On Wed, May 3, 2023, at 15:30, Todd C. Miller wrote:
> Opinions? Does the proposed syntax seem OK?
Speaking strictly as an operator/administrator, I think this is great.
I would use it immediately, as it replaces deployed configuration I have in
place today which does something roughly equivale
On Sun, May 31, 2020, at 17:27, Tobias Heider wrote:
> I don't think this is a good idea
> With your diff the log gets spammed with 'Undefined error: 0' for child SAs
> that have never been used.
> Also log_warn seems a bit too much as those errors are rarely serious.
Thank you for having a look
During childsa last use checks, iked debug logs results, per SA, after a
successful pfkey_sa_last_used call.
This patch makes logging behavior more closely match that, on error.
I chose log_warn instead of log_debug since iked will complain about the
nonzero errno after pfkey_reply:
pfkey
While I hunt for the reason child SAs expiring results in ESRCH during
pfkey_sa_last_used, this more detailed log message on error is much more
helpful than the default pretty print of "pfkey_sa_last_used: No such process".
I suspect it's useful to others.
Thank you, all.
matthew weaver
---
In
