[Openswan dev] Using left=%defaultroute without
interfaces=%defaultroute fix
Tuomo Soini
tis at foobar.fi
Thu Jun 3 23:43:56 CEST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Paul Wouters wrote:
| interfaces="%defaultroute ipsec1=eth1"
Yep, That's what I use too.
| At least, it didnt break my eth0-ipsec0 (I didnt test running ipsec on
eth1)
It will work too.
| Now, this is far from intuitive. As a fix, I would want to propose to have
| _startklips try to calculate $defaultrouteaddr and $defaultroutenexthop
| regardless of the occurance of %defaultroute in the interfaces line.
| This ensures that any referene later in a left=%defaultroute will work
| when someone specifies multiple ipsecX interfaces without using
%defaultroute.
| Comments?
Sounds good and simple solution. Then you can define
interfaces="ipsec0=eth0 ipsec1=ppp0 ipsec2=wlan0"
And if your defaultroute is via wlan0 and you have connections with
%defaultroute it's using ipsec2 interface. And if you have defaultroute
via ppp0, right=%defaultroute would work via that...
I think this could help a lot with virtual ip and multiple interfaces
road warrior configs.
- --
Tuomo Soini <tis at foobar.fi>
Linux and network services
+358 40 5240030
Foobar Oy <http://foobar.fi/>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFAv397TlrZKzwul1ERAjZ8AJ9oSqBYRyEG3rZbLmCPtOEW99zGCgCgn3Ya
oo6QVfzngCH4uLCltAynBQ8=
=fpqF
-----END PGP SIGNATURE-----
More information about the Dev
mailing list