[strongSwan-dev] logging: unique connection IDs?
Tobias Brunner
tobias at strongswan.org
Fri Aug 16 15:27:13 CEST 2019
Hi Harald,
> if I restart charon, then the connection IDs in the logfile start
> by 1 again, making logfile analysis pretty difficult. The IDs are
> not unique.
Couldn't you e.g. split the log based on messages referring to the
daemon's restart before analyzing it (or consider the timestamps in your
analysis).
> Would it be possible to use a random number for the first ID after
> a restart instead? Still not perfect, but the chance to get unique
> IDs is much higher.
Hm, these are simply static variables initialized to zero (one for IKE
and one for CHILD SAs). I suppose it would theoretically be possible to
initialize them to a random value as an option somehow. But we'd have
to make sure they are only initialized once, so wrap-arounds and
concurrency are handled properly, however, we don't have a portable
pthread_once abstraction yet.
Regards,
Tobias
More information about the Dev
mailing list