[strongSwan-dev] query in child_cfg_create() function in file android_service.c
Thomas Egerer
hakke_007 at gmx.de
Wed Jan 14 22:18:54 CET 2015
Hi Ravi
you should refer to the apidoc [1] first. The documentation
says: 'hostaccess TRUE to allow access to the local host'
In a nutshell this triggers the default updown script to add
an iptables rule for the particular host to the INPUT/OUTPUT
chain.
Cheers, Thomas
[1]
http://www.strongswan.org/apidoc/group__child__cfg.html#ga890fe7c007e4d598eb602ecd9c695d96
On 01/14/2015 04:57 PM, Ravi Kanth Vanapalli wrote:
> Dear all,
>
> I have a query in the prototype for function child_cfg_create()
> I am writing it below for your quick reference..
> What does the 4th parameter 'hostaccess' mean ?
>
> Description reads below
>
> '@param hostaccess TRUE to allow access to the local host'
> 'access' refers to accessing the IKE_SA or ipsec SA or.. access is related
> to usability of the tunnel.
>
> Kindly help me understand this hostaccess attribute
>
>
> child_cfg_t *child_cfg_create(char *name, lifetime_cfg_t *lifetime,
> char *updown, bool hostaccess,
> ipsec_mode_t mode, action_t start_action,
> action_t dpd_action, action_t close_action,
> bool ipcomp, u_int32_t inactivity, u_int32_t reqid,
> mark_t *mark_in, mark_t *mark_out, u_int32_t tfc);
>
>
>
>
> _______________________________________________
> Dev mailing list
> Dev at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/dev
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20150114/60be8e01/attachment.pgp>
More information about the Dev
mailing list