1 files changed, 8 insertions, 5 deletions

diff --git a/src/libcharon/config/ike_cfg.h b/src/libcharon/config/ike_cfg.h
index 0540e93f3..f9e4fbebc 100644
--- a/src/libcharon/config/ike_cfg.h
+++ b/src/libcharon/config/ike_cfg.h
@@ -230,24 +230,27 @@ struct ike_cfg_t {
 /**
  * Creates a ike_cfg_t object.
  *
- * Supplied hosts become owned by ike_cfg, the name gets cloned.
+ * Supplied hosts become owned by ike_cfg, strings get cloned.
+ *
+ * me and other are comma separated lists of IP addresses, DNS names, IP ranges
+ * or subnets. When initiating, the first non-range/subnet address is used
+ * as address. When responding, a match is performed against all items in the
+ * list.
  *
  * @param version			IKE major version to use for this config
  * @param certreq			TRUE to send a certificate request
  * @param force_encap		enforce UDP encapsulation by faking NATD notify
  * @param me				address/DNS name of local peer
- * @param my_allow_any		allow override of local address by any address
  * @param my_port			IKE port to use as source, 500 uses IKEv2 port floating
  * @param other				address/DNS name of remote peer
- * @param other_allow_any	allow override of remote address by any address
  * @param other_port		IKE port to use as dest, 500 uses IKEv2 port floating
  * @param fragmentation		use IKEv1 fragmentation
  * @param dscp				DSCP value to send IKE packets with
  * @return 					ike_cfg_t object.
  */
 ike_cfg_t *ike_cfg_create(ike_version_t version, bool certreq, bool force_encap,
-						  char *me, bool my_allow_any, u_int16_t my_port,
-						  char *other, bool other_allow_any, u_int16_t other_port,
+						  char *me, u_int16_t my_port,
+						  char *other, u_int16_t other_port,
 						  fragmentation_t fragmentation, u_int8_t dscp);
 
 #endif /** IKE_CFG_H_ @}*/