summaryrefslogtreecommitdiff
path: root/sbin/ipsecctl/ipsec.conf.5
AgeCommit message (Expand)Author
2006-07-22corrections from alexey e. suslikov;Jason McIntyre
2006-06-28document lists, prodded by david@Hans-Joerg Hoexer
2006-06-18add group "none"; when choosen, pfs will be disabled.Hans-Joerg Hoexer
2006-06-14recover list of key sizes from vpn(8); suggested by markus@, ok hshoexer@Christian Weisgerber
2006-06-13For IKE, allow main mode SHA2 and quick mode AESCTR transforms,Christian Weisgerber
2006-06-11the default encryption algorithm with static keying is AES-CBC now; ok hshoexer@Christian Weisgerber
2006-06-11Adopt to recent changes (mopd3072 is not the default anymore).Hans-Joerg Hoexer
2006-06-08Add a transport mode specifier to ike rules. Tunnel mode remains the default.Christian Weisgerber
2006-06-02correct spelling of specifiedDavid Krause
2006-06-02document port modifiers in ike rulesChristian Weisgerber
2006-06-02mark up keywords using .Ic; ok hshoexerJason McIntyre
2006-06-01address has two `d', and i had to use a dictionary to check ;)Jason McIntyre
2006-06-01document port matching in flows; ok hshoexer@Christian Weisgerber
2006-05-28missing `Ar';Jason McIntyre
2006-05-27Adresses can be specified in CIDR notation, as symbolic host names, interfaceHans-Joerg Hoexer
2006-05-27allow to specify groups to be used IKEHans-Joerg Hoexer
2006-05-26vpn.8 removal;Jason McIntyre
2006-05-18paramter -> parameterMiod Vallat
2006-04-19"type" keyword to specify flow type (require, use, etc.)Hans-Joerg Hoexer
2006-04-19add hostname resolver.Hans-Joerg Hoexer
2006-04-13Add support for "local" to ike rules. Allows to specify the local IP to beHans-Joerg Hoexer
2006-04-12document that tunnel and transport mode can be specified for SAs.Hans-Joerg Hoexer
2006-03-31tweaks;Jason McIntyre
2006-03-31allow specification of encapsulated protocol for ike; ok hshoexerMarkus Friedl
2006-03-31allow specification of encapsulated protocol for flows; ok hshoexerMarkus Friedl
2006-03-31uppercase `ip';Jason McIntyre
2006-03-30allow specification of outer local ips in flows (SADB_EXT_ADDRESS_SRC); ok hs...Markus Friedl
2006-03-22add support for macros in ipsec.conf(5). some bits have already beenReyk Floeter
2006-03-07add support for special "bypass" and "deny" flows.Reyk Floeter
2006-03-07add an ike option for road warrior setups (hosts with dynamic ipReyk Floeter
2006-02-21The new default encryption algorithm for main mode is AES instead of 3DES.Hans-Joerg Hoexer
2006-01-16add support for pre-shared keys with "ike esp" using the new keywordReyk Floeter
2005-12-06ipip support: ip-in-ip w/o gif(4); ok hshoexerMarkus Friedl
2005-11-24"hmac" not "hmc", notice by <gwyllion at ulyssis dot org>Hans-Joerg Hoexer
2005-11-24Make clear we only have "hmac-sha1" and "hmac-md5".Hans-Joerg Hoexer
2005-10-30- SEE ALSO is sorted by section firstJason McIntyre
2005-10-30Xr ipcomp, sort "SEE ALSO" sectionHans-Joerg Hoexer
2005-10-30describe ipcompHans-Joerg Hoexer
2005-10-16Add keyword "any" for addresses, reduces to "0.0.0.0/0".Hans-Joerg Hoexer
2005-09-23- beef up DESCRIPTIONJason McIntyre
2005-09-19grammar;Jason McIntyre
2005-08-23grammar + formatting tweaks;Jason McIntyre
2005-08-22document recent changesHans-Joerg Hoexer
2005-08-22spellingDavid Krause
2005-08-11document recent changes, with jmc@Hans-Joerg Hoexer
2005-08-10- typoJason McIntyre
2005-08-09Document how to read keys from a file.Hans-Joerg Hoexer
2005-08-05prepare for authentication and encryption keys, not used yet.Hans-Joerg Hoexer
2005-07-23document automatic generation of reverse SA rules.Hans-Joerg Hoexer
2005-07-10tweaks;Jason McIntyre
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-02 14:42:33 +0000