aboutsummaryrefslogtreecommitdiffstats
path: root/src/conftest/config.c
Commit message (Collapse)AuthorAgeFilesLines
* ike: Add an additional but separate AEAD proposal to CHILD configMartin Willi2014-05-161-0/+2
| | | | | | | This currently has no effect: We don't include AEAD algorithms in the default ESP proposal, as we don't know if it is supported by the backend. But as we hopefully get an algorithm query mechanism on kernel interfaces some day, we add the appropriate functionality nonetheless.
* ike: Add an additional but separate AEAD proposal to IKE config, if supportedMartin Willi2014-05-161-0/+1
|
* ike: support multiple addresses, ranges and subnets in IKE address configMartin Willi2013-09-041-2/+2
| | | | | | | Replace the allowany semantic by a more powerful subnet and IP range matching. Multiple addresses, DNS names, subnets and ranges can be specified in a comma separated list. Initiators ignore the ranges/subnets, responders match configurations against all addresses, ranges and subnets.
* peer-cfg: add a pull/push mode option to use with mode configMartin Willi2013-09-041-2/+2
|
* Merge branch 'opaque-ports'Martin Willi2013-03-011-2/+2
|\ | | | | | | | | Adds a %opaque port option and support for port ranges in left/rightprotoport. Currently not supported by any of our kernel backends.
| * Use a complete port range in traffic_selector_create_from_{subnet,cidr}Martin Willi2013-02-211-2/+2
| |
* | Add a DSCP configuration value to IKE configsMartin Willi2013-02-061-1/+1
|/
* Add the ability to use a named pool for conftest configsTobias Brunner2013-01-211-1/+6
|
* Added an option that allows to force IKEv1 fragmentationTobias Brunner2013-01-121-1/+2
|
* Use a connection specific option to en-/disable IKEv1 fragmentationTobias Brunner2012-12-241-1/+1
|
* Fixed reading of configs in conftest utilityTobias Brunner2012-12-131-4/+4
|
* Make use of new CIDR string ts constructor where appropriateMartin Willi2012-10-241-8/+4
|
* Remove version argument on peer_cfg constructor, use ike_cfg version insteadMartin Willi2012-10-241-1/+1
|
* Add IKE version information to ike_cfg_tMartin Willi2012-10-241-1/+1
|
* Support multiple address pools configured on a peer_cfgMartin Willi2012-08-301-1/+1
|
* Support multiple virtual IPs on peer_cfg and ike_sa classesMartin Willi2012-08-301-1/+1
|
* implemented the right|leftallowany featureAndreas Steffen2012-06-081-2/+2
|
* make IKEv1 DPD timeout configurable in charonAndreas Steffen2012-05-171-1/+1
|
* Added an aggressive mode peer_cfg optionMartin Willi2012-03-201-1/+1
|
* Use enum to define IKE version on peer_cfg_t.Tobias Brunner2012-03-201-1/+1
| | | | Replaced all those magic numbers.
* Added a cert_policy option to conftest configurationsMartin Willi2011-01-051-1/+6
|
* Added tfc_padding option, changes signature to master changesMartin Willi2011-01-051-1/+5
|
* Added key strength constraints support to conftestMartin Willi2011-01-051-0/+11
|
* Fixed transport mode configuration optionMartin Willi2011-01-051-3/+7
|
* Disable MOBIKE in conftesting, as it changes port floating behaviorMartin Willi2011-01-051-1/+1
|
* Added IKE options to configure source/destination portsMartin Willi2011-01-051-2/+4
|
* Added IKE config option to fake NAT situationsMartin Willi2011-01-051-1/+2
|
* Load test and suite specific connection configurationsMartin Willi2011-01-051-0/+316
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-29 08:42:52 +0000