diff options
| author | Martin Willi <martin@revosec.ch> | 2013-06-05 11:43:19 +0200 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2013-06-19 16:36:01 +0200 |
| commit | 483a258ad81c65e85a44b98691d9d29efb23e5da (patch) | |
| tree | 70e41bb86e084c7f12221eb19c953ab84ed46d6c | |
| parent | 3d1af879d2b8c4dbb8d87aa5ca478e37dadb6dc8 (diff) | |
| download | strongswan-483a258ad81c65e85a44b98691d9d29efb23e5da.tar.bz2 strongswan-483a258ad81c65e85a44b98691d9d29efb23e5da.tar.xz | |
stroke: support %dynamic in left/rightsubnet for dynamic selectors
This has the same meaning as omitting left/rightsubnet, i.e. replace it
by the IKE address. Supporting %dynamic allows configurations with multiple
dynamic selectors in a left/rightsubnet, each with potentially different
proto/port selectors.
| -rw-r--r-- | src/libcharon/plugins/stroke/stroke_config.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/src/libcharon/plugins/stroke/stroke_config.c b/src/libcharon/plugins/stroke/stroke_config.c index 9db9e01fd..64af5bb9c 100644 --- a/src/libcharon/plugins/stroke/stroke_config.c +++ b/src/libcharon/plugins/stroke/stroke_config.c @@ -1020,8 +1020,16 @@ static void add_ts(private_stroke_config_t *this, continue; } } - ts = traffic_selector_create_from_cidr(subnet, proto, - from_port, to_port); + if (streq(subnet, "%dynamic")) + { + ts = traffic_selector_create_dynamic(proto, + from_port, to_port); + } + else + { + ts = traffic_selector_create_from_cidr(subnet, proto, + from_port, to_port); + } if (ts) { child_cfg->add_traffic_selector(child_cfg, local, ts); |