> Note that this isn't commenting a line, this is commenting all lines > that come after it. The parser joins the line first and removes > comments afterwards, so the config above becomes > > ... group curve22519 #childsa enc aes-128 auth hmac-sha2-256 srcid ... > > and then everything after the # is ignored. As someone pointed out the > error is at ikeauth. The error goes away because that line is > commented out, as are the three that precede it. > > You have no idea how many hours I wasted trying to make sense of why > some configuration changes seemed to have no effect whatsoever, before I > learned about this. Incidentally, pf.conf uses the same parser, so it > behaves the same. > > Cheers > Zé
Zé wow. That's one handy piece of advice. As you say, could save hours and days of wasted time. Thank you.
