summaryrefslogtreecommitdiff
path: root/sbin/ipsecctl/parse.y
AgeCommit message (Expand)Author
2006-05-29fix rule numbering (for -vv)Hans-Joerg Hoexer
2006-05-29merge expand_sa() and expand_rule().Hans-Joerg Hoexer
2006-05-29move generation of reverse flow rules to seperat function.Hans-Joerg Hoexer
2006-05-29unify expansion of SA rules. Needed for general rule expansion.Hans-Joerg Hoexer
2006-05-28when parsing host specifications, initialize host address queue pointers, notHans-Joerg Hoexer
2006-05-28prepare for rule expansion. Get rid of addr_node, link structHans-Joerg Hoexer
2006-05-28add ERANGE error detection, found when looking at bgpd's parse.yTodd T. Fries
2006-05-27allow to specify groups to be used IKEHans-Joerg Hoexer
2006-05-26\<char> is <char> except for \<newline> -- no exceptions. much like howTheo de Raadt
2006-05-15permit proto 0; ok hshoexerTheo de Raadt
2006-05-11fix some spelling; noticed by david@Hans-Joerg Hoexer
2006-04-20constify char *infile here, too. noticed by lint.Hans-Joerg Hoexer
2006-04-19add support for interface groups.Hans-Joerg Hoexer
2006-04-19small cleanup: no need to strdup here.Hans-Joerg Hoexer
2006-04-19"type" keyword to specify flow type (require, use, etc.)Hans-Joerg Hoexer
2006-04-19add hostname resolver.Hans-Joerg Hoexer
2006-04-13Add support for "local" to ike rules. Allows to specify the local IP to beHans-Joerg Hoexer
2006-03-31allow specification of encapsulated protocol for ike; ok hshoexerMarkus Friedl
2006-03-31allow specification of encapsulated protocol for flows; ok hshoexerMarkus Friedl
2006-03-30when resolving interface names to ip adresses, set netmask to all bits 1Hans-Joerg Hoexer
2006-03-30allow specification of outer local ips in flows (SADB_EXT_ADDRESS_SRC); ok hs...Markus Friedl
2006-03-22add support for macros in ipsec.conf(5). some bits have already beenReyk Floeter
2006-03-07add support for special "bypass" and "deny" flows.Reyk Floeter
2006-03-07add an ike option for road warrior setups (hosts with dynamic ipReyk Floeter
2006-01-20initialize authtype->string in case of RSA to avoid bad free()Christian Weisgerber
2006-01-17wrap long lines (no binary change)Reyk Floeter
2006-01-16add support for pre-shared keys with "ike esp" using the new keywordReyk Floeter
2005-12-12Correctly copy interface names; fixes breakage noticed by naddy@Hans-Joerg Hoexer
2005-12-06ipip support: ip-in-ip w/o gif(4); ok hshoexerMarkus Friedl
2005-12-01spacingTheo de Raadt
2005-11-27sanity check constraints for transforms.Hans-Joerg Hoexer
2005-11-27truly permit auth/enc/comp expressions to be in any orderTheo de Raadt
2005-11-26allow specficiation of encryption and authentication algorithms to be swapped.Hans-Joerg Hoexer
2005-11-24Remove old-style keyed sha1/md5. We only support hmac-sha1/md5.Hans-Joerg Hoexer
2005-11-12spacingHans-Joerg Hoexer
2005-11-12add support for interface names as host specificationsHans-Joerg Hoexer
2005-11-12permit TO/FROM to be swapped (symmetry is good); ok hshoexermkTheo de Raadt
2005-11-12simplify TAILQ walking code; ok hshoexerTheo de Raadt
2005-11-12spacingTheo de Raadt
2005-11-12do not stat() before open(); instead -- use fstat(); ok hshoexerTheo de Raadt
2005-11-12handle transport/tunnel modeHans-Joerg Hoexer
2005-11-06Improved address and address mask handling, derived from pfctl stuff.Hans-Joerg Hoexer
2005-11-06better handling of ip addresses, prepare for v6. Partially derived from diffHans-Joerg Hoexer
2005-10-30prepare for more flexible hostname resolver. Right now just v4, more to comeHans-Joerg Hoexer
2005-10-30add support for ipcomp.Hans-Joerg Hoexer
2005-10-28more error message cleanupHans-Joerg Hoexer
2005-10-16Prepare for better host specification parser: dns names, interfaces, etc. ButHans-Joerg Hoexer
2005-10-16Unset debug flag.Hans-Joerg Hoexer
2005-10-16Add keyword "any" for addresses, reduces to "0.0.0.0/0".Hans-Joerg Hoexer
2005-10-16cleanup messages generated by err(3)Hans-Joerg Hoexer
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-24 16:41:50 +0000