[Swan] Interworking with Cisco VTI model (any-to-any tunnel, selected routing)

Paul Wouters paul at nohats.ca
Thu Dec 3 16:57:20 UTC 2015


On Thu, 3 Dec 2015, Sébastien Lefevre wrote:

> On Thu, 3 Dec 2015, Paul Wouters wrote:
>
>> So your use case would be fixed with leftpolicynets=a.b.c.d/32 and
>> rightpolicynets=0.0.0.0/0
>
> Just to make sure: are you talking of future options or are they already available? That sounds *exactly* like what I was looking for...
> (I can't find them in the current codebase, so maybe I didn't waste your time after all :)

Future options, sorry. although it should not be too hard to implement.
It just needs to take a string and pass that to the updown script,
which can then run the iptables rules required. Possibly we need
an option to generate a unique mark so people don't have to specify
the mark manually.

Paul




More information about the Swan mailing list