Thanks for pointing that out. The working model is the HTML
documentation in the distribution applies specifically to that
distribution; however, the documentation posted on the web is the whole
truth about the current development version. This way you can spot small
changes like this one and see if there is something justifying a leap to
the newest version. I checked the web on the access bits and the
documentation is correct.
> ----- Original Message Follows -----
>>> Deny service unless the packet is cryptographically
>>> Deny packets which would result in mobilizing a new association.
>>> This includes
>>> broadcast and symmetric active packets when a configured
>>>association does not exist.
>>It's not specified in the man page, which is probably why I missed it.
> The man pages are not authorative. Always look at the HTML