summaryrefslogtreecommitdiff
path: root/sbin/ipsecctl/ipsec.conf.5
AgeCommit message (Expand)Author
2022-02-04Fix another instance of incorrect capitalization of ChaCha20.Theo Buehler
2021-11-04Tweaks (improve previous commit)YASUOKA Masahiko
2021-11-04Clarify "aes" will accept keys which length is in 128:256 bits. AlsoYASUOKA Masahiko
2021-10-22After deleting hifn(4) the only provider for the LZS compressionAlexander Bluhm
2020-02-16Quote variables in pf tag stringskn
2020-02-10briefly mention /etc/examples/ in the FILES section of all theIngo Schwarze
2020-02-07Extend the ipsecctl(8) parser to set the udpencap flag and portAlexander Bluhm
2019-11-10Consistently use _rcctl enable foo_ in examples, it's simpler and lessLandry Breuil
2018-04-17Document how to avoid isakmpd(8) source IP address pitfalls by usingStefan Sperling
2017-11-23in isakmpd(8), provide a hint: from scott chelohaJason McIntyre
2017-10-27Support DH groups 19 to 21 and 25 to 30, just like iked(8) does.Martin Pieuchot
2017-04-14Up to now ipsecctl(8) grouped SAs with identical src and dst to theAlexander Bluhm
2015-12-09Remove plain DES encryption from IPsec.Christian Weisgerber
2015-11-01replace "can not" with "cannot";Jason McIntyre
2015-05-25bump up the default Diffie-Hellman group to modp3072; ok mikeb@ djm@Christian Weisgerber
2015-02-28Reduce usage of predefined strings in manpages.Anthony J. Bentley
2015-01-10tell the truth about DES.Igor Sobrado
2015-01-02PFS stands for Perfect Forward Secrecy.Igor Sobrado
2014-03-19Unify ipsec.conf(5)'s copy of the text dealing with multiline comments,Stuart Henderson
2013-11-01altq -> new queue in examplesHenning Brauer
2013-06-29do not use Sx for sections outwith the page;Jason McIntyre
2012-08-12Explicitly state that only two unit specifiers are recognized instead ofLawrence Teo
2012-07-13small tweak;Jason McIntyre
2012-07-13Change the configuration format fed to the isakmpd FIFO to be ableMike Belopuhov
2012-07-08Disallow manual security associations that use AES-CTR, AES-GCM,Christian Weisgerber
2012-06-30enable use of AES-{192,256}-CTR, and explicitly of AES-128-CTR, for IPsec ESPChristian Weisgerber
2012-04-24take a stab at documenting when arguments need quoted, and valid macroJason McIntyre
2011-11-13provide a specific section reference; from Lawrence TeoJason McIntyre
2011-09-03make -column lists pretty again;Jason McIntyre
2011-08-19as with other list types, column lists generally do not need a Pp/-compactJason McIntyre
2011-07-07We can mention ipcomp, since it worksTheo de Raadt
2011-06-24wrap previous onto a second lineStuart Henderson
2011-06-24nat-to rules require a directionStuart Henderson
2010-10-06Retire SkipjackMike Belopuhov
2010-09-23change description for AES-GMAC a bit.Mike Belopuhov
2010-09-22Support AES-GCM-16 (as aes-gcm) and ENCR_NULL_AUTH_AES_GMACMike Belopuhov
2010-09-19more wacky macro fixing;Jason McIntyre
2010-06-07fix a quoting wobble for the srcnat keyword; verified by reykJason McIntyre
2010-06-03update the manpages for isakmpd(8) and ipsec.conf(5) to point to iked(8)Reyk Floeter
2010-01-02Various syntax errors in list headers, found by mandoc(1),Ingo Schwarze
2009-10-21nat -> match...nat-to in example PF rule. ok mpf@Stuart Henderson
2009-01-29tweak previous;Jason McIntyre
2009-01-28Allow to specify ike and flow explicitly without peer. The anyAlexander Bluhm
2009-01-20Add support to isakmpd(8) and ipsecctl(8) to install SA's with aMarco Pfatschbacher
2008-11-29Explain how /32 changes the address type to IPV4_ADDR_SUBNET. From MitjaHans-Joerg Hoexer
2008-04-11add support for the "include" directive using code from pfctl/parse.y.Reyk Floeter
2008-02-22Support for specifying aes-{128,192,256}. Originial idea by PrabhuHans-Joerg Hoexer
2008-02-12document modifier types; requested by AurelienJason McIntyre
2007-09-17Document the syntax used with manual SAs for automatic creationStuart Henderson
2007-05-31convert to new .Dd format;Jason McIntyre
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-29 12:17:18 +0000