| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2006-09-15 | reorganise the sections to make more sense; | Jason McIntyre | |
| ok hshoexer ho | |||
| 2006-09-15 | clarification; | Jason McIntyre | |
| 2006-09-15 | add in filtering rules to allow keying daemons to talk; | Jason McIntyre | |
| help/ok markus | |||
| 2006-09-15 | Remove "Delete-SAs" config option. This was needed for interaction | Hans-Joerg Hoexer | |
| with sasyncd(8). Now sasyncd(8) controls isakmpd(8) regarding SA deletion so this option is obsolete. ok mpf jmc | |||
| 2006-09-14 | simplify an example. ok jmc@ | Hans-Joerg Hoexer | |
| 2006-09-13 | use "proto ipencap" for the gateway filter rules; | Jason McIntyre | |
| pointed out by msf; explained by markus | |||
| 2006-09-12 | note that enc traffic is unecrypted; from mpf | Jason McIntyre | |
| 2006-09-12 | no need to Xr isakmpd.conf.5; | Jason McIntyre | |
| 2006-09-12 | add a section on packet filtering ipsec traffic; | Jason McIntyre | |
| input henning markus mcbride ok mcbride hshoexer | |||
| 2006-09-11 | improvememnts for `local', `peer', and `psk'; ok hshoexer | Jason McIntyre | |
| 2006-09-11 | - document how to set ipsec stuff running at boot | Jason McIntyre | |
| - remove hazy tcp md5 blurb ok hshoexer | |||
| 2006-09-11 | - sort options | Jason McIntyre | |
| - no need for .Pp between list items | |||
| 2006-09-09 | point people towards ipsec.conf.5; after some discussion w/ reyk | Jason McIntyre | |
| ok hshoexer reyk | |||
| 2006-09-07 | note that we can filter ipsec traffic on the enc interface; | Jason McIntyre | |
| 2006-09-07 | improve the tcpmd5 section; ok claudio hshoexer | Jason McIntyre | |
| 2006-09-07 | move all the auth/enc/group stuff into one definitive section; | Jason McIntyre | |
| help from ho hshoexer | |||
| 2006-09-06 | start to group the parameters for AUTOMATIC KEYING in a more logical way; | Jason McIntyre | |
| ok hshoexer | |||
| 2006-09-05 | knock out a ton of Aq/Xo/Xc that was either unneeded, or just plain wrong; | Jason McIntyre | |
| 2006-09-05 | document line splitting using `\'; | Jason McIntyre | |
| 2006-09-05 | slight text shuffle, and make the isakmpd bits clearer; | Jason McIntyre | |
| ok hshoexer | |||
| 2006-09-04 | some wording fixes for the section headers and minor tweaks; | Jason McIntyre | |
| 2006-09-04 | document comments, address syntax, and list expansion; | Jason McIntyre | |
| remove some duplicate text; ok hshoexer | |||
| 2006-09-03 | Add drivers | Marco Peereboom | |
| ok jmc miod | |||
| 2006-09-01 | a little better text for the sections; ok hshoexer | Jason McIntyre | |
| 2006-09-01 | use shell-independent examples; | Jason McIntyre | |
| 2006-09-01 | Add a new UI command to force isakmpd into passive only mode. | Marco Pfatschbacher | |
| Will be used by sasyncd to prevent two talking isakmpd's in an HA setup. Based on a diff by ho@. OK ho@, hshoexer@, deraadt@ | |||
| 2006-08-31 | document an issue with subjectAltName found by reyk; | Jason McIntyre | |
| ok hshoexer ho reyk | |||
| 2006-08-31 | Security Association Database is abbreviated 'SAD' (RFC 2401 et al), not ↵ | Hakan Olsson | |
| 'SADB'. jmc@, hshoexer@ ok. | |||
| 2006-08-31 | knock out the cpp/m4 stuff from MACROS; after discussion with many... | Jason McIntyre | |
| 2006-08-31 | some improvements to srcid and destid, as noted by mpf; | Jason McIntyre | |
| ok hshoexer mpf | |||
| 2006-08-31 | remove a confusing sentence; ok hshoexer ho | Jason McIntyre | |
| 2006-08-31 | expand DESCRIPTION; input from ho hshoexer naddy | Jason McIntyre | |
| 2006-08-31 | adjust link detection further: if no link, bring interface up and check | Theo de Raadt | |
| for link for 10 seconds. otherwise, if there was link, no problem! ok henning, claudio, tested by others | |||
| 2006-08-31 | clarify an .Sh; agreed with hshoexer | Jason McIntyre | |
| 2006-08-30 | fix isakmpd -Ka, as used by bgpd, or acquire flows set up via ipsecctl. | Henning Brauer | |
| acquire flows need to be recorded on the fly via connection_record_passive(), otherwise later lookups fail and the policy check fails. ok hshoexer ho markus msf deraadt | |||
| 2006-08-30 | rewording; from reyk cloder hshoexer | Jason McIntyre | |
| ok ho | |||
| 2006-08-30 | need to retry writing to pfkey socket on EAGAIN, ok theo hshoexer | Henning Brauer | |
| 2006-08-30 | can get EAGAIN when writing to the pfkey socket; same change as bgpd, | Henning Brauer | |
| ok hshoexer | |||
| 2006-08-30 | Make SA deletion on shutdown the default again. Use -S for failover | Hans-Joerg Hoexer | |
| situations where you do not want this. Discussed and agreed on with ho, mcbride, markus, cloder,... We will have to teach sasyncd to deal with this. Testing by msf and hshoexer with help from mtu ok markus cloder | |||
| 2006-08-30 | Back out r1.103, which caused SA's to leak until memory was exhausted. | Chad Loder | |
| OK hshoexer, nathanael, mpf, "get that in" deraadt | |||
| 2006-08-30 | cut down the examples; ok hshoexer | Jason McIntyre | |
| 2006-08-30 | partial backout of last commit | Markus Friedl | |
| 2006-08-30 | some tcp md5 bits; | Jason McIntyre | |
| 2006-08-30 | comment out some comp stuff i missed earlier; | Jason McIntyre | |
| 2006-08-30 | better wording for the key generation section; | Jason McIntyre | |
| 2006-08-30 | kill more redundant text, and an oops; | Jason McIntyre | |
| 2006-08-30 | remove some repeated text, and shuffle a little; | Jason McIntyre | |
| 2006-08-30 | one more from ho; | Jason McIntyre | |
| 2006-08-30 | correction; from ho | Jason McIntyre | |
| 2006-08-30 | knock out some redundant text; from ho | Jason McIntyre | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |