File: description.txt

package info (click to toggle)
libreswan 5.2-2.2
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 81,632 kB
  • sloc: ansic: 129,988; sh: 32,018; xml: 20,646; python: 10,303; makefile: 3,022; javascript: 1,506; sed: 574; yacc: 511; perl: 264; awk: 52
file content (8 lines) | stat: -rw-r--r-- 452 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
 
Test for NAT-t with %priv,%no when there is no NAT and "public ip" is in exclude list.

This tests for the common deployment where a remote host cannot use the enterprise IP range
as their own NAT range. so the server has a virtual-private %exclude to drop these.
But if the road warriors then connects from inside the enterprise, there is no NAT but
it WILL use the IP that is in %exclude but it should not trigger the block because there
is no NAT.