stroke_end_t *end, child_cfg_t *child_cfg, bool local)
{
traffic_selector_t *ts;
- u_int16_t from_port, to_port;
-
- if (end->port)
- {
- from_port = to_port = end->port;
- }
- else
- {
- from_port = 0;
- to_port = 65535;
- }
if (end->tohost)
{
- ts = traffic_selector_create_dynamic(end->protocol, from_port, to_port);
+ ts = traffic_selector_create_dynamic(end->protocol,
+ end->from_port, end->to_port);
child_cfg->add_traffic_selector(child_cfg, local, ts);
}
else
if (net)
{
ts = traffic_selector_create_from_subnet(net, 0, end->protocol,
- from_port, to_port);
+ end->from_port, end->to_port);
child_cfg->add_traffic_selector(child_cfg, local, ts);
}
}
while (enumerator->enumerate(enumerator, &subnet))
{
ts = traffic_selector_create_from_cidr(subnet, end->protocol,
- from_port, to_port);
+ end->from_port, end->to_port);
if (ts)
{
child_cfg->add_traffic_selector(child_cfg, local, ts);
return FALSE;
VARCMP(modecfg);
- VARCMP(port);
+ VARCMP(from_port);
+ VARCMP(to_port);
VARCMP(protocol);
return cmp_args(KW_END_FIRST, KW_END_LAST, (char *)c1, (char *)c2);
return cmp_args(KW_CA_NAME, KW_CA_LAST, (char *)c1, (char *)c2);
}
-
cfg->conn_default.left.ikeport = 500;
cfg->conn_default.right.ikeport = 500;
+ cfg->conn_default.left.to_port = 0xffff;
+ cfg->conn_default.right.to_port = 0xffff;
+
cfg->ca_default.seen = SEEN_NONE;
}
}
if (streq(port, "%any"))
{
- end->port = 0;
+ end->from_port = 0;
+ end->to_port = 0xffff;
}
else
{
svc = getservbyname(port, NULL);
if (svc)
{
- end->port = ntohs(svc->s_port);
+ end->from_port = end->to_port = ntohs(svc->s_port);
}
else
{
DBG1(DBG_APP, "# bad port: %s=%s", name, value);
goto err;
}
- end->port = (u_int16_t)p;
+ end->from_port = end->to_port = (u_int16_t)p;
}
}
if (sep)
bool hostaccess;
bool allow_any;
char *updown;
- u_int16_t port;
+ u_int16_t from_port;
+ u_int16_t to_port;
u_int8_t protocol;
char *sourceip;
char *dns;
extern void confread_free(starter_config_t *cfg);
#endif /* _IPSEC_CONFREAD_H_ */
-
msg_end->tohost = !conn_end->subnet;
msg_end->allow_any = conn_end->allow_any;
msg_end->protocol = conn_end->protocol;
- msg_end->port = conn_end->port;
+ msg_end->from_port = conn_end->from_port;
+ msg_end->to_port = conn_end->to_port;
}
int starter_stroke_add_conn(starter_config_t *cfg, starter_conn_t *conn)
}
return 0;
}
-
msg.add_conn.me.ikeport = 500;
msg.add_conn.me.subnets = push_string(&msg, my_nets);
msg.add_conn.me.sendcert = 1;
+ msg.add_conn.me.to_port = 65535;
msg.add_conn.other.id = push_string(&msg, other_id);
msg.add_conn.other.address = push_string(&msg, other_addr);
msg.add_conn.other.ikeport = 500;
msg.add_conn.other.subnets = push_string(&msg, other_nets);
msg.add_conn.other.sendcert = 1;
+ msg.add_conn.other.to_port = 65535;
return send_stroke_msg(&msg);
}
int tohost;
int allow_any;
u_int8_t protocol;
- u_int16_t port;
+ u_int16_t from_port;
+ u_int16_t to_port;
};
typedef struct stroke_msg_t stroke_msg_t;
projects / strongswan.git / commitdiff