[strongSwan] does Strongswan Android Playstore app using socket_dynamic or socket_default plugin
Noel Kuntze
noel at familie-kuntze.de
Tue Dec 23 20:10:20 CET 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hello Ravi
The socket-dynamic plugin enables strongSwan to listen on an arbitrary port and not on udp ports 500 and 4500.
That enables you to avoid having to use SNAT to masquerade IPsec traffic in cases the ports 500 and 4500 are blocked
on a firewall or other issues exist with those ports. The socket-dynamic plugin is regarded as experimental and rather untested
while the socket-default plugin is used by default and is hence very very well tested and works just fine.
Sadly, I do not know what plugin is used in the Android app. As ports in the lower range are reserved and only bindable
as root user or with the necessary privileges, I suspect that the strongSwan app for Android uses the socket-dynamic plugin.
Mit freundlichen Grüßen/Regards,
Noel Kuntze
GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
Am 23.12.2014 um 16:42 schrieb Ravi Kanth Vanapalli:
> Dear All,
>
> Please let us know if Strongswan Android play store app uses which of the following plugins
> for socket writing.
>
> socket_default_plugin or socket_dynamic_plugin.
>
> I was trying to understand the data path and ran into this issue where there were two plugins to write information out.
>
> Kindly help me undestand the advantages of using socket_dynamic_plugin over socket_default_plugin. Which one is used when ?
>
> --
> Regards,
> RaviKanth VN Vanapalli
>
>
>
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJUmb4bAAoJEDg5KY9j7GZYEXoQAJFLoPNIfJB75Dy6nrnjYVq+
NC9hvXwd9sRCpjABk6VNbBeo9GIA8JPJs/NqK+Adw/DpcFK3U2khWjK8yrFJvSHr
1JKBlydRobAZDRIfPg26njD+clzfaEMHiyeU/6HXVODmVIEsEugkVpcyhcoD/kyk
mrbHVHTm+PLnv90ooaGoBtsIvcA1NR6CW8DW4YDrYZ0E6kXmmb/Rahg58tbiHgrL
ReS/KjUAGHzY1Z5FKCKRjbxG0yuz8ZGrmikdvPD8npjeJPIVn4ZkccjAvyjSErXr
B0mbglmUUSzQhLOtptoRjiCL8/qcGtIOJci5KwwdxoAhnjFHMM/KzlEesU6LPi9k
iWGq9SU24g+rjjcHPNUx25buGEmUGQbgbIK3dE2f4KaThI2yO3PLlghvP3mAyqja
9SIIuI6BGWEJZDnQTGZv0a05c8w0AaUV2OnmzzFDy4SG3rV2p0MmQy7jZus7NUC7
wAagmnEtYCmvDwK4WsBOzr/dhvOMseC5DUpd8dw3DoDRNRdOsBlVA4XxkxOsCAZ9
KWja1+RXvShoLchscz6Ks347qAB2GiHRpcQc3EavGHXslcyiM0CVuRxdrvNs2Lof
68atcVIWq2QCEpyIl3x4FOaiQh8z93GWzIT0fvlWhk5qbKGAZV1ppBn+E11Nvj7Z
yLkaBYQyZ6QgaS+KDVO6
=KxK1
-----END PGP SIGNATURE-----
More information about the Users
mailing list