> It sounds like bad idea to rush this change. An identifier without spaces is
>> easy grep.
>
> This is an internal variable, it doesn't belong in user visible logs.
> It should be removed.
I agree with both of you.
> The text paul Proposes, namely:
> sent IKE_AUTH request
> is more than sufficient
>
> I pulled the first part of the change as I discovered tests running:
> ipsec status | grep STATE_
> that's wrong at so many levels.
It is, but it was easy. But those can be changed to "ipsec briefstatus"
which also just displays the states, without depending on the STATE_
string. But it will change the output slightly so it will require fixing
up a bunch of tests.
Paul
More information about the Swan-dev
mailing list