The current log output is not as helpful as i would like it to be, so here's
a diff to make it better. This unifies the syntax of the send and recv output,
uses the same terms as the configuration (peer and local instead of to and from)
and prepends the SAs SPI to each line to make it easier to spot which message
belongs to which flow.
ikev2_msg_send: IKE_SA_INIT request from 0.0.0.0:500 to 10.0.1.23:500 msgid 0, 510 bytes
ikev2_recv: IKE_SA_INIT response from responder 10.0.1.23:500 to 10.0.1.24:500 policy 'test' id 0, 446 bytes
ikev2_msg_send: IKE_AUTH request from 10.0.1.24:500 to 10.0.1.23:500 msgid 1, 272 bytes
ikev2_recv: IKE_AUTH response from responder 10.0.1.23:500 to 10.0.1.24:500 policy 'test' id 1, 240 bytes
sa_state: VALID -> ESTABLISHED from 10.0.1.23:500 to 10.0.1.24:500 policy 'test'
0x5003cf5b45df23ae: recv IKE_SA_INIT req 0 peer 10.0.1.24:500 local 10.0.1.23:500, 510 bytes, policy 'test'
0x5003cf5b45df23ae: send IKE_SA_INIT res 0 peer 10.0.1.24:500 local 10.0.1.23:500, 446 bytes
0x5003cf5b45df23ae: recv IKE_AUTH req 1 peer 10.0.1.24:500 local 10.0.1.23:500, 272 bytes, policy 'test'
0x5003cf5b45df23ae: send IKE_AUTH res 1 peer 10.0.1.24:500 local 10.0.1.23:500, 240 bytes
0x5003cf5b45df23ae: sa_state: VALID -> ESTABLISHED from 10.0.1.24:500 to 10.0.1.23:500 policy 'test'
On Fri, Aug 09, 2019 at 05:42:30PM +0200, Reyk Floeter wrote:
> I agree that __func__ should be removed from anything except log_debug() messages.
> I think you should prepend the term sa or spi to explain what the hex numbers mean.
> otherwise OK reyk
Thanks! Added with "spi=" prepended to the spi values.