[Swan] What is the meaning of "leftprotoport=17/0" ?

ChenHao earthlovepython at outlook.com
Sun Nov 1 04:01:39 UTC 2015

Hi All:
Based on example of /etc/ipsec.d/v6neighbor-hole.conf , the traffic of "ICMPv6 Neighbor Solicitation" or "ICMPv6 Neighbor Solicitation" in encrypted.  Right ? 
So I think "leftprotoport=17/0" means all UDP traffic is NOT protected by IPSec. Right? 
But my colleague thinks "leftprotoport=17/0" as:===========================================if the protocol is UDP send it through the channelwhich means encrypt and send then other party receives and decryptsif the protocol is not UDP then cannot use the tunnelso it works as it is designed
Is it correct ???
Thanks and regards
Hao Chen 

Swan mailing list
Swan at lists.libreswan.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20151031/f7eb29e7/attachment-0001.html>

More information about the Swan mailing list