Hans-Joerg Hoexer wrote: > more correct diff: Cool. It occurs to me that the protocol ought to be included as well though: e.g.
[IPsec-10.1.1.6:10000-10.1.1.1:1701-17] That's because (in theory) you might have one SA for UDP and another SA for TCP. Other possibilities would be: [IPsec-10.1.1.6-10.1.1.1-17] or [IPsec-10.1.1.6:0-10.1.1.1:0-17] # protocol specified but ports not specified [IPsec-10.1.1.6-10.1.1.1] or [IPsec-10.1.1.6:0-10.1.1.1:0-0] # no protocol specified Regards, Brian.
