That's perfect. Looking forward such a future release, in the meantime we still have options to support this Cisco VTI model.
Again, thank you very much for your prompt suggestions and advices. Cheers, -seb On Thu, 3 Dec 2015, Paul Wouters wrote: > >> So your use case would be fixed with leftpolicynets=a.b.c.d/32 and > >> rightpolicynets=0.0.0.0/0 > > > > Just to make sure: are you talking of future options or are they already > available? That sounds *exactly* like what I was looking for... > > (I can't find them in the current codebase, so maybe I didn't waste > > your time after all :) > > Future options, sorry. although it should not be too hard to implement. > It just needs to take a string and pass that to the updown script, which can > then run the iptables rules required. Possibly we need an option to generate > a unique mark so people don't have to specify the mark manually. > > Paul > _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
