aboutsummaryrefslogtreecommitdiffstats
path: root/man/strongswan.conf.5.in
Commit message (Collapse)AuthorAgeFilesLines
* Fixed formatting in strongswan.confAndreas Steffen2013-12-031-3/+7
|
* Added DRBG automatic reseeding testsAndreas Steffen2013-11-271-0/+4
|
* Any of the four NTRU parameter sets can be selectedAndreas Steffen2013-11-271-2/+2
|
* Make the NTRU parameter set configurableAndreas Steffen2013-11-271-0/+5
|
* Implemented libstrongswan.plugins.random.strong_equals_true optionAndreas Steffen2013-11-161-0/+4
|
* man: strongswan.conf(5) updatedTobias Brunner2013-10-291-5/+35
|
* unbound: Add support for DLV (DNSSEC Lookaside Validation)Tobias Brunner2013-10-111-1/+9
| | | | Fixes #392.
* kernel-libipsec: Add an option to allow remote TS to match the IKE peerTobias Brunner2013-10-111-0/+7
| | | | | | | | Setting the fwmark options for the kernel-netlink and socket-default plugins allow this kind of setup. It is probably required to set net.ipv4.conf.all.rp_filter to 2 to make it work.
* socket-default: Allow setting firewall mark on outbound packetsTobias Brunner2013-10-111-0/+3
|
* kernel-netlink: Allow setting firewall marks on routing ruleTobias Brunner2013-10-111-0/+5
|
* xauth-pam: Make trimming of email addresses optional5.1.1dr4Tobias Brunner2013-10-041-0/+4
| | | | Fixes #430.
* kernel-netlink: Allow to override xfrm_acq_expires valueAnsis Atteka2013-09-231-0/+5
| | | | | | | | | | | | | | | | When using auto=route, current xfrm_acq_expires default value implies that tunnel can be down for up to 165 seconds, if other peer rejected first IKE request with an AUTH_FAILED or NO_PROPOSAL_CHOSEN error message. These error messages are completely normal in setups where another application pushes configuration to both strongSwans without waiting for acknowledgment that they have updated their configurations. This patch allows strongswan to override xfrm_acq_expires default value by setting charon.plugins.kernel-netlink.xfrm_acq_expires in strongswan.conf. Signed-off-by: Ansis Atteka <aatteka@nicira.com>
* strongswan.conf: Use configured piddir for UNIX socketsTobias Brunner2013-09-131-6/+6
|
* Build generated man pages via configure scriptTobias Brunner2013-09-131-6/+6
|
* Make SWID directory where tags are stored configurableAndreas Steffen2013-09-051-0/+3
|
* Selectively enable PT-TLS and/or RADIUS sockets in tnc-pdp pluginAndreas Steffen2013-08-261-0/+6
|
* moved tnc_imv plugin to libtnccs thanks to recommendation callback functionAndreas Steffen2013-08-151-8/+8
|
* Documented plugin move from libcharon to libtnccs in strongswan.confAndreas Steffen2013-08-151-15/+17
|
* Add PT-TLS interface to strongSwan PDPAndreas Steffen2013-08-151-3/+6
|
* strongswan.conf: Add note about reserved threadsTobias Brunner2013-08-071-1/+5
|
* strongswan.conf: Moved some stuff aroundTobias Brunner2013-07-231-23/+24
|
* strongswan.conf: Add missing optionsTobias Brunner2013-07-221-10/+47
|
* kernel-pfroute: Make time that is waited for VIPs to appear configurableTobias Brunner2013-07-171-0/+3
| | | | | One second might be too short for IPs to appear/disappear, especially on virtualized hosts.
* socket-default: Add options to disable address familiesTobias Brunner2013-07-051-0/+6
|
* capabilities: Make the user and group charon(-nm) changes to configurableTobias Brunner2013-06-251-0/+6
|
* Removed obsoleted strongswan.conf optionsAndreas Steffen2013-06-211-15/+0
|
* charon-cmd: Link strongswan.conf(5) and charon-cmd(8) man pagesTobias Brunner2013-06-211-2/+9
|
* kernel-netlink: Add an option to disable roam eventsTobias Brunner2013-05-031-0/+3
|
* added libstrongswan.plugins.openssl.fips_mode to man pageAndreas Steffen2013-04-161-0/+3
|
* Added charon.initiator_only option which causes charon to ignore IKE ↵Andreas Steffen2013-04-141-0/+3
| | | | initiation requests by peers
* implemented periodic IF-MAP RenewSession requestAndreas Steffen2013-04-031-1/+4
|
* Updated strongswan.conf(5) man pageTobias Brunner2013-04-011-10/+42
|
* updated strongswan.conf man page for tn_ifmap pluginAndreas Steffen2013-03-311-12/+12
|
* Moved configuration from resolver manager to unbound pluginAndreas Steffen2013-02-191-0/+6
| | | | Also streamlined log messages in unbound plugin.
* ipseckey: Added "enable" option for the IPSECKEY plugin to strongswan.confReto Guadagnini2013-02-191-0/+3
|
* Typo in strongswan.conf(5) man page fixedTobias Brunner2013-01-311-1/+1
|
* Documented new options in strongswan.conf(5) man pageTobias Brunner2013-01-251-3/+60
|
* Added an option to configure the maximum size of a fragmentTobias Brunner2013-01-121-0/+4
|
* Use a connection specific option to en-/disable IKEv1 fragmentationTobias Brunner2012-12-241-5/+0
|
* Add an option to en-/disable IKE fragmentationTobias Brunner2012-12-241-0/+5
| | | | | Fragments are always accepted but will not be sent if disabled. The vendor ID is only sent if the option is enabled.
* add dlcose strongswan.conf option to tnc-imc/tnc-imv pluginsAndreas Steffen2012-12-091-0/+6
|
* updated strongswan.conf man pageAndreas Steffen2012-11-121-2/+14
|
* scanner imc/imv pair uses IETF VPN PA-TNC message subtypeAndreas Steffen2012-10-311-0/+6
|
* Added an option to reload certificates from PKCS#11 tokens on SIGHUPTobias Brunner2012-10-181-0/+3
|
* Terminate unused resolver threads after a timeoutTobias Brunner2012-10-181-0/+6
|
* implemented os_info_t classAndreas Steffen2012-10-101-6/+6
|
* Added description for flush_auth_cfg and acct_port plus some minor editorial ↵Tobias Brunner2012-09-251-6/+16
| | | | changes
* Documentation about some time values clarifiedTobias Brunner2012-09-241-2/+2
|
* Added an option to configure the interface on which virtual IP addresses are ↵Tobias Brunner2012-09-211-0/+4
| | | | installed
* Added options and a lookup function that will allow filtering of network ↵Tobias Brunner2012-09-211-1/+9
| | | | interfaces
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-23 05:46:30 +0000