If an IP address is configured, it will be requested from the responder,
which is free to respond with a different address.
.TP
-.BR rightsourceip " = %config | <network>/<netmask> | %poolname"
+.BR rightsourceip " = %config | <network>/<netmask> | <from>-<to> | %poolname"
Comma separated list of internal source IPs to use in a tunnel for the remote
peer. If the value is
.B %config
on the responder side, the initiator must propose an address which is then
echoed back. Also supported are address pools expressed as
\fInetwork\fB/\fInetmask\fR
+and
+\fIfrom\fB-\fIto\fR
or the use of an external IP address pool using %\fIpoolname\fR,
where \fIpoolname\fR is the name of the IP address pool used for the lookup.
.TP
/*
- * Copyright (C) 2012 Tobias Brunner
+ * Copyright (C) 2012-2014 Tobias Brunner
* Copyright (C) 2008 Martin Willi
* Hochschule fuer Technik Rapperswil
*
return cfg;
}
+/**
+ * build a mem_pool_t from an address range
+ */
+static mem_pool_t *create_pool_range(char *str)
+{
+ mem_pool_t *pool;
+ host_t *from, *to;
+
+ if (!host_create_from_range(str, &from, &to))
+ {
+ return NULL;
+ }
+ pool = mem_pool_create_range(str, from, to);
+ from->destroy(from);
+ to->destroy(to);
+ return pool;
+}
+
/**
* build a peer_cfg from a stroke msg
*/
}
else
{
- /* in-memory pool, named using CIDR notation */
+ /* in-memory pool, using range or CIDR notation */
+ mem_pool_t *pool;
host_t *base;
int bits;
- base = host_create_from_subnet(token, &bits);
- if (base)
+ pool = create_pool_range(token);
+ if (!pool)
+ {
+ base = host_create_from_subnet(token, &bits);
+ if (base)
+ {
+ pool = mem_pool_create(token, base, bits);
+ base->destroy(base);
+ }
+ }
+ if (pool)
{
- this->attributes->add_pool(this->attributes,
- mem_pool_create(token, base, bits));
+ this->attributes->add_pool(this->attributes, pool);
peer_cfg->add_pool(peer_cfg, token);
- base->destroy(base);
}
else
{
projects / thirdparty / strongswan.git / commitdiff
