path: root/man/ipsec.secrets.5.in
diff options
authorTobias Brunner <tobias@strongswan.org>2012-10-29 10:06:43 +0100
committerTobias Brunner <tobias@strongswan.org>2012-10-29 10:06:43 +0100
commit3689f0f6cca71aed0f63afbf0814e7ba93a03d2f (patch)
tree418a96c1f9797ee26e0639d0229342b731656c31 /man/ipsec.secrets.5.in
parentf30962de7445abfd13a9f73f15f71b46920b5eb2 (diff)
FQDNs are actually not resolved when loading secrets
Diffstat (limited to 'man/ipsec.secrets.5.in')
1 files changed, 1 insertions, 7 deletions
diff --git a/man/ipsec.secrets.5.in b/man/ipsec.secrets.5.in
index 5a61688c6..319d4856b 100644
--- a/man/ipsec.secrets.5.in
+++ b/man/ipsec.secrets.5.in
@@ -37,13 +37,7 @@ by whitespace. If no ID selectors are specified the line must start with a
A selector is an IP address, a Fully Qualified Domain Name, user@FQDN,
-\fB%any\fP or \fB%any6\fP (other kinds may come). An IP address may be written
-in the familiar dotted quad form or as a domain name to be looked up
-when the file is loaded.
-In many cases it is a bad idea to use domain names because
-the name server may not be running or may be insecure. To denote a
-Fully Qualified Domain Name (as opposed to an IP address denoted by
-its domain name), precede the name with an at sign (\fB@\fP).
+\fB%any\fP or \fB%any6\fP (other kinds may come).
Matching IDs with selectors is fairly straightforward: they have to be
equal. In the case of a ``Road Warrior'' connection, if an equal