This has the same meaning as omitting left/rightsubnet, i.e. replace it
by the IKE address. Supporting %dynamic allows configurations with multiple
dynamic selectors in a left/rightsubnet, each with potentially different
proto/port selectors.
continue;
}
}
- ts = traffic_selector_create_from_cidr(subnet, proto,
- from_port, to_port);
+ if (streq(subnet, "%dynamic"))
+ {
+ ts = traffic_selector_create_dynamic(proto,
+ from_port, to_port);
+ }
+ else
+ {
+ ts = traffic_selector_create_from_cidr(subnet, proto,
+ from_port, to_port);
+ }
if (ts)
{
child_cfg->add_traffic_selector(child_cfg, local, ts);
projects / thirdparty / strongswan.git / commitdiff
