On Tue, 6 Aug 2019, Andrew Cagney wrote: Examples filled in for my vpn.nohats.ca connection:
I'm looking at this code: jam(buf, "PLUTO_MY_CLIENT='"); jam_subnet(buf, &sr->this.client); jam(buf, "' ");
PLUTO_MY_CLIENT='193.111.228.70/32'
jam(buf, "PLUTO_MY_CLIENT_NET='"); ta = subnet_endpoint(&sr->this.client); jam_address(buf, &ta); jam(buf, "' ");
PLUTO_MY_CLIENT_NET='193.111.228.70'
jam(buf, "PLUTO_MY_CLIENT_MASK='"); ta = subnet_mask(&sr->this.client); jam_address(buf, &ta); jam(buf, "' ");
PLUTO_MY_CLIENT_MASK='255.255.255.255'
If you go by the names you'd think that an ip_subnet contained network-prefix + mask-bits, but based on how it is used, it can contain NETWORK_PREFIX+HOST_IDENTIFIER : PORT / MASK-BITS which means in the above, PLUTO_MY_CLIENT_NET= is set to NETWORK_PREFIX+HOST_IDENTIFIER.
That's not what seems to happen. Anyway, we should have named PLUTO_MY_CLIENT PLUTO_MY_CLIENT_CIDR or something, but we cannot rename anything or put different content in any of these without breaking every single custom updown script out there. Paul _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
