[Ipsec-tools-devel] sainfo clause
Brought to you by:
mit_warlord,
netbsd
From: Paul M. <pau...@ce...> - 2009-03-02 22:23:23
|
Two questions a) the lifetime in bytes is deprecated. Why? I need to put it back in Did it work? b) wildcarding although the man page warns you about it the actual wildcard behavior makes the sainfo useless I want to say 'use 3des with life x on this subnet' I cannot do it It probably used to work linux to linux because racoon sent the subnet in its ID payload - but this is wrong and has been corrected So now it never works. I need to change this behavior so that incoming concrete addresses will match wildcarded sainfo entries this is a change of functionality but it seems like the current behavior is totally wrong |