[Swan] What is the meaning of "leftprotoport=17/0" ?
Paul Wouters
paul at nohats.ca
Sun Nov 1 21:33:38 UTC 2015
The protoport= is a selector that narrows down the IP ranges specified in left/right (or leftsubnet/rightsubnet).
The example you quote had type=passthrough so it defines what will not be used for IPSec. The default is type=tunnel which means what to include for IPSec.
Sent from my iPhone
> On Nov 1, 2015, at 12:53, ChenHao <earthlovepython at outlook.com> wrote:
>
> Hi All:
>
> Based on example of /etc/ipsec.d/v6neighbor-hole.conf , the traffic of "ICMPv6 Neighbor Solicitation" or "ICMPv6 Neighbor Solicitation" in encrypted. Right ?
>
> So I think "leftprotoport=17/0" means all UDP traffic is NOT protected by IPSec. Right?
>
>
> Thanks and regards
>
> Hao Chen
>
>
> _______________________________________________
> Swan mailing list
> Swan at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20151102/42e15d34/attachment.html>
More information about the Swan
mailing list