[Swan-dev] leftikeport= does not set tcp port
Paul Wouters
paul at nohats.ca
Wed Sep 16 13:02:55 UTC 2020
On Wed, 16 Sep 2020, Andrew Cagney wrote:
> There is {left,right}ikeport?
Yes, but it does not seem to affect TCP :)
Paul
> On Tue, 15 Sep 2020 at 22:48, Paul Wouters <paul at nohats.ca> wrote:
>
> Some changes were made a while ago to the TCP port handling. You no
> longer specify a port in 'config setup'. Instead there is
> listen-tcp=yes|no and listen-udp=yes|no
>
> For UDP, you can set custom ikeport's using leftikeport= and
> rightikeport.
>
> For TCP, you can set the port to connect to using tcp-remoteport=
>
> But for the responder/server, we have no way now to specify a
> non-default TCP port. Current default is 4500.
>
> Should leftikeport/rightikeport be changed to also set the TCP
> port? Or should we introduce a lefttcpikeport= and righttcpikeport= ?
>
> Or should we add a config setup tcp-ports= option that defaults to 4500
> but can be set to like 4500,443 ?
>
> Note that we currently do not bind connections to ports. The connections
> might open the specific port, but than any connection can use it. So
> perhaps tcp-ports= is the easiest and cleanest solution ?
>
> Paul
> _______________________________________________
> Swan-dev mailing list
> Swan-dev at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan-dev
>
>
>
More information about the Swan-dev
mailing list