summaryrefslogtreecommitdiff
path: root/sbin/ipsecctl
AgeCommit message (Collapse)Author
2005-09-23- beef up DESCRIPTIONJason McIntyre
- document that paths to key files may be relative or absolute - reference vpn(8) in SEE ALSO most of this diff came about from a mail from benjamin pineau who mailed hshoexer and myself about some possible improvements to this file; ok hshoexer@
2005-09-23Remove some uncommented section headers from the template man page (RETURNHans-Joerg Hoexer
VALUES, BUGS, CAVEATS,...). While there, add HISTORY section.
2005-09-22use "force" keyword when adding to Phase 1 section, otherwise isakmpd willHans-Joerg Hoexer
write some annyoing warning to the logs...
2005-09-20add an entry to "Phase 1" section for each remote peer.Hans-Joerg Hoexer
2005-09-20add a "Connection=..." entry for active connectionsHans-Joerg Hoexer
2005-09-19grammar;Jason McIntyre
from benjamin pineau; ok hshoexer@
2005-08-23grammar + formatting tweaks;Jason McIntyre
2005-08-22document recent changesHans-Joerg Hoexer
ok deraadt
2005-08-22Teach ipsecctl to control isakmpd.Hans-Joerg Hoexer
ok deraadt
2005-08-22spellingDavid Krause
2005-08-19more useful error messageHans-Joerg Hoexer
2005-08-11document recent changes, with jmc@Hans-Joerg Hoexer
2005-08-10- typoJason McIntyre
- generate a backslash using `\e', not `\\'
2005-08-09Document how to read keys from a file.Hans-Joerg Hoexer
2005-08-09Rewrite handling of transforms. Now both ah and esp can be specified andHans-Joerg Hoexer
validated correctly. Unbreaks ah.
2005-08-09Correct keysize for 3des-cbcHans-Joerg Hoexer
2005-08-08pfkey pieces for static keying, enable static keyingHans-Joerg Hoexer
2005-08-08add crypto transforms and static keying rulesHans-Joerg Hoexer
2005-08-08prepare for static keyingHans-Joerg Hoexer
2005-08-05more key handling stuff.Hans-Joerg Hoexer
2005-08-05prepare for authentication and encryption keys, not used yet.Hans-Joerg Hoexer
2005-08-05simplify a bit.Hans-Joerg Hoexer
2005-08-03be more careful when using struct ipsec_auth, might be NULL now.Hans-Joerg Hoexer
2005-08-02Make use of struct ipsec_auth dynamic.Hans-Joerg Hoexer
Do not pass IDs to kernel when deleting flows.
2005-07-24use correct function names in error messagesHans-Joerg Hoexer
2005-07-24prepare for combining SAs and flows in one single rule, no functional changeHans-Joerg Hoexer
yet.
2005-07-23document automatic generation of reverse SA rules.Hans-Joerg Hoexer
2005-07-23add automatic creation of reverse SAs.Hans-Joerg Hoexer
A tcpmd5 rule like: tcpmd5 from 192.168.3.28 to 192.168.3.14 spi 0x2000:0x2001 \ key 0xbeefdead:0xdeadbeef expands now to: tcpmd5 from 192.168.3.28 to 192.168.3.14 spi 0x00002000 key 0xbeefdead tcpmd5 from 192.168.3.14 to 192.168.3.28 spi 0x00002001 key 0xdeadbeef
2005-07-23prepare for specifying both in and out key, not used yet.Hans-Joerg Hoexer
2005-07-23prepare for specifying incoming and outgoing SPIs, not used yet.Hans-Joerg Hoexer
2005-07-10allow reading key from a fileHans-Joerg Hoexer
2005-07-10tweaks;Jason McIntyre
ok hshoexer@
2005-07-10tweaks;Jason McIntyre
2005-07-09Mention tcpmd5, .Xr ipsec(4) and tcp(4).Hans-Joerg Hoexer
2005-07-09forgot to .Xr tcp(4)Hans-Joerg Hoexer
2005-07-09describe how to setup tcpmd5Hans-Joerg Hoexer
2005-07-09make sure, output of -ss is identical to syntax for SA rulesHans-Joerg Hoexer
2005-07-09it's ok to not specify the key when deleting a tcpmd5 SAHans-Joerg Hoexer
2005-07-09also bail out when pfkey returns ESRCH (eg. trying to delete a non-existing SA)Hans-Joerg Hoexer
2005-07-09small cleanupsHans-Joerg Hoexer
2005-07-09add support tcpmd5Hans-Joerg Hoexer
2005-07-09Provide infrastructure for adding/deleting SAs, will be used by tcpmd5 andHans-Joerg Hoexer
manual keying. Not used yet.
2005-07-07set flow type (use, require, etc.) when a rule is created. Up to now this wasHans-Joerg Hoexer
done while crafting the corresponding pfkey message.
2005-07-07Do not mix rule types with flow typesHans-Joerg Hoexer
2005-07-07add type for rules; will need this for tcpmd5Hans-Joerg Hoexer
2005-07-07add prototype for pfkey_parse()Hans-Joerg Hoexer
2005-06-30grmpf, forgot to add -d to usage()...Hans-Joerg Hoexer
2005-06-30Document -dHans-Joerg Hoexer
2005-06-30add -d flag for flow deletion. Enable flow deletion.Hans-Joerg Hoexer
2005-06-30clarify: -F flushes both SPD and SADBHans-Joerg Hoexer
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-28 10:00:00 +0000