[src/trunk]: src/crypto/dist/ipsec-tools Add comments on how to use the hook ...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/crypto/dist/ipsec-tools Add comments on how to use the hook ...
From: manu <manu%NetBSD.org@localhost>
Date: Fri, 24 Jan 2020 17:30:03 +0000

details:   https://anonhg.NetBSD.org/src/rev/e2b6c8674434
branches:  trunk
changeset: 582963:e2b6c8674434
user:      manu <manu%NetBSD.org@localhost>
date:      Tue Jul 12 16:33:27 2005 +0000

description:
Add comments on how to use the hook scripts without NAT-T

diffstat:

 crypto/dist/ipsec-tools/ChangeLog                                            |  2 ++
 crypto/dist/ipsec-tools/src/racoon/samples/roadwarrior/client/phase1-down.sh |  5 +++++
 crypto/dist/ipsec-tools/src/racoon/samples/roadwarrior/client/phase1-up.sh   |  6 ++++++
 3 files changed, 13 insertions(+), 0 deletions(-)

diffs (49 lines):

diff -r fc0d45104154 -r e2b6c8674434 crypto/dist/ipsec-tools/ChangeLog
--- a/crypto/dist/ipsec-tools/ChangeLog Tue Jul 12 16:24:29 2005 +0000
+++ b/crypto/dist/ipsec-tools/ChangeLog Tue Jul 12 16:33:27 2005 +0000
@@ -6,6 +6,8 @@
 
 2005-07-12  Emmanuel Dreyfus  <manu%netbsd.org@localhost>
 
+       * src/racoon/samples/roadwarrior/client/{pahse1-up.sh|phase1-down.sh}:
+         Add comments for using the scripts without NAT-T
        * src/racoon/pfkey.c: Set IKE ports to 0 in the SA when NAT-T is not
          used. 
        * src/racoon/{admin.c|session.c}: Don't use adminport if it is 
diff -r fc0d45104154 -r e2b6c8674434 crypto/dist/ipsec-tools/src/racoon/samples/roadwarrior/client/phase1-down.sh
--- a/crypto/dist/ipsec-tools/src/racoon/samples/roadwarrior/client/phase1-down.sh      Tue Jul 12 16:24:29 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/samples/roadwarrior/client/phase1-down.sh      Tue Jul 12 16:33:27 2005 +0000
@@ -53,9 +53,14 @@
        ;;
 esac
 
+# Use this for a NAT-T setup
 LOCAL="${LOCAL_ADDR}[${LOCAL_PORT}]"
 REMOTE="${REMOTE_ADDR}[${REMOTE_PORT}]"
 
+# Use this for a non NAT-T setup
+#LOCAL="${LOCAL_ADDR}"
+#REMOTE="${REMOTE_ADDR}"
+
 echo "
 deleteall ${REMOTE_ADDR} ${LOCAL_ADDR} esp;
 deleteall ${LOCAL_ADDR} ${REMOTE_ADDR} esp; 
diff -r fc0d45104154 -r e2b6c8674434 crypto/dist/ipsec-tools/src/racoon/samples/roadwarrior/client/phase1-up.sh
--- a/crypto/dist/ipsec-tools/src/racoon/samples/roadwarrior/client/phase1-up.sh        Tue Jul 12 16:24:29 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/samples/roadwarrior/client/phase1-up.sh        Tue Jul 12 16:33:27 2005 +0000
@@ -46,9 +46,15 @@
        ;;
 esac
 
+# Use this for a NAT-T setup
 LOCAL="${LOCAL_ADDR}[${LOCAL_PORT}]"
 REMOTE="${REMOTE_ADDR}[${REMOTE_PORT}]"
 
+# Use this for a non NAT-T setup
+#LOCAL="${LOCAL_ADDR}"
+#REMOTE="${REMOTE_ADDR}"
+
+
 echo "
 spdadd ${INTERNAL_ADDR4}/32[any] 0.0.0.0/0[any] any
        -P out ipsec esp/tunnel/${LOCAL}-${REMOTE}/require;

Prev by Date: [src/trunk]: src/crypto/dist/ipsec-tools Backout botched patch, approved by E...
Next by Date: [src/trunk]: src/crypto/dist/ipsec-tools Don't use adminport when it is disabled
Previous by Thread: [src/trunk]: src/crypto/dist/ipsec-tools Backout botched patch, approved by E...
Next by Thread: [src/trunk]: src/crypto/dist/ipsec-tools Don't use adminport when it is disabled
Indexes:

Home | Main Index | Thread Index | Old Index