[Swan] leftsourceip functionality with libreswan-3.0

Paul Wouters paul at nohats.ca
Sun Jan 6 19:06:10 EET 2013


On Sun, 6 Jan 2013, Paul Wouters wrote:

>> 192.168.2.101 via 192.168.1.1 dev eth0  src 192.168.1.2

I am actually seeing an interesting thing on the east-west test case!

east has two interfaces, eth0 with 192.0.2.254/24 and eth1 with 192.1.2.23/24
west has two interfaces, eth0 with 192.0.1.254/24 and eth1 with 192.1.2.45/24

On east I see:
192.0.2.0/24 dev eth0  proto kernel  scope link  src 192.0.2.254

On west I see:
192.0.1.0/24 dev eth0  proto kernel  scope link  src 192.0.1.254

This is wrong. What is expected is:

east:
192.0.1.0/24 dev eth0  proto kernel  scope link  src 192.0.2.254

west:
192.0.2.0/24 dev eth0  proto kernel  scope link  src 192.0.1.254

This is without sourceip= values specified. It seems the addconn code
picks the _other ends_ sourceip value!

When I define these:

 	leftsourceip=192.0.1.254
 	rightsourceip=192.0.2.254

things work. So that means the addconn.c code is picking up the wrong
end's value when it tries to fill these in when they are not specified.
This is a bug in the addconn.c code.

Paul


More information about the Swan mailing list