[Ipsec-tools-devel] unknown AF error in ipsec-tools-0.7.2

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Hello everybody,

I wanted to share my observation with you about ipsec-tools-0.7.2.

In racoon configuration file, if the remote directive is written for
anonymous rather than for a specific node, error:unknown AF = 0 message
is being seen on the console. It gives error, but it sets up the IKE
connection succesfully

I think this is not an error. When the remote is anonymous, the value of the
variable rmconf->remote->sa_family seems to be 0 (rmconf->remote->sa_address
is also not meaningful). When extract_port function is called with the
parameter rmconf->remote, it returns the error mentioned. Because it makes
an AF control inside extract_port function. There may be ways to solve the
problem I think. For example, rmconf->remote == iph2->dst operation may be
realized. This is just an idea of course.

I may have lost any point but I wanted to share this with you. This may be
fixed in later versions.

Thanks.

Neslihan