On Wed, 16 Sep 2020, Andrew Cagney wrote:
There is {left,right}ikeport?
Yes, but it does not seem to affect TCP :)
Paul
On Tue, 15 Sep 2020 at 22:48, Paul Wouters <[email protected]> wrote:
Some changes were made a while ago to the TCP port handling. You no
longer specify a port in 'config setup'. Instead there is
listen-tcp=yes|no and listen-udp=yes|no
For UDP, you can set custom ikeport's using leftikeport= and
rightikeport.
For TCP, you can set the port to connect to using tcp-remoteport=
But for the responder/server, we have no way now to specify a
non-default TCP port. Current default is 4500.
Should leftikeport/rightikeport be changed to also set the TCP
port? Or should we introduce a lefttcpikeport= and righttcpikeport= ?
Or should we add a config setup tcp-ports= option that defaults to 4500
but can be set to like 4500,443 ?
Note that we currently do not bind connections to ports. The connections
might open the specific port, but than any connection can use it. So
perhaps tcp-ports= is the easiest and cleanest solution ?
Paul
_______________________________________________
Swan-dev mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan-dev
_______________________________________________
Swan-dev mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan-dev
