diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2012-08-13 10:39:34 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2012-08-13 10:45:39 +0200 |
| commit | e4ef4c9877d5ccb773ace0edf655351428c39572 (patch) | |
| tree | 9b3349ad0cafc1acebafb2ff2dc78a031f28c555 /man | |
| parent | 000668d3081422a3ac06fe16f038a4b1d6700f96 (diff) | |
| parent | 6fbf4472ea785f3c75d278b1a7400534989bf26a (diff) | |
| download | strongswan-e4ef4c9877d5ccb773ace0edf655351428c39572.tar.bz2 strongswan-e4ef4c9877d5ccb773ace0edf655351428c39572.tar.xz | |
Merge branch 'android-ndk'
This branch comes with some preliminary changes for the user-land IPsec
implementation and the Android App.
One important change is that the UDP ports used by the socket-default plugin
were made configurable (either via ./configure or strongswan.conf).
Also, the plugin does randomly allocate a port if it is configured to 0,
which is useful for client implementations. A consequence of these
changes is that the local UDP port used when creating ike_cfg_t objects has
to be fetched from the socket.
Diffstat (limited to 'man')
| -rw-r--r-- | man/ipsec.conf.5.in | 3 | ||||
| -rw-r--r-- | man/strongswan.conf.5.in | 17 |
2 files changed, 18 insertions, 2 deletions
diff --git a/man/ipsec.conf.5.in b/man/ipsec.conf.5.in index 1f88761be..ca77ee7de 100644 --- a/man/ipsec.conf.5.in +++ b/man/ipsec.conf.5.in @@ -1051,7 +1051,8 @@ A comma separated list containing type/level-pairs may be specified, e.g: .B dmn 3, ike 1, net -1. Acceptable values for types are -.B dmn, mgr, ike, chd, job, cfg, knl, net, asn, enc, lib, tls, tnc, imc, imv, pts +.B dmn, mgr, ike, chd, job, cfg, knl, net, asn, enc, lib, esp, tls, +.B tnc, imc, imv, pts and the level is one of .B -1, 0, 1, 2, 3, 4 (for silent, audit, control, controlmore, raw, private). By default, the level diff --git a/man/strongswan.conf.5.in b/man/strongswan.conf.5.in index fb9f1853d..4fba2344b 100644 --- a/man/strongswan.conf.5.in +++ b/man/strongswan.conf.5.in @@ -210,6 +210,15 @@ Enable multiple authentication exchanges (RFC 4739) .BR charon.nbns2 WINS servers assigned to peer via configuration payload (CP) .TP +.BR charon.port " [500]" +UDP port used locally. If set to 0 a random port will be allocated. +.TP +.BR charon.port_nat_t " [4500]" +UDP port used locally in case of NAT-T. If set to 0 a random port will be +allocated. Has to be different from +.BR charon.port , +otherwise a random port will be allocated. +.TP .BR charon.process_route " [yes]" Process RTM_NEWROUTE and RTM_DELROUTE events .TP @@ -272,7 +281,7 @@ Section to define syslog loggers, see LOGGER CONFIGURATION Number of worker threads in charon .SS charon.plugins subsection .TP -.BR charon.plugins.android.loglevel " [1]" +.BR charon.plugins.android_log.loglevel " [1]" Loglevel for logging to Android specific logger .TP .BR charon.plugins.attr @@ -486,6 +495,9 @@ is appended to this prefix to make it unique. The result has to be a valid interface name according to the rules defined by resolvconf. Also, it should have a high priority according to the order defined in interface-order(5). .TP +.BR charon.plugins.socket-default.set_source " [yes]" +Set source address on outbound packets, if possible. +.TP .BR charon.plugins.sql.database Database URI for charons SQL plugin .TP @@ -922,6 +934,9 @@ Packet encoding/decoding encryption/decryption operations .B tls libtls library messages .TP +.B esp +libipsec library messages +.TP .B lib libstrongwan library messages .TP |