From: Martin Willi <martin@revosec.ch>
Date: Thu, 21 Feb 2013 10:32:10 +0000 (+0100)
Subject: Document ipsec.conf leftprotoport extensions in manpage
X-Git-Tag: 5.0.3dr3~41^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0abeac3a0be479cd5514cec4458d8435d8705e93;p=thirdparty%2Fstrongswan.git

Document ipsec.conf leftprotoport extensions in manpage
---

diff --git a/man/ipsec.conf.5.in b/man/ipsec.conf.5.in
index 2766cc4edf..0447838bde 100644
--- a/man/ipsec.conf.5.in
+++ b/man/ipsec.conf.5.in
@@ -737,6 +737,14 @@ can be used to the same effect, e.g.
 .B leftprotoport=udp/%any
 or
 .BR leftprotoport=%any/53 .
+
+The port value can alternatively take the value
+.B %opaque
+for RFC 4301 OPAQUE selectors, or a numerical range in the form
+.BR 1024-65535 .
+None of the kernel backends currently supports opaque or port ranges and uses
+.B %any
+for policy installation instead.
 .TP
 .BR leftrsasigkey " = <raw rsa public key> | <path to public key>"
 the left participant's public key for RSA signature authentication, in RFC 2537