I am trying to figure out how to express port ranges in the left/right subnet configuration in the ipsec.conf file.
I found a feature request here: https://wiki.strongswan.org/issues/278 The resolution says: "Starting with 5.1.0, port ranges can be configured for left/rightsubnet selectors, refer to ipsec.conf(5) for details." However there is no example of port ranges in the online docs. Is there an example of a port range configuration that can be shared? Also there is an additional comment: "However, none of our kernel backends support such ranges. As it is unlikely that such an extension will be accepted by the Linux networking folks, we can't do much about it." What exactly does that mean? If you configure ranges SS will: 1) do nothing - SS silently ignores them. 2) configure the range as individual ports (100-200) will be result in 200 connections being configured. 3) Try to send it to the kernel and hopelessly fail 4) throw an error and move on What options do I have if I need to configure a range of ports? Regards, Dan
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
