Age | Commit message (Expand) | Author |
2012-09-18 | remove the SADB_X_SAFLAGS_{HALFIV,RANDOMPADDING,NOREPLAY} pfkey-API (not set | Markus Friedl |
2012-09-17 | unbreak the last commit by making sure that the transform name | Markus Friedl |
2012-09-15 | Encode the transform parameters in the transform name, too. | Markus Friedl |
2012-08-30 | Do not issue a spurious "force" when "group none" is specified. | Christian Weisgerber |
2012-08-12 | Explicitly state that only two unit specifiers are recognized instead of | Lawrence Teo |
2012-07-13 | small tweak; | Jason McIntyre |
2012-07-13 | Change the configuration format fed to the isakmpd FIFO to be able | Mike Belopuhov |
2012-07-10 | Rename "life" to "lifetime" to match iked. | Lawrence Teo |
2012-07-09 | Fix typo in warning message. | Lawrence Teo |
2012-07-08 | Disallow manual security associations that use AES-CTR, AES-GCM, | Christian Weisgerber |
2012-07-07 | copy&paste mistake in error message | Christian Weisgerber |
2012-07-05 | don't output "esn" string in the rule section as we can't use the | Mike Belopuhov |
2012-06-30 | enable use of AES-{192,256}-CTR, and explicitly of AES-128-CTR, for IPsec ESP | Christian Weisgerber |
2012-06-29 | Print esn flag when dumping SAs with ESN enabled | Mike Belopuhov |
2012-04-24 | take a stab at documenting when arguments need quoted, and valid macro | Jason McIntyre |
2012-03-24 | fix some leaks | Jonathan Gray |
2011-12-20 | unsigned long should use "%lu" format; from eric lax, thanks | Mike Belopuhov |
2011-11-13 | provide a specific section reference; from Lawrence Teo | Jason McIntyre |
2011-11-08 | - put -i in the right place | Jason McIntyre |
2011-11-08 | mention default fifo path, sthen. previous manpage changes were ok jmc, plus | Henning Brauer |
2011-11-08 | allow the path to isakmpd's fifo to be specified (aka changed) on the | Henning Brauer |
2011-09-03 | make -column lists pretty again; | Jason McIntyre |
2011-08-19 | as with other list types, column lists generally do not need a Pp/-compact | Jason McIntyre |
2011-07-07 | We can mention ipcomp, since it works | Theo de Raadt |
2011-07-06 | For non-crypted flows (such as ipcomp and ipip), default their | Theo de Raadt |
2011-06-24 | wrap previous onto a second line | Stuart Henderson |
2011-06-24 | nat-to rules require a direction | Stuart Henderson |
2011-04-13 | print flags in hex; from hshoexer@; ok mikeb@ mpf@ | Markus Friedl |
2010-10-15 | fixup generation of suites string for isakmpd wrt "group none" | Mike Belopuhov |
2010-10-06 | Retire Skipjack | Mike Belopuhov |
2010-09-23 | change description for AES-GMAC a bit. | Mike Belopuhov |
2010-09-22 | Support AES-GCM-16 (as aes-gcm) and ENCR_NULL_AUTH_AES_GMAC | Mike Belopuhov |
2010-09-19 | more wacky macro fixing; | Jason McIntyre |
2010-08-03 | fix linecount bug with comments spanning multiple lines | Henning Brauer |
2010-07-01 | support dumping the new SADB_X_EXT_TAP extension. | Reyk Floeter |
2010-06-07 | fix a quoting wobble for the srcnat keyword; verified by reyk | Jason McIntyre |
2010-06-03 | update the manpages for isakmpd(8) and ipsec.conf(5) to point to iked(8) | Reyk Floeter |
2010-05-10 | Various comment typos. 'wether' -> 'whether' (most popular), 'possiblity' -> | Kenneth R Westerback |
2010-01-02 | Various syntax errors in list headers, found by mandoc(1), | Ingo Schwarze |
2009-11-13 | Don't use [] in function arguments when dealing with arrays | Jonathan Gray |
2009-10-21 | nat -> match...nat-to in example PF rule. ok mpf@ | Stuart Henderson |
2009-10-04 | When IKE is operating in dynamic mode and no srcid is given, the hostname | Joel Sing |
2009-08-04 | Specify an ID-type of IPV4_ADDR or IPV6_ADDR if the srcid or dstid is | Joel Sing |
2009-03-31 | Fixed memory leaks which would occur if the second of two memory | Tobias Stoeckmann |
2009-01-30 | If the "peer" address is not specified or derived from "to" for | Alexander Bluhm |
2009-01-29 | After checking that peer == NULL do not assign peer = NULL a few | Alexander Bluhm |
2009-01-29 | tweak previous; | Jason McIntyre |
2009-01-28 | Allow to specify ike and flow explicitly without peer. The any | Alexander Bluhm |
2009-01-27 | A warning text in ipsecctl was used twice. Make the messages unique | Alexander Bluhm |
2009-01-20 | Add support to isakmpd(8) and ipsecctl(8) to install SA's with a | Marco Pfatschbacher |