aboutsummaryrefslogtreecommitdiffstats
path: root/man
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'multi-cert'Martin Willi2013-03-011-0/+4
|\ | | | | | | | | Allows the configuration of multiple certificates in leftcert, and select the correct certificate to use based on the received certificate requests.
| * Add ipsec.conf.5 updates regarding multiple certificates in leftcertMartin Willi2013-01-181-0/+4
| |
* | Merge branch 'opaque-ports'Martin Willi2013-03-011-0/+8
|\ \ | | | | | | | | | | | | Adds a %opaque port option and support for port ranges in left/rightprotoport. Currently not supported by any of our kernel backends.
| * | Document ipsec.conf leftprotoport extensions in manpageMartin Willi2013-02-211-0/+8
| | |
* | | Moved configuration from resolver manager to unbound pluginAndreas Steffen2013-02-191-0/+6
| | | | | | | | | | | | Also streamlined log messages in unbound plugin.
* | | ipseckey: Added "enable" option for the IPSECKEY plugin to strongswan.confReto Guadagnini2013-02-191-0/+3
| | |
* | | Merge branch 'ike-dscp'Martin Willi2013-02-141-0/+5
|\ \ \
| * | | Add ikedscp documentation to ipsec.conf.5Martin Willi2013-02-061-0/+5
| |/ /
* / / Typo in strongswan.conf(5) man page fixedTobias Brunner2013-01-311-1/+1
|/ /
* / Documented new options in strongswan.conf(5) man pageTobias Brunner2013-01-251-3/+60
|/
* Added an option to configure the maximum size of a fragmentTobias Brunner2013-01-121-0/+4
|
* Added an option that allows to force IKEv1 fragmentationTobias Brunner2013-01-121-4/+9
|
* Use a connection specific option to en-/disable IKEv1 fragmentationTobias Brunner2012-12-242-5/+10
|
* Add an option to en-/disable IKE fragmentationTobias Brunner2012-12-241-0/+5
| | | | | Fragments are always accepted but will not be sent if disabled. The vendor ID is only sent if the option is enabled.
* add dlcose strongswan.conf option to tnc-imc/tnc-imv pluginsAndreas Steffen2012-12-091-0/+6
|
* updated strongswan.conf man pageAndreas Steffen2012-11-121-2/+14
|
* scanner imc/imv pair uses IETF VPN PA-TNC message subtypeAndreas Steffen2012-10-311-0/+6
|
* FQDNs are actually not resolved when loading secretsTobias Brunner2012-10-291-7/+1
|
* Added documentation for NTLM secretsTobias Brunner2012-10-251-0/+10
|
* Remove obsolete pluto smartcard syntax in ipsec.secrets.5Martin Willi2012-10-241-8/+5
|
* Updated ipsec.conf.5 regarding (CA) certificates loaded from smartcardsMartin Willi2012-10-241-5/+7
|
* Add leftcert ipsec.conf.5 documentation about smartcard certificatesMartin Willi2012-10-241-0/+12
|
* Add ipsec.conf.5 documentation for explicit PRFs in IKE proposalsMartin Willi2012-10-241-7/+17
|
* Added an option to reload certificates from PKCS#11 tokens on SIGHUPTobias Brunner2012-10-181-0/+3
|
* Terminate unused resolver threads after a timeoutTobias Brunner2012-10-181-0/+6
|
* implemented os_info_t classAndreas Steffen2012-10-101-6/+6
|
* Added description for flush_auth_cfg and acct_port plus some minor editorial ↵Tobias Brunner2012-09-251-6/+16
| | | | changes
* Documentation about some time values clarifiedTobias Brunner2012-09-241-2/+2
|
* Added an option to configure the interface on which virtual IP addresses are ↵Tobias Brunner2012-09-211-0/+4
| | | | installed
* Added options and a lookup function that will allow filtering of network ↵Tobias Brunner2012-09-211-1/+9
| | | | interfaces
* Update ipsec.conf.5, leftsubnet can handle multiple subnets in IKEv1 with UnityMartin Willi2012-09-181-2/+3
|
* Set AUTH_RULE_IDENTITY_LOOSE for rightid=%<identity>Tobias Brunner2012-09-181-0/+12
|
* Option added to enforce a configured destination address for DHCP packetsTobias Brunner2012-09-131-0/+8
|
* Updates to strongswan.conf(5) man page (added several missing options)Tobias Brunner2012-09-121-39/+82
|
* Some updates to ipsec.conf(5) man pageTobias Brunner2012-09-121-49/+70
|
* Add uniqueids=never to ignore INITIAL_CONTACT notifiesTobias Brunner2012-09-101-9/+16
| | | | | | With uniqueids=no the daemon still deletes any existing IKE_SA with the same peer if an INITIAL_CONTACT notify is received. With this new option it also ignores these notifies.
* Add random plugin options to strongswan.conf.5Martin Willi2012-09-102-0/+8
|
* added libimcv.assessment_result to strongswan.conf man pageAndreas Steffen2012-09-091-0/+3
|
* Merge branch 'multi-vip'Martin Willi2012-08-311-6/+16
|\ | | | | | | | | | | | | Brings support for multiple virtual IPs and multiple pools in left/rigthsourceip definitions. Also introduces the new left/rightdns options to configure requested DNS server address family and respond with multiple connection specific servers.
| * Updated ipsec.conf.5 with multiple left/rightsourceip supportMartin Willi2012-08-301-6/+6
| |
| * Add a description of the leftdns option to ipsec.conf.5Martin Willi2012-08-211-0/+10
| |
* | Documentation for eap-dynamic addedTobias Brunner2012-08-312-0/+11
|/
* Merge branch 'android-ndk'Tobias Brunner2012-08-132-2/+18
|\ | | | | | | | | | | | | | | | | | | | | | | This branch comes with some preliminary changes for the user-land IPsec implementation and the Android App. One important change is that the UDP ports used by the socket-default plugin were made configurable (either via ./configure or strongswan.conf). Also, the plugin does randomly allocate a port if it is configured to 0, which is useful for client implementations. A consequence of these changes is that the local UDP port used when creating ike_cfg_t objects has to be fetched from the socket.
| * Added option to prevent socket-default from setting the source address on ↵Tobias Brunner2012-08-081-0/+3
| | | | | | | | outbound packets
| * socket-default plugin allocates random ports if configured to 0.Tobias Brunner2012-08-081-0/+9
| | | | | | | | Also added strongswan.conf options to change the ports.
| * Added ESP log group for libipsec log messages.Tobias Brunner2012-08-082-1/+5
| |
| * Moved Android specific logger to separate plugin.Tobias Brunner2012-08-081-1/+1
| | | | | | | | | | | | This is mainly because the other parts of the existing android plugin can not be built in the NDK (access to keystore and system properties are not part of the stable NDK libraries).
* | Documentation fixes regarding xauth-pam/eap-gtc pluginsTobias Brunner2012-08-111-3/+5
| |
* | make max_message_size parameter consistent with similar optionsAndreas Steffen2012-08-091-2/+2
|/
* Add an ipsec.conf leftgroups2 parameter for the second authentication roundMartin Willi2012-07-261-0/+6
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-03-01 01:52:16 +0000