I added code to reject it, it didn't go well. In figuring out why I
found the existing code emits:
https://testing.libreswan.org/v3.30-722-g0c6a4c557f-master/ikev2-allow-narrow-03/OUTPUT/west.pluto.log.gz
| *****emit IKEv2 Traffic Selector:
| TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7)
| IP Protocol ID: 0 (00)
| start port: 1234 (04 d2)
| end port: 1234 (04 d2)
but for the ports:
o Start Port (2 octets, unsigned integer) - Value specifying the
smallest port number allowed by this Traffic Selector. For
protocols for which port is undefined (including protocol 0), or
if all ports are allowed, this field MUST be zero.
o End Port (2 octets, unsigned integer) - Value specifying the
largest port number allowed by this Traffic Selector. For
protocols for which port is undefined (including protocol 0), or
if all ports are allowed, this field MUST be 65535.
so what's the intent?
_______________________________________________
Swan-dev mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan-dev
