From owner-freebsd-ports@freebsd.org  Fri Aug 26 13:54:49 2016
Return-Path: <owner-freebsd-ports@freebsd.org>
Delivered-To: freebsd-ports@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id F14B9B70ADB
 for <freebsd-ports@mailman.ysv.freebsd.org>;
 Fri, 26 Aug 2016 13:54:49 +0000 (UTC) (envelope-from abi@abinet.ru)
Received: from mail.abinet.ru (mail.abinet.ru [136.243.72.227])
 by mx1.freebsd.org (Postfix) with ESMTP id B3231E86
 for <freebsd-ports@freebsd.org>; Fri, 26 Aug 2016 13:54:49 +0000 (UTC)
 (envelope-from abi@abinet.ru)
Received: from sphinx.abinet.ru (host-54-159-66-217.spbmts.ru [217.66.159.54])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128
 bits)) (No client certificate requested)
 by mail.abinet.ru (Postfix) with ESMTPSA id 5EDD463E;
 Fri, 26 Aug 2016 13:54:47 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=abinet.ru; s=dkim;
 t=1472219687; bh=r9W0Dmm2qC38cfimsBDeXKR7nCYVnJSWi1/KxJ96NxU=;
 h=Subject:To:References:Cc:From:Date:In-Reply-To;
 b=YGWAfjuB1XRSYfKTM9L7w7nqw/N+tE67UtmegMM99UqHr5468VjF0yQ+GR2hZhkiG
 gxDy0t/vpxcGdAY7Fggt9zdsKCk4akVNVInDIXdslZ4aMB5TKC0zH/7Ze8O1BpcLWP
 nb1siW0uFPXY37mFw0QeCrWQW9RYGKd5P6Mrc8ok=
Subject: Re: security/strongswan start=route issue
To: Franco Fichtner <franco@lastsummer.de>
References: <20160826100000.1126b42d107c93d648a8957a@abinet.ru>
 <B703B61A-A48D-4387-AF88-6ABE3255A2B2@lastsummer.de>
Cc: freebsd-ports@freebsd.org
From: abi <abi@abinet.ru>
Message-ID: <e8f7b37f-43ec-c396-1107-8d6e0caf1a04@abinet.ru>
Date: Fri, 26 Aug 2016 16:54:45 +0300
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101
 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <B703B61A-A48D-4387-AF88-6ABE3255A2B2@lastsummer.de>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,T_DKIM_INVALID,
 UNPARSEABLE_RELAY autolearn=disabled version=3.4.1
X-Spam-Report: * -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
 *      [score: 0.0002]
 *  0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay lines
 *  0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on postfix.abinet.ru
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports/>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Aug 2016 13:54:50 -0000

Strange indeed. Yes, I ping correctly and auto=start works flawless.

Is OPNsense tracking 10 branch? I'm on 11-RC1


On 26.08.16 10:05, Franco Fichtner wrote:
> Hi,
>
>> On 26 Aug 2016, at 9:00 AM, abi <abi@abinet.ru> wrote:
>>
>> I'd like to open PR on upstream, but I want be sure that the problem exists not only for me, as the problem looks strange.
>> The issue is that tunnel behaves different if it autostarts (auto=start) and when it starts when traffic registered between left and right side. (auto=route).
> This works fine in our OPNsense setups.
>
> Make sure you use ping with the option "-S $LEFT_IP", it will
> only auto-route local traffic that originates from within your
> leftsubnet.
>
>
> Cheers,
> Franco