summaryrefslogtreecommitdiff
path: root/sbin/ipsecctl/parse.y
AgeCommit message (Expand)Author
2006-06-18add group "none"; when choosen, pfs will be disabled.Hans-Joerg Hoexer
2006-06-16report the correct line number on an error. Noticed by david@Hans-Joerg Hoexer
2006-06-11As naddy@ pointed out RFC 3686 discourages use of AESCTR for staticHans-Joerg Hoexer
2006-06-10Better error message when a key file can not be opened or the provided key isHans-Joerg Hoexer
2006-06-10knf & careful data freeing, regression tested by toddTheo de Raadt
2006-06-08fix some indentation, noticed by david@Hans-Joerg Hoexer
2006-06-08Add a transport mode specifier to ike rules. Tunnel mode remains the default.Christian Weisgerber
2006-06-08turns out this really doesn't break what is in the tree; ok hshoexer@Todd T. Fries
2006-06-07make sure, we initialize unspecified keys and spis. Noticed byHans-Joerg Hoexer
2006-06-07Do not yet expand the "any" keyword to v6 addresses. ok todd@Hans-Joerg Hoexer
2006-06-07remove unused prototype, ok todd@Hans-Joerg Hoexer
2006-06-02support tcp/udp port modifiers in ike rulesChristian Weisgerber
2006-06-02allow to specify phase 1 and 2 lifetimes. Right now, these valuesHans-Joerg Hoexer
2006-06-02simplify handling of peers.Hans-Joerg Hoexer
2006-06-02some more cleanup and simplification, no functional change.Hans-Joerg Hoexer
2006-06-02put src and dst host in dedicated structure. Make the API moreHans-Joerg Hoexer
2006-06-02Simplify main/quick mode parsing and generation of the actual ike config.Hans-Joerg Hoexer
2006-06-02Generalize parsing of main/quick mode specification. PreparationHans-Joerg Hoexer
2006-06-02Prepare for parsing lifetimes for ike main and quick mode. Not enabled yet.Hans-Joerg Hoexer
2006-06-01Final bits for SA grouping.Hans-Joerg Hoexer
2006-06-01Support flows with port modifiers for proto tcp/udp, e.g.Christian Weisgerber
2006-06-01print actual key size when warning about the wrong key size; ok hshoexerMarkus Friedl
2006-06-01spacingTheo de Raadt
2006-06-01knfHans-Joerg Hoexer
2006-06-01add more v6 support, this round `any' expands additionally to ::/0Todd T. Fries
2006-06-01When no peer is specified, make this rule a "catch-all" rule for any remoteHans-Joerg Hoexer
2006-05-31white spacesHans-Joerg Hoexer
2006-05-31add basicTodd T. Fries
2006-05-29enable lists.Hans-Joerg Hoexer
2006-05-29Provide functions for copying members of rules. Implement copyrule()Hans-Joerg Hoexer
2006-05-29unify code a little bit (consistent variable names).Hans-Joerg Hoexer
2006-05-29Also return proper list of addresses for interface groups.Hans-Joerg Hoexer
2006-05-29As the rule expansion is now aware of host lists, host_if() has toHans-Joerg Hoexer
2006-05-29teach expand_rule() to iterate over host lists, not used yet.Hans-Joerg Hoexer
2006-05-29fix rule numbering (for -vv)Hans-Joerg Hoexer
2006-05-29merge expand_sa() and expand_rule().Hans-Joerg Hoexer
2006-05-29move generation of reverse flow rules to seperat function.Hans-Joerg Hoexer
2006-05-29unify expansion of SA rules. Needed for general rule expansion.Hans-Joerg Hoexer
2006-05-28when parsing host specifications, initialize host address queue pointers, notHans-Joerg Hoexer
2006-05-28prepare for rule expansion. Get rid of addr_node, link structHans-Joerg Hoexer
2006-05-28add ERANGE error detection, found when looking at bgpd's parse.yTodd T. Fries
2006-05-27allow to specify groups to be used IKEHans-Joerg Hoexer
2006-05-26\<char> is <char> except for \<newline> -- no exceptions. much like howTheo de Raadt
2006-05-15permit proto 0; ok hshoexerTheo de Raadt
2006-05-11fix some spelling; noticed by david@Hans-Joerg Hoexer
2006-04-20constify char *infile here, too. noticed by lint.Hans-Joerg Hoexer
2006-04-19add support for interface groups.Hans-Joerg Hoexer
2006-04-19small cleanup: no need to strdup here.Hans-Joerg Hoexer
2006-04-19"type" keyword to specify flow type (require, use, etc.)Hans-Joerg Hoexer
2006-04-19add hostname resolver.Hans-Joerg Hoexer
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-03 12:14:28 +0000