Age | Commit message (Expand) | Author |
2009-01-20 | Add support to isakmpd(8) and ipsecctl(8) to install SA's with a | Marco Pfatschbacher |
2008-07-01 | Isakmpd acquire mode did not work with a config generated from | Alexander Bluhm |
2008-02-22 | Support for specifying aes-{128,192,256}. Originial idea by Prabhu | Hans-Joerg Hoexer |
2008-01-04 | Strip off trailing '/32' when address type is IPV4_ADDR as isakmpd does | Hans-Joerg Hoexer |
2007-03-16 | move autodetection of the ID type to the parser. this way the | Markus Friedl |
2007-02-19 | Bits for ESP+NULL encryption. This is useful, when AH can not be | Hans-Joerg Hoexer |
2006-12-18 | call ike_setup_ids from a more appropriate location. | Mathieu Sauve-Frankel |
2006-11-30 | typo: wrong rid for protocol | Markus Friedl |
2006-11-30 | use rmv to unregister ipsec connections; ok hshoexer, ho | Markus Friedl |
2006-11-30 | handle multiple SAs with different same src/dst but different port; | Markus Friedl |
2006-11-24 | add support to tag ipsec traffic belonging to specific IKE-initiated | Reyk Floeter |
2006-11-24 | fix typo for remote port; from Brian Candler | Markus Friedl |
2006-11-21 | do not delete sections that might be shared with other connections | Markus Friedl |
2006-11-01 | KNF unrelated to previous commit. | Ryan Thomas McBride |
2006-11-01 | Add support for aggressive mode (from the k2k6 IPsec hackathon). | Ryan Thomas McBride |
2006-09-18 | KNF and clean some trailing white spaces, no binary change. | Hans-Joerg Hoexer |
2006-08-30 | actually use the right value for USER_FQDN | Mathieu Sauve-Frankel |
2006-08-29 | add support for ufqdn ids in ike rules | Mathieu Sauve-Frankel |
2006-08-29 | Add support for IKE AH rules to ipsecctl. Man page input by jmc@. | Christian Weisgerber |
2006-07-21 | When no peer is specified, no peer address is defined, thus do not use it. | Hans-Joerg Hoexer |
2006-06-18 | add group "none"; when choosen, pfs will be disabled. | Hans-Joerg Hoexer |
2006-06-16 | add a missing "force" | Hans-Joerg Hoexer |
2006-06-15 | be careful when touch the peer component of a rule. It is not | Hans-Joerg Hoexer |
2006-06-13 | For IKE, allow main mode SHA2 and quick mode AESCTR transforms, | Christian Weisgerber |
2006-06-10 | switch back to original defaults regarding DH groups. modp3072 is to | Hans-Joerg Hoexer |
2006-06-08 | fix some indentation, noticed by david@ | Hans-Joerg Hoexer |
2006-06-08 | Add a transport mode specifier to ike rules. Tunnel mode remains the default. | Christian Weisgerber |
2006-06-08 | allocate enough storage via sockaddr_storage for sockaddr_in6, | Todd T. Fries |
2006-06-08 | Fix a typo: When testing for quick mode lifetimes, make sure to | Hans-Joerg Hoexer |
2006-06-02 | support tcp/udp port modifiers in ike rules | Christian Weisgerber |
2006-06-02 | allow to specify phase 1 and 2 lifetimes. Right now, these values | Hans-Joerg Hoexer |
2006-06-02 | Simplify main/quick mode parsing and generation of the actual ike config. | Hans-Joerg Hoexer |
2006-06-01 | change the local-ID section name to always be unique as we may want to use mo... | Mathieu Sauve-Frankel |
2006-06-01 | knf | Hans-Joerg Hoexer |
2006-06-01 | permit feeding isakmpd.fifo IPv6 addresses | Todd T. Fries |
2006-06-01 | Generate correct configuration for default peers. | Hans-Joerg Hoexer |
2006-05-31 | Small function header knf. | Hans-Joerg Hoexer |
2006-05-31 | Prepare for handling unnamed remote peers. | Hans-Joerg Hoexer |
2006-05-28 | matching brackets are useful | Todd T. Fries |
2006-05-27 | allow to specify groups to be used IKE | Hans-Joerg Hoexer |
2006-05-15 | delete weird C | Theo de Raadt |
2006-04-13 | Add support for "local" to ike rules. Allows to specify the local IP to be | Hans-Joerg Hoexer |
2006-03-31 | allow do delete dynamic rules | Hans-Joerg Hoexer |
2006-03-31 | allow specification of encapsulated protocol for ike; ok hshoexer | Markus Friedl |
2006-03-31 | allow specification of encapsulated protocol for flows; ok hshoexer | Markus Friedl |
2006-03-20 | When being verbose while deleting ike rules (-dv), print deletions instead of | Hans-Joerg Hoexer |
2006-03-20 | When adding a connection, do not explicitly start that connection | Hans-Joerg Hoexer |
2006-03-07 | add an ike option for road warrior setups (hosts with dynamic ip | Reyk Floeter |
2006-02-03 | override authentication tag as well; ok hshoexer@ | Christian Weisgerber |
2006-02-02 | Two fixes: generate default main mode config when using PSK, added missing | Hans-Joerg Hoexer |