[Swan] leftsourceip functionality with libreswan-3.0
Paul Wouters
paul at nohats.ca
Sun Jan 6 19:06:10 EET 2013
On Sun, 6 Jan 2013, Paul Wouters wrote:
>> 192.168.2.101 via 192.168.1.1 dev eth0 src 192.168.1.2
I am actually seeing an interesting thing on the east-west test case!
east has two interfaces, eth0 with 192.0.2.254/24 and eth1 with 192.1.2.23/24
west has two interfaces, eth0 with 192.0.1.254/24 and eth1 with 192.1.2.45/24
On east I see:
192.0.2.0/24 dev eth0 proto kernel scope link src 192.0.2.254
On west I see:
192.0.1.0/24 dev eth0 proto kernel scope link src 192.0.1.254
This is wrong. What is expected is:
east:
192.0.1.0/24 dev eth0 proto kernel scope link src 192.0.2.254
west:
192.0.2.0/24 dev eth0 proto kernel scope link src 192.0.1.254
This is without sourceip= values specified. It seems the addconn code
picks the _other ends_ sourceip value!
When I define these:
leftsourceip=192.0.1.254
rightsourceip=192.0.2.254
things work. So that means the addconn.c code is picking up the wrong
end's value when it tries to fill these in when they are not specified.
This is a bug in the addconn.c code.
Paul
More information about the Swan
mailing list