diff options
| -rw-r--r-- | sbin/isakmpd/samples/singlehost-east.conf | 324 | ||||
| -rw-r--r-- | sbin/isakmpd/samples/singlehost-east.gdb | 1 | ||||
| -rw-r--r-- | sbin/isakmpd/samples/singlehost-setup.sh | 42 | ||||
| -rw-r--r-- | sbin/isakmpd/samples/singlehost-west.conf | 324 | ||||
| -rw-r--r-- | sbin/isakmpd/samples/singlehost-west.gdb | 1 |
5 files changed, 692 insertions, 0 deletions
diff --git a/sbin/isakmpd/samples/singlehost-east.conf b/sbin/isakmpd/samples/singlehost-east.conf new file mode 100644 index 00000000000..ab6f3f83639 --- /dev/null +++ b/sbin/isakmpd/samples/singlehost-east.conf @@ -0,0 +1,324 @@ +# $OpenBSD: singlehost-east.conf,v 1.1 1999/03/31 23:45:51 niklas Exp $ +# $EOM: singlehost-east.conf,v 1.1 1999/03/31 23:36:51 niklas Exp $ + +# A configuration sample for the isakmpd ISAKMP/Oakley (aka IKE) daemon. + +[General] +Retransmits= 5 +Exchange-max-time= 120 +Listen-on= 10.1.0.2 +Shared-SADB= Defined + +# Incoming phase 1 negotiations are multiplexed on the source IP address +[Phase 1] +10.1.0.1= ISAKMP-peer-west + +# These connections are walked over after config file parsing and told +# to the application layer so that it will inform us when traffic wants to +# pass over them. This means we can do on-demand keying. +[Phase 2] +Connections= IPsec-east-west + +[ISAKMP-peer-west] +Phase= 1 +Transport= udp +Local-address= 10.1.0.2 +Address= 10.1.0.1 +# Default values for "Port" commented out +#Port= isakmp +#Port= 500 +Configuration= Default-main-mode +Authentication= mekmitasdigoat +Flags= Stayalive + +[IPsec-east-west] +Phase= 2 +ISAKMP-peer= ISAKMP-peer-west +Configuration= Default-quick-mode +Local-ID= Net-east +Remote-ID= Net-west +Flags= Stayalive + +[Net-west] +ID-type= IPV4_ADDR_SUBNET +Network= 192.168.1.0 +Netmask= 255.255.255.0 + +[Net-east] +ID-type= IPV4_ADDR_SUBNET +Network= 192.168.2.0 +Netmask= 255.255.255.0 + +# Main mode descriptions + +[Default-main-mode] +DOI= IPSEC +EXCHANGE_TYPE= ID_PROT +Transforms= 3DES-SHA + +# Main mode transforms +###################### + +# DES + +[DES-MD5] +ENCRYPTION_ALGORITHM= DES_CBC +HASH_ALGORITHM= MD5 +AUTHENTICATION_METHOD= PRE_SHARED +GROUP_DESCRIPTION= MODP_768 +Life= LIFE_600_SECS,LIFE_1000_KB + +[DES-MD5-NO-VOL-LIFE] +ENCRYPTION_ALGORITHM= DES_CBC +HASH_ALGORITHM= MD5 +AUTHENTICATION_METHOD= PRE_SHARED +GROUP_DESCRIPTION= MODP_768 +Life= LIFE_600_SECS + +[DES-SHA] +ENCRYPTION_ALGORITHM= DES_CBC +HASH_ALGORITHM= SHA +AUTHENTICATION_METHOD= PRE_SHARED +GROUP_DESCRIPTION= MODP_768 +Life= LIFE_600_SECS,LIFE_1000_KB + +# 3DES + +[3DES-SHA] +ENCRYPTION_ALGORITHM= 3DES_CBC +HASH_ALGORITHM= SHA +AUTHENTICATION_METHOD= PRE_SHARED +GROUP_DESCRIPTION= MODP_1024 +Life= LIFE_180_SECS + +# Blowfish + +[BLF-SHA-M1024] +ENCRYPTION_ALGORITHM= BLOWFISH_CBC +KEY_LENGTH= 128,96:192 +HASH_ALGORITHM= SHA +AUTHENTICATION_METHOD= PRE_SHARED +GROUP_DESCRIPTION= MODP_1024 +Life= LIFE_600_SECS,LIFE_1000_KB + +[BLF-SHA-EC155] +ENCRYPTION_ALGORITHM= BLOWFISH_CBC +KEY_LENGTH= 128,96:192 +HASH_ALGORITHM= SHA +AUTHENTICATION_METHOD= PRE_SHARED +GROUP_DESCRIPTION= EC2N_155 +Life= LIFE_600_SECS,LIFE_1000_KB + +[BLF-MD5-EC155] +ENCRYPTION_ALGORITHM= BLOWFISH_CBC +KEY_LENGTH= 128,96:192 +HASH_ALGORITHM= MD5 +AUTHENTICATION_METHOD= PRE_SHARED +GROUP_DESCRIPTION= EC2N_155 +Life= LIFE_600_SECS,LIFE_1000_KB + +[BLF-SHA-EC185] +ENCRYPTION_ALGORITHM= BLOWFISH_CBC +KEY_LENGTH= 128,96:192 +HASH_ALGORITHM= SHA +AUTHENTICATION_METHOD= PRE_SHARED +GROUP_DESCRIPTION= EC2N_185 +Life= LIFE_600_SECS,LIFE_1000_KB + +# Quick mode description +######################## + +[Default-quick-mode] +DOI= IPSEC +EXCHANGE_TYPE= QUICK_MODE +Suites= QM-ESP-3DES-SHA-PFS-SUITE,QM-ESP-DES-MD5-SUITE + +# Quick mode protection suites +############################## + +# DES + +[QM-ESP-DES-SUITE] +Protocols= QM-ESP-DES + +[QM-ESP-DES-PFS-SUITE] +Protocols= QM-ESP-DES-PFS + +[QM-ESP-DES-MD5-SUITE] +Protocols= QM-ESP-DES-MD5 + +[QM-ESP-DES-MD5-PFS-SUITE] +Protocols= QM-ESP-DES-MD5-PFS + +[QM-ESP-DES-SHA-SUITE] +Protocols= QM-ESP-DES-SHA + +[QM-ESP-DES-SHA-PFS-SUITE] +Protocols= QM-ESP-DES-SHA-PFS + +# 3DES + +[QM-ESP-3DES-SHA-SUITE] +Protocols= QM-ESP-3DES-SHA + +[QM-ESP-3DES-SHA-PFS-SUITE] +Protocols= QM-ESP-3DES-SHA-PFS + +# AH + +[QM-AH-MD5-SUITE] +Protocols= QM-AH-MD5 + +[QM-AH-MD5-PFS-SUITE] +Protocols= QM-AH-MD5-PFS + +# AH + ESP + +[QM-AH-MD5-ESP-DES-SUITE] +Protocols= QM-AH-MD5,QM-ESP-DES + +[QM-AH-MD5-ESP-DES-MD5-SUITE] +Protocols= QM-AH-MD5,QM-ESP-DES-MD5 + +[QM-ESP-DES-MD5-AH-MD5-SUITE] +Protocols= QM-ESP-DES-MD5,QM-AH-MD5 + +# Quick mode protocols + +# DES + +[QM-ESP-DES] +PROTOCOL_ID= IPSEC_ESP +Transforms= QM-ESP-DES-XF + +[QM-ESP-DES-MD5] +PROTOCOL_ID= IPSEC_ESP +Transforms= QM-ESP-DES-MD5-XF + +[QM-ESP-DES-MD5-PFS] +PROTOCOL_ID= IPSEC_ESP +Transforms= QM-ESP-DES-MD5-PFS-XF + +[QM-ESP-DES-SHA] +PROTOCOL_ID= IPSEC_ESP +Transforms= QM-ESP-DES-SHA-XF + +# 3DES + +[QM-ESP-3DES-SHA] +PROTOCOL_ID= IPSEC_ESP +Transforms= QM-ESP-3DES-SHA-XF + +[QM-ESP-3DES-SHA-PFS] +PROTOCOL_ID= IPSEC_ESP +Transforms= QM-ESP-3DES-SHA-PFS-XF + +[QM-ESP-3DES-SHA-TRP] +PROTOCOL_ID= IPSEC_ESP +Transforms= QM-ESP-3DES-SHA-TRP-XF + +# AH MD5 + +[QM-AH-MD5] +PROTOCOL_ID= IPSEC_AH +Transforms= QM-AH-MD5-XF + +[QM-AH-MD5-PFS] +PROTOCOL_ID= IPSEC_AH +Transforms= QM-AH-MD5-PFS-XF + +# Quick mode transforms + +# ESP DES+MD5 + +[QM-ESP-DES-XF] +TRANSFORM_ID= DES +ENCAPSULATION_MODE= TUNNEL +Life= LIFE_600_SECS + +[QM-ESP-DES-MD5-XF] +TRANSFORM_ID= DES +ENCAPSULATION_MODE= TUNNEL +AUTHENTICATION_ALGORITHM= HMAC_MD5 +Life= LIFE_600_SECS + +[QM-ESP-DES-MD5-PFS-XF] +TRANSFORM_ID= DES +ENCAPSULATION_MODE= TUNNEL +GROUP_DESCRIPTION= MODP_768 +AUTHENTICATION_ALGORITHM= HMAC_MD5 +Life= LIFE_600_SECS + +[QM-ESP-DES-SHA-XF] +TRANSFORM_ID= DES +ENCAPSULATION_MODE= TUNNEL +AUTHENTICATION_ALGORITHM= HMAC_SHA +Life= LIFE_600_SECS + +# 3DES + +[QM-ESP-3DES-SHA-XF] +TRANSFORM_ID= 3DES +ENCAPSULATION_MODE= TUNNEL +AUTHENTICATION_ALGORITHM= HMAC_SHA +Life= LIFE_60_SECS + +[QM-ESP-3DES-SHA-PFS-XF] +TRANSFORM_ID= 3DES +ENCAPSULATION_MODE= TUNNEL +AUTHENTICATION_ALGORITHM= HMAC_SHA +GROUP_DESCRIPTION= MODP_1024 +Life= LIFE_60_SECS + +[QM-ESP-3DES-SHA-TRP-XF] +TRANSFORM_ID= 3DES +ENCAPSULATION_MODE= TRANSPORT +AUTHENTICATION_ALGORITHM= HMAC_SHA +Life= LIFE_60_SECS + +# AH + +[QM-AH-MD5-XF] +TRANSFORM_ID= MD5 +ENCAPSULATION_MODE= TUNNEL +AUTHENTICATION_ALGORITHM= HMAC_MD5 +Life= LIFE_600_SECS + +[QM-AH-MD5-PFS-XF] +TRANSFORM_ID= MD5 +ENCAPSULATION_MODE= TUNNEL +GROUP_DESCRIPTION= MODP_768 +Life= LIFE_600_SECS + +[LIFE_60_SECS] +LIFE_TYPE= SECONDS +LIFE_DURATION= 60,45:120 + +[LIFE_180_SECS] +LIFE_TYPE= SECONDS +LIFE_DURATION= 180,120:240 + +[LIFE_600_SECS] +LIFE_TYPE= SECONDS +LIFE_DURATION= 600,450:720 + +[LIFE_3600_SECS] +LIFE_TYPE= SECONDS +LIFE_DURATION= 3600,1800:7200 + +[LIFE_1000_KB] +LIFE_TYPE= KILOBYTES +LIFE_DURATION= 1000,768:1536 + +[LIFE_32_MB] +LIFE_TYPE= KILOBYTES +LIFE_DURATION= 32768,16384:65536 + +[LIFE_4.5_GB] +LIFE_TYPE= KILOBYTES +LIFE_DURATION= 4608000,4096000:8192000 + +[RSA_SIG] +CERT= /etc/isakmpd_cert +PRIVKEY= /etc/isakmpd_key +PUBKEY= /etc/isakmpd_key.pub diff --git a/sbin/isakmpd/samples/singlehost-east.gdb b/sbin/isakmpd/samples/singlehost-east.gdb new file mode 100644 index 00000000000..a41df0d8ff3 --- /dev/null +++ b/sbin/isakmpd/samples/singlehost-east.gdb @@ -0,0 +1 @@ +r -d -D0=99 -D1=99 -D2=99 -D3=99 -D4=99 -D5=99 -feast.fifo -c../samples/singlehost-east.conf diff --git a/sbin/isakmpd/samples/singlehost-setup.sh b/sbin/isakmpd/samples/singlehost-setup.sh new file mode 100644 index 00000000000..797727dabf8 --- /dev/null +++ b/sbin/isakmpd/samples/singlehost-setup.sh @@ -0,0 +1,42 @@ +#!/bin/sh +# $OpenBSD: singlehost-setup.sh,v 1.1 1999/03/31 23:45:53 niklas Exp $ +# $EOM: singlehost-setup.sh,v 1.2 1999/03/31 23:45:16 niklas Exp $ + +# A script to test single-host VPNs + +cleanup () { + ipf -r -f - <<' EOF' + pass out quick on lo2 proto 50 + pass out quick on lo2 from 192.168.1.0/24 to any + pass out quick on lo3 proto 50 + pass out quick on lo3 from 192.168.2.0/24 to any + block out on lo2 + block out on lo3 + EOF +} + +ifconfig lo2 192.168.1.1 netmask 0xffffff00 +ifconfig lo3 192.168.2.1 netmask 0xffffff00 +ifconfig lo4 10.1.0.1 netmask 0xffff0000 +ifconfig lo5 10.1.0.2 netmask 0xffff0000 + +ipf -E -f - <<EOF +pass out quick on lo2 proto 50 +pass out quick on lo2 from 192.168.1.0/24 to any +pass out quick on lo3 proto 50 +pass out quick on lo3 from 192.168.2.0/24 to any +block out on lo2 +block out on lo3 +EOF + +trap cleanup 1 2 3 15 + +isakmpd -c singlehost-east.conf -f east.fifo "$@" +isakmpd -c singlehost-west.conf -f west.fifo "$@" + +# Give them some slack... + +sleep 10 +ping -I 192.168.1.1 -c 30 192.168.2.1 + +cleanup diff --git a/sbin/isakmpd/samples/singlehost-west.conf b/sbin/isakmpd/samples/singlehost-west.conf new file mode 100644 index 00000000000..2477c9efb7d --- /dev/null +++ b/sbin/isakmpd/samples/singlehost-west.conf @@ -0,0 +1,324 @@ +# $OpenBSD: singlehost-west.conf,v 1.1 1999/03/31 23:45:53 niklas Exp $ +# $EOM: singlehost-west.conf,v 1.1 1999/03/31 23:36:52 niklas Exp $ + +# A configuration sample for the isakmpd ISAKMP/Oakley (aka IKE) daemon. + +[General] +Retransmits= 5 +Exchange-max-time= 120 +Listen-on= 10.1.0.1 +Shared-SADB= Defined + +# Incoming phase 1 negotiations are multiplexed on the source IP address +[Phase 1] +10.1.0.2= ISAKMP-peer-east + +# These connections are walked over after config file parsing and told +# to the application layer so that it will inform us when traffic wants to +# pass over them. This means we can do on-demand keying. +[Phase 2] +Connections= IPsec-west-east + +[ISAKMP-peer-east] +Phase= 1 +Transport= udp +Local-address= 10.1.0.1 +Address= 10.1.0.2 +# Default values for "Port" commented out +#Port= isakmp +#Port= 500 +Configuration= Default-main-mode +Authentication= mekmitasdigoat +Flags= Stayalive + +[IPsec-west-east] +Phase= 2 +ISAKMP-peer= ISAKMP-peer-east +Configuration= Default-quick-mode +Local-ID= Net-west +Remote-ID= Net-east +Flags= Stayalive + +[Net-west] +ID-type= IPV4_ADDR_SUBNET +Network= 192.168.1.0 +Netmask= 255.255.255.0 + +[Net-east] +ID-type= IPV4_ADDR_SUBNET +Network= 192.168.2.0 +Netmask= 255.255.255.0 + +# Main mode descriptions + +[Default-main-mode] +DOI= IPSEC +EXCHANGE_TYPE= ID_PROT +Transforms= 3DES-SHA + +# Main mode transforms +###################### + +# DES + +[DES-MD5] +ENCRYPTION_ALGORITHM= DES_CBC +HASH_ALGORITHM= MD5 +AUTHENTICATION_METHOD= PRE_SHARED +GROUP_DESCRIPTION= MODP_768 +Life= LIFE_600_SECS,LIFE_1000_KB + +[DES-MD5-NO-VOL-LIFE] +ENCRYPTION_ALGORITHM= DES_CBC +HASH_ALGORITHM= MD5 +AUTHENTICATION_METHOD= PRE_SHARED +GROUP_DESCRIPTION= MODP_768 +Life= LIFE_600_SECS + +[DES-SHA] +ENCRYPTION_ALGORITHM= DES_CBC +HASH_ALGORITHM= SHA +AUTHENTICATION_METHOD= PRE_SHARED +GROUP_DESCRIPTION= MODP_768 +Life= LIFE_600_SECS,LIFE_1000_KB + +# 3DES + +[3DES-SHA] +ENCRYPTION_ALGORITHM= 3DES_CBC +HASH_ALGORITHM= SHA +AUTHENTICATION_METHOD= PRE_SHARED +GROUP_DESCRIPTION= MODP_1024 +Life= LIFE_180_SECS + +# Blowfish + +[BLF-SHA-M1024] +ENCRYPTION_ALGORITHM= BLOWFISH_CBC +KEY_LENGTH= 128,96:192 +HASH_ALGORITHM= SHA +AUTHENTICATION_METHOD= PRE_SHARED +GROUP_DESCRIPTION= MODP_1024 +Life= LIFE_600_SECS,LIFE_1000_KB + +[BLF-SHA-EC155] +ENCRYPTION_ALGORITHM= BLOWFISH_CBC +KEY_LENGTH= 128,96:192 +HASH_ALGORITHM= SHA +AUTHENTICATION_METHOD= PRE_SHARED +GROUP_DESCRIPTION= EC2N_155 +Life= LIFE_600_SECS,LIFE_1000_KB + +[BLF-MD5-EC155] +ENCRYPTION_ALGORITHM= BLOWFISH_CBC +KEY_LENGTH= 128,96:192 +HASH_ALGORITHM= MD5 +AUTHENTICATION_METHOD= PRE_SHARED +GROUP_DESCRIPTION= EC2N_155 +Life= LIFE_600_SECS,LIFE_1000_KB + +[BLF-SHA-EC185] +ENCRYPTION_ALGORITHM= BLOWFISH_CBC +KEY_LENGTH= 128,96:192 +HASH_ALGORITHM= SHA +AUTHENTICATION_METHOD= PRE_SHARED +GROUP_DESCRIPTION= EC2N_185 +Life= LIFE_600_SECS,LIFE_1000_KB + +# Quick mode description +######################## + +[Default-quick-mode] +DOI= IPSEC +EXCHANGE_TYPE= QUICK_MODE +Suites= QM-ESP-3DES-SHA-PFS-SUITE,QM-ESP-DES-MD5-SUITE + +# Quick mode protection suites +############################## + +# DES + +[QM-ESP-DES-SUITE] +Protocols= QM-ESP-DES + +[QM-ESP-DES-PFS-SUITE] +Protocols= QM-ESP-DES-PFS + +[QM-ESP-DES-MD5-SUITE] +Protocols= QM-ESP-DES-MD5 + +[QM-ESP-DES-MD5-PFS-SUITE] +Protocols= QM-ESP-DES-MD5-PFS + +[QM-ESP-DES-SHA-SUITE] +Protocols= QM-ESP-DES-SHA + +[QM-ESP-DES-SHA-PFS-SUITE] +Protocols= QM-ESP-DES-SHA-PFS + +# 3DES + +[QM-ESP-3DES-SHA-SUITE] +Protocols= QM-ESP-3DES-SHA + +[QM-ESP-3DES-SHA-PFS-SUITE] +Protocols= QM-ESP-3DES-SHA-PFS + +# AH + +[QM-AH-MD5-SUITE] +Protocols= QM-AH-MD5 + +[QM-AH-MD5-PFS-SUITE] +Protocols= QM-AH-MD5-PFS + +# AH + ESP + +[QM-AH-MD5-ESP-DES-SUITE] +Protocols= QM-AH-MD5,QM-ESP-DES + +[QM-AH-MD5-ESP-DES-MD5-SUITE] +Protocols= QM-AH-MD5,QM-ESP-DES-MD5 + +[QM-ESP-DES-MD5-AH-MD5-SUITE] +Protocols= QM-ESP-DES-MD5,QM-AH-MD5 + +# Quick mode protocols + +# DES + +[QM-ESP-DES] +PROTOCOL_ID= IPSEC_ESP +Transforms= QM-ESP-DES-XF + +[QM-ESP-DES-MD5] +PROTOCOL_ID= IPSEC_ESP +Transforms= QM-ESP-DES-MD5-XF + +[QM-ESP-DES-MD5-PFS] +PROTOCOL_ID= IPSEC_ESP +Transforms= QM-ESP-DES-MD5-PFS-XF + +[QM-ESP-DES-SHA] +PROTOCOL_ID= IPSEC_ESP +Transforms= QM-ESP-DES-SHA-XF + +# 3DES + +[QM-ESP-3DES-SHA] +PROTOCOL_ID= IPSEC_ESP +Transforms= QM-ESP-3DES-SHA-XF + +[QM-ESP-3DES-SHA-PFS] +PROTOCOL_ID= IPSEC_ESP +Transforms= QM-ESP-3DES-SHA-PFS-XF + +[QM-ESP-3DES-SHA-TRP] +PROTOCOL_ID= IPSEC_ESP +Transforms= QM-ESP-3DES-SHA-TRP-XF + +# AH MD5 + +[QM-AH-MD5] +PROTOCOL_ID= IPSEC_AH +Transforms= QM-AH-MD5-XF + +[QM-AH-MD5-PFS] +PROTOCOL_ID= IPSEC_AH +Transforms= QM-AH-MD5-PFS-XF + +# Quick mode transforms + +# ESP DES+MD5 + +[QM-ESP-DES-XF] +TRANSFORM_ID= DES +ENCAPSULATION_MODE= TUNNEL +Life= LIFE_600_SECS + +[QM-ESP-DES-MD5-XF] +TRANSFORM_ID= DES +ENCAPSULATION_MODE= TUNNEL +AUTHENTICATION_ALGORITHM= HMAC_MD5 +Life= LIFE_600_SECS + +[QM-ESP-DES-MD5-PFS-XF] +TRANSFORM_ID= DES +ENCAPSULATION_MODE= TUNNEL +GROUP_DESCRIPTION= MODP_768 +AUTHENTICATION_ALGORITHM= HMAC_MD5 +Life= LIFE_600_SECS + +[QM-ESP-DES-SHA-XF] +TRANSFORM_ID= DES +ENCAPSULATION_MODE= TUNNEL +AUTHENTICATION_ALGORITHM= HMAC_SHA +Life= LIFE_600_SECS + +# 3DES + +[QM-ESP-3DES-SHA-XF] +TRANSFORM_ID= 3DES +ENCAPSULATION_MODE= TUNNEL +AUTHENTICATION_ALGORITHM= HMAC_SHA +Life= LIFE_60_SECS + +[QM-ESP-3DES-SHA-PFS-XF] +TRANSFORM_ID= 3DES +ENCAPSULATION_MODE= TUNNEL +AUTHENTICATION_ALGORITHM= HMAC_SHA +GROUP_DESCRIPTION= MODP_1024 +Life= LIFE_60_SECS + +[QM-ESP-3DES-SHA-TRP-XF] +TRANSFORM_ID= 3DES +ENCAPSULATION_MODE= TRANSPORT +AUTHENTICATION_ALGORITHM= HMAC_SHA +Life= LIFE_60_SECS + +# AH + +[QM-AH-MD5-XF] +TRANSFORM_ID= MD5 +ENCAPSULATION_MODE= TUNNEL +AUTHENTICATION_ALGORITHM= HMAC_MD5 +Life= LIFE_600_SECS + +[QM-AH-MD5-PFS-XF] +TRANSFORM_ID= MD5 +ENCAPSULATION_MODE= TUNNEL +GROUP_DESCRIPTION= MODP_768 +Life= LIFE_600_SECS + +[LIFE_60_SECS] +LIFE_TYPE= SECONDS +LIFE_DURATION= 60,45:120 + +[LIFE_180_SECS] +LIFE_TYPE= SECONDS +LIFE_DURATION= 180,120:240 + +[LIFE_600_SECS] +LIFE_TYPE= SECONDS +LIFE_DURATION= 600,450:720 + +[LIFE_3600_SECS] +LIFE_TYPE= SECONDS +LIFE_DURATION= 3600,1800:7200 + +[LIFE_1000_KB] +LIFE_TYPE= KILOBYTES +LIFE_DURATION= 1000,768:1536 + +[LIFE_32_MB] +LIFE_TYPE= KILOBYTES +LIFE_DURATION= 32768,16384:65536 + +[LIFE_4.5_GB] +LIFE_TYPE= KILOBYTES +LIFE_DURATION= 4608000,4096000:8192000 + +[RSA_SIG] +CERT= /etc/isakmpd_cert +PRIVKEY= /etc/isakmpd_key +PUBKEY= /etc/isakmpd_key.pub diff --git a/sbin/isakmpd/samples/singlehost-west.gdb b/sbin/isakmpd/samples/singlehost-west.gdb new file mode 100644 index 00000000000..5315e46c792 --- /dev/null +++ b/sbin/isakmpd/samples/singlehost-west.gdb @@ -0,0 +1 @@ +r -d -D0=99 -D1=99 -D2=99 -D3=99 -D4=99 -D5=99 -fwest.fifo -c../samples/singlehost-west.conf |