diff options
| author | Reyk Floeter <reyk@cvs.openbsd.org> | 2006-03-07 00:19:59 +0000 |
|---|---|---|
| committer | Reyk Floeter <reyk@cvs.openbsd.org> | 2006-03-07 00:19:59 +0000 |
| commit | 95db836f21684f795059c0bebdcbf60453d02e59 (patch) | |
| tree | 44cda93516e3f398ec76fa16ced8e883155dc5d4 /sbin/ipsecctl/parse.y | |
| parent | a59531eca8b0360c07adc2040bed23043dda710f (diff) | |
add an ike option for road warrior setups (hosts with dynamic ip
addresses).
"ike dynamic esp" will use the system's hostname as the fqdn source id
(instead of the ip address) by default and enable dpd (dead peer
detection) to allow smooth reconnects after an ip address change (i.e.
forced reconnect with consumer adsl lines).
ok hshoexer@, looks fine markus@, jmc@
Diffstat (limited to 'sbin/ipsecctl/parse.y')
| -rw-r--r-- | sbin/ipsecctl/parse.y | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/sbin/ipsecctl/parse.y b/sbin/ipsecctl/parse.y index 4d898d42155..a5ff3817e07 100644 --- a/sbin/ipsecctl/parse.y +++ b/sbin/ipsecctl/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.50 2006/01/20 16:11:22 naddy Exp $ */ +/* $OpenBSD: parse.y,v 1.51 2006/03/07 00:19:58 reyk Exp $ */ /* * Copyright (c) 2002, 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -190,7 +190,7 @@ typedef struct { %token FLOW FROM ESP AH IN PEER ON OUT TO SRCID DSTID RSA PSK TCPMD5 SPI %token AUTHKEY ENCKEY FILENAME AUTHXF ENCXF ERROR IKE MAIN QUICK PASSIVE -%token ACTIVE ANY IPIP IPCOMP COMPXF TUNNEL TRANSPORT +%token ACTIVE ANY IPIP IPCOMP COMPXF TUNNEL TRANSPORT DYNAMIC %token <v.string> STRING %type <v.dir> dir %type <v.protocol> protocol @@ -575,6 +575,7 @@ keyspec : STRING { ikemode : /* empty */ { $$ = IKE_ACTIVE; } | PASSIVE { $$ = IKE_PASSIVE; } + | DYNAMIC { $$ = IKE_DYNAMIC; } | ACTIVE { $$ = IKE_ACTIVE; } ; @@ -633,6 +634,7 @@ lookup(char *s) { "authkey", AUTHKEY }, { "comp", COMPXF }, { "dstid", DSTID }, + { "dynamic", DYNAMIC }, { "enc", ENCXF }, { "enckey", ENCKEY }, { "esp", ESP }, |