Work-Item: Support for custom ports Branch: dynamic-ports, merged to master
Schedule: 4.4.0 Rationale: In some scenarios, it might be useful to use custom source and destination ports for IKE packets. This is not specified in IKEv2, but should be compatible to existing implementations. IKEv2 uses non-ESP markers in packets sent on port 4500; we apply this rule to any packet which is not sent or received on port 500. Port floating is done only if a port of 500 is used. A new socket implementation is required that dynamically binds the required ports. API changes: The ike_cfg_create() constructor gained two new parameters, local and remote ports. Pass IKEV2_UDP_PORT to retain the existing behavior. The existing socket and raw-socket implementations have been migrated to separated plugins: socket-default and socket-raw. The dynamically binding socket implementation is provided via the socket-dynamic plugin. The socket-raw plugin is the only one compatible to pluto and is enforced if pluto is built. _______________________________________________ Dev mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/dev
