Thank you so much.Will try it now. For multiple interfaces, do space separated ip addresses work?
From: Andrew Cagney <[email protected]> Date: Tuesday, April 1, 2025 at 6:48 PM To: Mamta Gambhir <[email protected]> Cc: [email protected] <[email protected]> Subject: [External] : Re: [Swan] Exclude interfaces listen=IP see https://urldefense.com/v3/__https://testing.libreswan.org/v5.2-344-g6f074291e0/addconn-21-config-setup-listen/__;!!ACWV5N9M2RV99hQ!Lq5eV7WhbSPS7gw3QsQlH87g-uI9Xt5yJXT1tW-x__3VxmL79_seXcLcuQAvmJLfGm9TmQt2xbDb9nlYlEWeaW8KwA$<https://urldefense.com/v3/__https:/testing.libreswan.org/v5.2-344-g6f074291e0/addconn-21-config-setup-listen/__;!!ACWV5N9M2RV99hQ!Lq5eV7WhbSPS7gw3QsQlH87g-uI9Xt5yJXT1tW-x__3VxmL79_seXcLcuQAvmJLfGm9TmQt2xbDb9nlYlEWeaW8KwA$> On Tue, 1 Apr 2025 at 17:08, Mamta Gambhir via Swan <[email protected]> wrote: > > Hello, > > s there any way to exclude certain interfaces completely on ipsec start i.e > when pluto daemon does addconn it skips say interface - dlre1 and only adds > dlre0. > > Basically those interfaces stay invisible to pluto. > > > > Mar 26 15:22:14 pluto[18722]: listening for IKE messages > > Mar 26 15:22:14 pluto[18722]: Kernel supports NIC esp-hw-offload > > Mar 26 15:22:14 pluto[18722]: adding UDP interface dlre1 10.106.135.28:500 > > Mar 26 15:22:14 pluto[18722]: adding UDP interface dlre1 10.106.135.28:4500 > > Mar 26 15:22:14 com pluto[18722]: adding UDP interface dlre0 192.168.58.99:500 > > Mar 26 15:22:14 pluto[18722]: adding UDP interface dlre0 192.168.58.99:4500 > > Mar 26 15:22:14 pluto[18722]: adding UDP interface eth0 10.31.10.8:500 > > > > I couldn’t find anything in ipsec.conf to do that. > > Thanks > > Mamta > > _______________________________________________ > Swan mailing list -- [email protected] > To unsubscribe send an email to [email protected]
_______________________________________________ Swan mailing list -- [email protected] To unsubscribe send an email to [email protected]
