[strongSwan] Question about multiple ports in left/right subnet
Dan Cook
onedsc at gmail.com
Wed Jul 23 21:54:13 CEST 2014
I am trying to figure out how to express port ranges in the left/right
subnet configuration in the ipsec.conf file.
I found a feature request here:
https://wiki.strongswan.org/issues/278
The resolution says:
"Starting with 5.1.0, port ranges can be configured for left/rightsubnet
selectors, refer to ipsec.conf(5) for details."
However there is no example of port ranges in the online docs. Is there an
example of a port range configuration that can be shared?
Also there is an additional comment:
"However, none of our kernel backends support such ranges. As it is
unlikely that such an extension will be accepted by the Linux networking
folks, we can't do much about it."
What exactly does that mean? If you configure ranges SS will:
1) do nothing - SS silently ignores them.
2) configure the range as individual ports (100-200) will be result in 200
connections being configured.
3) Try to send it to the kernel and hopelessly fail
4) throw an error and move on
What options do I have if I need to configure a range of ports?
Regards,
Dan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20140723/dd9d3c58/attachment.html>
More information about the Users
mailing list