swanctl: Document possibility of non-zero base addresses for in-memory pools

author Tobias Brunner <tobias@strongswan.org>

Fri, 12 Apr 2024 12:01:23 +0000 (14:01 +0200)

committer Tobias Brunner <tobias@strongswan.org>

Mon, 15 Apr 2024 07:50:34 +0000 (09:50 +0200)
author Tobias Brunner <tobias@strongswan.org>
Fri, 12 Apr 2024 12:01:23 +0000 (14:01 +0200)
committer Tobias Brunner <tobias@strongswan.org>
Mon, 15 Apr 2024 07:50:34 +0000 (09:50 +0200)
diff --git a/src/swanctl/swanctl.opt b/src/swanctl/swanctl.opt

index d9fd949ed1aa53d8fe09edd9a52e4f063e295819..78256a6af21f7fe6802edac23fc9fdedc37e0899 100644 (file)
--- a/src/swanctl/swanctl.opt
+++ b/src/swanctl/swanctl.opt
@@ -1331,7 +1331,10 @@ pools.<name>.addrs =
  
         Subnet or range defining addresses allocated in pool. Accepts a single CIDR
         subnet defining the pool to allocate addresses from or an address range
-       (<from>-<to>).  Pools must be unique and non-overlapping.
+       (<from>-<to>). If the address in CIDR notation is not the network ID of the
+       subnet (e.g. 10.1.0.5/24 instead of 10.1.0.0/24), addresses below it won't
+       be allocated to clients (they could e.g. be assigned manually to internal
+       hosts like the VPN server itself). Pools must be unique and non-overlapping.
  
  pools.<name>.<attr> =
         Comma separated list of additional attributes from type <attr>.
author	Tobias Brunner <tobias@strongswan.org>
	Fri, 12 Apr 2024 12:01:23 +0000 (14:01 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Mon, 15 Apr 2024 07:50:34 +0000 (09:50 +0200)