aboutsummaryrefslogtreecommitdiffstats
path: root/man
Commit message (Collapse)AuthorAgeFilesLines
...
* Added options and a lookup function that will allow filtering of network ↵Tobias Brunner2012-09-211-1/+9
| | | | interfaces
* Update ipsec.conf.5, leftsubnet can handle multiple subnets in IKEv1 with UnityMartin Willi2012-09-181-2/+3
|
* Set AUTH_RULE_IDENTITY_LOOSE for rightid=%<identity>Tobias Brunner2012-09-181-0/+12
|
* Option added to enforce a configured destination address for DHCP packetsTobias Brunner2012-09-131-0/+8
|
* Updates to strongswan.conf(5) man page (added several missing options)Tobias Brunner2012-09-121-39/+82
|
* Some updates to ipsec.conf(5) man pageTobias Brunner2012-09-121-49/+70
|
* Add uniqueids=never to ignore INITIAL_CONTACT notifiesTobias Brunner2012-09-101-9/+16
| | | | | | With uniqueids=no the daemon still deletes any existing IKE_SA with the same peer if an INITIAL_CONTACT notify is received. With this new option it also ignores these notifies.
* Add random plugin options to strongswan.conf.5Martin Willi2012-09-102-0/+8
|
* added libimcv.assessment_result to strongswan.conf man pageAndreas Steffen2012-09-091-0/+3
|
* Merge branch 'multi-vip'Martin Willi2012-08-311-6/+16
|\ | | | | | | | | | | | | Brings support for multiple virtual IPs and multiple pools in left/rigthsourceip definitions. Also introduces the new left/rightdns options to configure requested DNS server address family and respond with multiple connection specific servers.
| * Updated ipsec.conf.5 with multiple left/rightsourceip supportMartin Willi2012-08-301-6/+6
| |
| * Add a description of the leftdns option to ipsec.conf.5Martin Willi2012-08-211-0/+10
| |
* | Documentation for eap-dynamic addedTobias Brunner2012-08-312-0/+11
|/
* Merge branch 'android-ndk'Tobias Brunner2012-08-132-2/+18
|\ | | | | | | | | | | | | | | | | | | | | | | This branch comes with some preliminary changes for the user-land IPsec implementation and the Android App. One important change is that the UDP ports used by the socket-default plugin were made configurable (either via ./configure or strongswan.conf). Also, the plugin does randomly allocate a port if it is configured to 0, which is useful for client implementations. A consequence of these changes is that the local UDP port used when creating ike_cfg_t objects has to be fetched from the socket.
| * Added option to prevent socket-default from setting the source address on ↵Tobias Brunner2012-08-081-0/+3
| | | | | | | | outbound packets
| * socket-default plugin allocates random ports if configured to 0.Tobias Brunner2012-08-081-0/+9
| | | | | | | | Also added strongswan.conf options to change the ports.
| * Added ESP log group for libipsec log messages.Tobias Brunner2012-08-082-1/+5
| |
| * Moved Android specific logger to separate plugin.Tobias Brunner2012-08-081-1/+1
| | | | | | | | | | | | This is mainly because the other parts of the existing android plugin can not be built in the NDK (access to keystore and system properties are not part of the stable NDK libraries).
* | Documentation fixes regarding xauth-pam/eap-gtc pluginsTobias Brunner2012-08-111-3/+5
| |
* | make max_message_size parameter consistent with similar optionsAndreas Steffen2012-08-091-2/+2
|/
* Add an ipsec.conf leftgroups2 parameter for the second authentication roundMartin Willi2012-07-261-0/+6
|
* added PA-TNC max_msg_len option to man pageAndreas Steffen2012-07-131-0/+6
|
* make maximum PB-TNC batch size configurableAndreas Steffen2012-07-111-0/+3
|
* added charon.plugins.eap-tnc.protocol optionAndreas Steffen2012-07-111-0/+3
|
* EAP-TNC does not support fragmentationAndreas Steffen2012-07-111-6/+0
|
* configure size of ITA Dummy PA-TNC attributeAndreas Steffen2012-07-111-0/+3
|
* max_message_count = 0 disables limitAndreas Steffen2012-07-111-4/+4
|
* Some updates in ipsec.conf(5) for 5.0.0Tobias Brunner2012-06-261-36/+50
|
* added charon.cisco_unity to strongswan.conf.5 man pageAndreas Steffen2012-06-251-0/+3
|
* added secret as valid authby argumentAndreas Steffen2012-06-181-1/+1
|
* Add documentation for signature hash algorithm enforcing to man ipsec.confMartin Willi2012-06-121-4/+11
|
* starter: Drop support for %defaultroute.Tobias Brunner2012-06-111-16/+2
|
* Retry IKE_SA initiation if DNS resolution failed.Tobias Brunner2012-05-301-0/+4
| | | | | This is disabled by default and can be enabled with the charon.retry_initiate_interval option in strongswan.conf.
* Updated ipsec.conf(5) to reflect changes to IPComp support.Tobias Brunner2012-05-241-4/+2
|
* Merge branch 'ikev1'Martin Willi2012-05-021-367/+79
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/encoding/generator.c src/libcharon/encoding/payloads/notify_payload.c src/libcharon/encoding/payloads/notify_payload.h src/libcharon/encoding/payloads/payload.c src/libcharon/network/receiver.c src/libcharon/sa/authenticator.c src/libcharon/sa/authenticator.h src/libcharon/sa/ikev2/tasks/ike_init.c src/libcharon/sa/task_manager.c src/libstrongswan/credentials/auth_cfg.c
| * Merge branch 'ikev1-clean' into ikev1-masterMartin Willi2012-03-201-360/+78
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/daemon.c src/libcharon/plugins/eap_ttls/eap_ttls_peer.c src/libcharon/plugins/eap_radius/eap_radius_accounting.c src/libcharon/plugins/eap_radius/eap_radius_forward.c src/libcharon/plugins/farp/farp_listener.c src/libcharon/sa/ike_sa.c src/libcharon/sa/keymat.c src/libcharon/sa/task_manager.c src/libcharon/sa/trap_manager.c src/libstrongswan/plugins/x509/x509_cert.c src/libstrongswan/utils.h Applied lost changes of moved files keymat.c and task_manager.c. Updated listener_t.message hook signature in new plugins.
| | * Updated ipsec.conf man page for the use of IKEv1 with plutoMartin Willi2012-03-201-332/+73
| | |
| | * Dropped support of deprecated authby=eap and eap= optionsMartin Willi2012-03-201-33/+4
| | |
* | | Documented strongswan.conf options for radattr plugin.Tobias Brunner2012-05-011-1/+8
| | |
* | | Option added to set identifier for syslog(3) logging.Tobias Brunner2012-04-201-0/+8
| | | | | | | | | | | | This identifier is added to each log message by syslog.
* | | updated supported EAP methodsAndreas Steffen2012-03-301-5/+14
| | |
* | | Make resolvconf interface prefix configurable.Tobias Brunner2012-03-271-0/+6
|/ /
* | added the strongswan.conf options of the tnc-pdp pluginAndreas Steffen2012-03-161-0/+12
| |
* | completed imc/imv-attestation settingsAndreas Steffen2012-02-071-1/+20
| |
* | Added an option to load CA certificates without CA basic constraint.Tobias Brunner2012-02-011-0/+4
| | | | | | | | | | | | Enabling this option treats all certificates in ipsec.d/cacerts and ipsec.conf ca sections as CA certificates even if they do not contain a CA basic constraint.
* | Added RADIUS accounting option to strongswan.conf manualMartin Willi2012-02-011-0/+3
| |
* | Make number of concurrently handled stroke messages configurable.Tobias Brunner2011-12-291-0/+3
| |
* | Added ASN debug group to log low-level encoding/decoding (ASN.1, X.509).Tobias Brunner2011-12-162-1/+4
| | | | | | | | | | This will allow us to remove quite some clutter from the LIB debug group for higher debug levels.
* | Charon also supports type=passthrough|drop.Tobias Brunner2011-12-141-6/+0
| |
* | Documented xauth_identity in ipsec.conf(5) man page.Tobias Brunner2011-12-141-3/+7
| |
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-11 21:26:50 +0000