I'm experiencing some issues with iked(8) and the first one took
me much longer than appreciated:  order of commands matters.

This works:

        ikev2 passive esp \
                inet6 \
                proto gre \
                from A to B \
                local any peer any

But switching `proto' and `inet' breaks it, not reporting any further

I ran into the broken config in the first place, tried a few iterations
and finally removed `proto' to "unbreak" it, thinking this particular
command was broken in general.

Since fixing parse.y is another journey I'm currently not up for, the
BUGS section seems appropiate until order is truly irrelevant.

Feedback? OK?

Index: iked.conf.5
RCS file: /cvs/src/sbin/iked/iked.conf.5,v
retrieving revision 1.61
diff -u -p -r1.61 iked.conf.5
--- iked.conf.5 10 Feb 2020 13:18:20 -0000      1.61
+++ iked.conf.5 14 Feb 2020 19:48:38 -0000
@@ -1006,3 +1006,5 @@ The
 .Xr iked 8
 program was written by
 .An Reyk Floeter Aq Mt r...@openbsd.org .
+Commands must be specified in the same order as documented.

Reply via email to