[Swan-dev] ikev1-hostpair-01 and c->prio

Andrew Cagney andrew.cagney at gmail.com
Fri Sep 25 00:36:02 UTC 2020


Comes from: connections: don't update an end when .host_addr is


In case the cause isn't obvious:

-> the config file has right[host]=%any
-> update_ends_from_this_host_addr() (nee default_end()) sees this and does
nothing (right.end.client.maskbits==0)
(before it would think %any was valid and set .end.client to %any/32 ->
right.end.client.maskbits==32; oops)
- set_policy_prio() computes c->prio using right.end.client.maskbits, hence
32,32(old) or 32,0(new)


-> when that.host_addr=%any, I think the new priority is correct
for instance, the narrower now has higher priority than %any

-> however, I suspect, when .host_addr is changed (ex, ddns), c->prio
should be re-computed

The other possibility is that the change is too aggressive and
update_ends_from_this_host_addr() should selectively update fields (for
instance, when %any, skip .host_port and skip that.host_nexthop)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan-dev/attachments/20200924/ce02370f/attachment.html>

More information about the Swan-dev mailing list