[Swan-dev] pluto: follow up on 8d9c30bfd93e3e7d (pluto: Ensure PLUTO_PEER_CLIENT= has netmask included)
Andrew Cagney
andrew.cagney at gmail.com
Thu Oct 28 15:04:53 UTC 2021
This got me curious, why would PLUTO_PEER_CLIENT need to be set to the
host and not client address. Adding a pexpect turned this up:
ikev1-l2tp-02 EXPECTATION FAILED: selector=192.1.3.33/32:UDP/1701 ==
address=192.1.2.254 (jam_common_shell_out() +467
programs/pluto/kernel.c)
ikev1-nat-transport-02 EXPECTATION FAILED:
selector=192.1.3.33/32:TCP/0-65535 == address=192.1.2.254
(jam_common_shell_out() +467 programs/pluto/kernel.c)
I guess it is one of those asymmetric l2tp things.
On Wed, 27 Oct 2021 at 15:14, Paul Wouters <paul at vault.libreswan.fi> wrote:
>
> New commits:
> commit 4aadfc961ca9872b94b9cb05a15356c5adb887d3
> Author: Paul Wouters <paul.wouters at aiven.io>
> Date: Wed Oct 27 15:04:32 2021 -0400
>
> pluto: follow up on 8d9c30bfd93e3e7d
>
> The original NAT support with transport mode was correct, but it
> needed to have a mask added to PLUTO_PEER_CLIENT
>
> _______________________________________________
> Swan-commit mailing list
> Swan-commit at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan-commit
More information about the Swan-dev
mailing list