[prev in list] [next in list] [prev in thread] [next in thread]
List: strongswan-announce
Subject: [strongSwan-dev] WI: Support for custom ports
From: Martin Willi <martin () strongswan ! org>
Date: 2010-02-26 11:18:09
Message-ID: 1267183089.2365.46.camel () desktop
[Download RAW message or body]
Work-Item: Support for custom ports
Branch: dynamic-ports, merged to master
Schedule: 4.4.0
Rationale:
In some scenarios, it might be useful to use custom source and
destination ports for IKE packets. This is not specified in IKEv2, but
should be compatible to existing implementations. IKEv2 uses non-ESP
markers in packets sent on port 4500; we apply this rule to any packet
which is not sent or received on port 500. Port floating is done only if
a port of 500 is used.
A new socket implementation is required that dynamically binds the
required ports.
API changes:
The ike_cfg_create() constructor gained two new parameters, local and
remote ports. Pass IKEV2_UDP_PORT to retain the existing behavior.
The existing socket and raw-socket implementations have been migrated to
separated plugins: socket-default and socket-raw. The dynamically
binding socket implementation is provided via the socket-dynamic plugin.
The socket-raw plugin is the only one compatible to pluto and is
enforced if pluto is built.
_______________________________________________
Dev mailing list
Dev@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/dev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic