Age | Commit message (Expand) | Author |
2006-11-24 | add support to tag ipsec traffic belonging to specific IKE-initiated | Reyk Floeter |
2006-11-24 | fix typo for remote port; from Brian Candler | Markus Friedl |
2006-11-21 | do not delete sections that might be shared with other connections | Markus Friedl |
2006-11-01 | KNF unrelated to previous commit. | Ryan Thomas McBride |
2006-11-01 | Add support for aggressive mode (from the k2k6 IPsec hackathon). | Ryan Thomas McBride |
2006-09-18 | KNF and clean some trailing white spaces, no binary change. | Hans-Joerg Hoexer |
2006-08-30 | actually use the right value for USER_FQDN | Mathieu Sauve-Frankel |
2006-08-29 | add support for ufqdn ids in ike rules | Mathieu Sauve-Frankel |
2006-08-29 | Add support for IKE AH rules to ipsecctl. Man page input by jmc@. | Christian Weisgerber |
2006-07-21 | When no peer is specified, no peer address is defined, thus do not use it. | Hans-Joerg Hoexer |
2006-06-18 | add group "none"; when choosen, pfs will be disabled. | Hans-Joerg Hoexer |
2006-06-16 | add a missing "force" | Hans-Joerg Hoexer |
2006-06-15 | be careful when touch the peer component of a rule. It is not | Hans-Joerg Hoexer |
2006-06-13 | For IKE, allow main mode SHA2 and quick mode AESCTR transforms, | Christian Weisgerber |
2006-06-10 | switch back to original defaults regarding DH groups. modp3072 is to | Hans-Joerg Hoexer |
2006-06-08 | fix some indentation, noticed by david@ | Hans-Joerg Hoexer |
2006-06-08 | Add a transport mode specifier to ike rules. Tunnel mode remains the default. | Christian Weisgerber |
2006-06-08 | allocate enough storage via sockaddr_storage for sockaddr_in6, | Todd T. Fries |
2006-06-08 | Fix a typo: When testing for quick mode lifetimes, make sure to | Hans-Joerg Hoexer |
2006-06-02 | support tcp/udp port modifiers in ike rules | Christian Weisgerber |
2006-06-02 | allow to specify phase 1 and 2 lifetimes. Right now, these values | Hans-Joerg Hoexer |
2006-06-02 | Simplify main/quick mode parsing and generation of the actual ike config. | Hans-Joerg Hoexer |
2006-06-01 | change the local-ID section name to always be unique as we may want to use mo... | Mathieu Sauve-Frankel |
2006-06-01 | knf | Hans-Joerg Hoexer |
2006-06-01 | permit feeding isakmpd.fifo IPv6 addresses | Todd T. Fries |
2006-06-01 | Generate correct configuration for default peers. | Hans-Joerg Hoexer |
2006-05-31 | Small function header knf. | Hans-Joerg Hoexer |
2006-05-31 | Prepare for handling unnamed remote peers. | Hans-Joerg Hoexer |
2006-05-28 | matching brackets are useful | Todd T. Fries |
2006-05-27 | allow to specify groups to be used IKE | Hans-Joerg Hoexer |
2006-05-15 | delete weird C | Theo de Raadt |
2006-04-13 | Add support for "local" to ike rules. Allows to specify the local IP to be | Hans-Joerg Hoexer |
2006-03-31 | allow do delete dynamic rules | Hans-Joerg Hoexer |
2006-03-31 | allow specification of encapsulated protocol for ike; ok hshoexer | Markus Friedl |
2006-03-31 | allow specification of encapsulated protocol for flows; ok hshoexer | Markus Friedl |
2006-03-20 | When being verbose while deleting ike rules (-dv), print deletions instead of | Hans-Joerg Hoexer |
2006-03-20 | When adding a connection, do not explicitly start that connection | Hans-Joerg Hoexer |
2006-03-07 | add an ike option for road warrior setups (hosts with dynamic ip | Reyk Floeter |
2006-02-03 | override authentication tag as well; ok hshoexer@ | Christian Weisgerber |
2006-02-02 | Two fixes: generate default main mode config when using PSK, added missing | Hans-Joerg Hoexer |
2006-01-17 | spacing | Theo de Raadt |
2006-01-16 | add support for pre-shared keys with "ike esp" using the new keyword | Reyk Floeter |
2005-12-28 | no close() after fdopen(); ok hshoexer@ | Christian Weisgerber |
2005-12-28 | make sure isakmpd fifo is actually a fifo. | Hans-Joerg Hoexer |
2005-12-12 | use err() instead of errx() | Hans-Joerg Hoexer |
2005-11-24 | Remove old-style keyed sha1/md5. We only support hmac-sha1/md5. | Hans-Joerg Hoexer |
2005-11-12 | spacing | Theo de Raadt |
2005-11-06 | Improved address and address mask handling, derived from pfctl stuff. | Hans-Joerg Hoexer |
2005-11-06 | better handling of ip addresses, prepare for v6. Partially derived from diff | Hans-Joerg Hoexer |
2005-10-28 | more error message cleanup | Hans-Joerg Hoexer |