Re: [Swan] IPv4 and IPv6 through a single IPSec connection

Not yet in 4.9. But work to support this has recently started. Sent using a virtual keyboard on a phone > On Oct 28, 2022, at 19:52, Nestor Melo wrote: > >  > Hi, > > > We would like to configure a single IPSec connection that would handle both > IPv4 and IPv6 traffic. > > We considered

[Swan-commit] Changes to ref refs/heads/main

New commits: commit ffb7aeecbba686f4e209df27a1bad170f2f8ed51 Author: Andrew Cagney Date: Fri Oct 28 15:19:14 2022 -0400 installing: FINALNSSDIR -> NSSDIR also known as IPSEC_NSSDIR; #887 commit 36ecae78f0a7ad28c97d5f8459bed49fc0673558 Author: Andrew Cagney Date: Fri Oct 28

[Swan] IPv4 and IPv6 through a single IPSec connection

Hi, We would like to configure a single IPSec connection that would handle both IPv4 and IPv6 traffic. We considered multiple child SA sharing a single IKE SA: conn tunnel46 auto=start leftid=@left left=%eth0 rightid=@right right=172.31.0.1

[Swan-commit] Changes to ref refs/heads/main

New commits: commit 6bcdc0867796d44e675c2cd1255eee8c0b2ce9b8 Author: Andrew Cagney Date: Fri Oct 28 19:48:56 2022 -0400 testing: fix subnet= entries with a non-zero host-part ... even for ipv6; #898. ___ Swan-commit mailing list

[Swan-commit] Changes to ref refs/heads/main

New commits: commit 7908aa6be76bbee715bed4c094929bc09d497928 Author: Andrew Cagney Date: Fri Oct 28 18:37:10 2022 -0400 connections: when IKEv2 and no protoport, parse subnet= as a list ... but then reject when more than one element (for now). The list is saved in

[Swan-commit] Changes to ref refs/heads/main

New commits: commit 0541cc9bd32aa5cf83ecabd05a6c1e3e7b5da253 Author: Andrew Cagney Date: Fri Oct 28 15:20:25 2022 -0400 connections: add unshare_connection_spd_end() Hack (for now) to unshare a connection's spd list. ___ Swan-commit

[Swan-dev] heads up, the great spd scramble

I'm about to change "spd" in struct connection to a pointer; that is from: struct spd_route spd; to: struct spd_route *spd; My motivation is to make the code generating a list of SPDs from subnets simpler (I'm guessing the first spd was embedded in the connection as a memory optimization).

[Swan-commit] Changes to ref refs/heads/main

New commits: commit 7eac6384e1a2c1b5d3a3260eddaa2aeb1a1044ab Author: Andrew Cagney Date: Fri Oct 28 12:16:18 2022 -0400 building: @FINAL...@ -> @@...@@ - drop FINAL prefix from substitutions - use double-@ as in @@...@@ following GNU configure's convention

[Swan-commit] Changes to ref refs/heads/main

New commits: commit f59855ffe317566b099142d36f4a589f7cb85a00 Author: Andrew Cagney Date: Fri Oct 28 10:12:06 2022 -0400 testing: update libipsecconf-02 to match latest error text commit e37c80229cb2f19497f151515a1460336ead0e71 Author: Andrew Cagney Date: Fri Oct 28 10:11:47 2022 -0400