家にv4のデフォルトルートを向ける

Author: nna774

itamae/cookbooks/strongswan/templates/etc/swanctl/conf.d/yukari.conf

@@ -1,4 +1,15 @@
 connections {
+  to_linklocal {
+    children {
+      pass {
+        local_ts  = 10.8.192.42/32
+        remote_ts = 169.254.169.253/32
+        mode = pass
+        start_action = trap
+      }
+    }
+  }
+
   kizuna {
     local_addrs  = 2406:da14:37f:7c0d::fffe
     remote_addrs = 240b:250:8020:d00::1
@@ -13,7 +24,7 @@ connections {
     children {
       net-net {
         local_ts  = 10.8.192.0/20
-        remote_ts = 10.8.0.0/19, 10.8.208.0/20, 10.255.255.1/32
+        remote_ts = 0.0.0.0/0
 
         updown = /usr/lib/ipsec/_updown iptables
         esp_proposals = aes256-sha512-modp2048