Age | Commit message (Expand) | Author |
2006-09-11 | improvememnts for `local', `peer', and `psk'; ok hshoexer | Jason McIntyre |
2006-09-11 | - document how to set ipsec stuff running at boot | Jason McIntyre |
2006-09-07 | note that we can filter ipsec traffic on the enc interface; | Jason McIntyre |
2006-09-07 | improve the tcpmd5 section; ok claudio hshoexer | Jason McIntyre |
2006-09-07 | move all the auth/enc/group stuff into one definitive section; | Jason McIntyre |
2006-09-06 | start to group the parameters for AUTOMATIC KEYING in a more logical way; | Jason McIntyre |
2006-09-05 | knock out a ton of Aq/Xo/Xc that was either unneeded, or just plain wrong; | Jason McIntyre |
2006-09-05 | document line splitting using `\'; | Jason McIntyre |
2006-09-05 | slight text shuffle, and make the isakmpd bits clearer; | Jason McIntyre |
2006-09-04 | some wording fixes for the section headers and minor tweaks; | Jason McIntyre |
2006-09-04 | document comments, address syntax, and list expansion; | Jason McIntyre |
2006-09-01 | a little better text for the sections; ok hshoexer | Jason McIntyre |
2006-08-31 | Security Association Database is abbreviated 'SAD' (RFC 2401 et al), not 'SAD... | Hakan Olsson |
2006-08-31 | knock out the cpp/m4 stuff from MACROS; after discussion with many... | Jason McIntyre |
2006-08-31 | some improvements to srcid and destid, as noted by mpf; | Jason McIntyre |
2006-08-31 | expand DESCRIPTION; input from ho hshoexer naddy | Jason McIntyre |
2006-08-31 | clarify an .Sh; agreed with hshoexer | Jason McIntyre |
2006-08-30 | can get EAGAIN when writing to the pfkey socket; same change as bgpd, | Henning Brauer |
2006-08-30 | cut down the examples; ok hshoexer | Jason McIntyre |
2006-08-30 | partial backout of last commit | Markus Friedl |
2006-08-30 | some tcp md5 bits; | Jason McIntyre |
2006-08-30 | comment out some comp stuff i missed earlier; | Jason McIntyre |
2006-08-30 | better wording for the key generation section; | Jason McIntyre |
2006-08-30 | kill more redundant text, and an oops; | Jason McIntyre |
2006-08-30 | remove some repeated text, and shuffle a little; | Jason McIntyre |
2006-08-30 | one more from ho; | Jason McIntyre |
2006-08-30 | correction; from ho | Jason McIntyre |
2006-08-30 | knock out some redundant text; from ho | Jason McIntyre |
2006-08-30 | put the PFS stuff in the right place; | Jason McIntyre |
2006-08-30 | actually use the right value for USER_FQDN | Mathieu Sauve-Frankel |
2006-08-30 | print extensions with type SADB_EXT_MAX, too; ok hshoexer, reyk, msf | Markus Friedl |
2006-08-30 | knock out ipcomp for now; | Jason McIntyre |
2006-08-30 | put this page into a better structure order | Jason McIntyre |
2006-08-29 | add support for ufqdn ids in ike rules | Mathieu Sauve-Frankel |
2006-08-29 | Add support for IKE AH rules to ipsecctl. Man page input by jmc@. | Christian Weisgerber |
2006-07-22 | corrections from alexey e. suslikov; | Jason McIntyre |
2006-07-21 | When no peer is specified, no peer address is defined, thus do not use it. | Hans-Joerg Hoexer |
2006-06-28 | document lists, prodded by david@ | Hans-Joerg Hoexer |
2006-06-18 | add group "none"; when choosen, pfs will be disabled. | Hans-Joerg Hoexer |
2006-06-16 | add a missing "force" | Hans-Joerg Hoexer |
2006-06-16 | report the correct line number on an error. Noticed by david@ | Hans-Joerg Hoexer |
2006-06-15 | be careful when touch the peer component of a rule. It is not | Hans-Joerg Hoexer |
2006-06-14 | recover list of key sizes from vpn(8); suggested by markus@, ok hshoexer@ | Christian Weisgerber |
2006-06-13 | For IKE, allow main mode SHA2 and quick mode AESCTR transforms, | Christian Weisgerber |
2006-06-12 | Fix a typo that prevented ipsecctl -ss from showing authentication | Christian Weisgerber |
2006-06-11 | the default encryption algorithm with static keying is AES-CBC now; ok hshoexer@ | Christian Weisgerber |
2006-06-11 | As naddy@ pointed out RFC 3686 discourages use of AESCTR for static | Hans-Joerg Hoexer |
2006-06-11 | Adopt to recent changes (mopd3072 is not the default anymore). | Hans-Joerg Hoexer |
2006-06-10 | Better error message when a key file can not be opened or the provided key is | Hans-Joerg Hoexer |
2006-06-10 | switch back to original defaults regarding DH groups. modp3072 is to | Hans-Joerg Hoexer |