Project

General

Profile

Bug #11488

IPsec tunnel definitions have ``pools =`` entry in ``swanctl.conf`` with no value

Added by Jim Pingle about 2 months ago. Updated about 1 month ago.

Status:
Feedback
Priority:
Normal
Assignee:
Category:
IPsec
Target version:
Start date:
02/20/2021
Due date:
% Done:

100%

Estimated time:
Affected Version:
2.5.0
Affected Architecture:
Release Notes:
Default

Description

Some IPsec connections have "pools =" with no value. The line should be omitted in this case rather than being present with no value.

Associated revisions

Revision bb3a6eb4 (diff)
Added by Jim Pingle about 2 months ago

Don't add empty pools line. Fixes #11488

Revision 2fe5cc52 (diff)
Added by Jim Pingle about 2 months ago

Don't add empty pools line. Fixes #11488

(cherry picked from commit bb3a6eb44958841df4257ae7936e6714d1ed99a8)

History

#1 Updated by Jim Pingle about 2 months ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100

#2 Updated by Renato Botelho about 2 months ago

  • Target version changed from CE-Next to 2.5.1

#3 Updated by Jim Pingle about 1 month ago

To reproduce the problem, restore the IPsec config section from issue #11487 to a system without IPsec. Edit/save/apply on the IPsec tunnel.

On a system without the fix, check the generated /var/etc/ipsec/swanctl.conf file and it will have the following line in the con100000 block:

        pools =

On a system with the fix, that line is not present.

#4 Updated by Jim Pingle about 1 month ago

  • Subject changed from Some IPsec connections have "pools =" with no value to IPsec tunnel definitions have ``pools =`` entry in ``swanctl.conf`` with no value

Updating subject for release notes.

Also available in: Atom PDF