| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2006-09-24 | No point in checking for a NULL ifi after we've used it. Plus ifi is | Kenneth R Westerback | |
| set once in main() and used everywhere without further checks. From Matthew R. Dempsky via tech@ | |||
| 2006-09-22 | Remove lfs_cleanerd and mount_lfs | Pedro Martelletto | |
| 2006-09-22 | - document which parts need to be packet filtered, and why | Jason McIntyre | |
| - move example ruleset into a more logical order - correct the if-bound example (spotted by hshoexer) help/ok markus hshoexer | |||
| 2006-09-22 | typo in err(); from bret.lambert@gmail.com, thanks! | Hans-Joerg Hoexer | |
| 2006-09-21 | Those were supposed to go away... | Pedro Martelletto | |
| 2006-09-21 | Remove newlfs, okay weingart@ deraadt@ | Pedro Martelletto | |
| 2006-09-20 | remove references to bad144(8) man page; | Jason McIntyre | |
| 2006-09-20 | -.Xr dumplfs 8 , | Jason McIntyre | |
| 2006-09-20 | Remove dumplfs, okay millert@ miod@ | Pedro Martelletto | |
| 2006-09-19 | sort SAs by spi; ok hshoexer | Markus Friedl | |
| 2006-09-19 | Use S_IS* macros insted of masking with S_IF* flags. The latter may | Otto Moerbeek | |
| have multiple bits set, which leads to surprising results. Spotted by/partly from Paul Stoeber, more to come. ok ho@ miod@ hshoexer@ | |||
| 2006-09-18 | KNF and clean some trailing white spaces, no binary change. | Hans-Joerg Hoexer | |
| 2006-09-17 | correct mode for open(). | Marc Balmer | |
| 2006-09-15 | reorganise the sections to make more sense; | Jason McIntyre | |
| ok hshoexer ho | |||
| 2006-09-15 | clarification; | Jason McIntyre | |
| 2006-09-15 | add in filtering rules to allow keying daemons to talk; | Jason McIntyre | |
| help/ok markus | |||
| 2006-09-15 | Remove "Delete-SAs" config option. This was needed for interaction | Hans-Joerg Hoexer | |
| with sasyncd(8). Now sasyncd(8) controls isakmpd(8) regarding SA deletion so this option is obsolete. ok mpf jmc | |||
| 2006-09-14 | simplify an example. ok jmc@ | Hans-Joerg Hoexer | |
| 2006-09-13 | use "proto ipencap" for the gateway filter rules; | Jason McIntyre | |
| pointed out by msf; explained by markus | |||
| 2006-09-12 | note that enc traffic is unecrypted; from mpf | Jason McIntyre | |
| 2006-09-12 | no need to Xr isakmpd.conf.5; | Jason McIntyre | |
| 2006-09-12 | add a section on packet filtering ipsec traffic; | Jason McIntyre | |
| input henning markus mcbride ok mcbride hshoexer | |||
| 2006-09-11 | improvememnts for `local', `peer', and `psk'; ok hshoexer | Jason McIntyre | |
| 2006-09-11 | - document how to set ipsec stuff running at boot | Jason McIntyre | |
| - remove hazy tcp md5 blurb ok hshoexer | |||
| 2006-09-11 | - sort options | Jason McIntyre | |
| - no need for .Pp between list items | |||
| 2006-09-09 | point people towards ipsec.conf.5; after some discussion w/ reyk | Jason McIntyre | |
| ok hshoexer reyk | |||
| 2006-09-07 | note that we can filter ipsec traffic on the enc interface; | Jason McIntyre | |
| 2006-09-07 | improve the tcpmd5 section; ok claudio hshoexer | Jason McIntyre | |
| 2006-09-07 | move all the auth/enc/group stuff into one definitive section; | Jason McIntyre | |
| help from ho hshoexer | |||
| 2006-09-06 | start to group the parameters for AUTOMATIC KEYING in a more logical way; | Jason McIntyre | |
| ok hshoexer | |||
| 2006-09-05 | knock out a ton of Aq/Xo/Xc that was either unneeded, or just plain wrong; | Jason McIntyre | |
| 2006-09-05 | document line splitting using `\'; | Jason McIntyre | |
| 2006-09-05 | slight text shuffle, and make the isakmpd bits clearer; | Jason McIntyre | |
| ok hshoexer | |||
| 2006-09-04 | some wording fixes for the section headers and minor tweaks; | Jason McIntyre | |
| 2006-09-04 | document comments, address syntax, and list expansion; | Jason McIntyre | |
| remove some duplicate text; ok hshoexer | |||
| 2006-09-03 | Add drivers | Marco Peereboom | |
| ok jmc miod | |||
| 2006-09-01 | a little better text for the sections; ok hshoexer | Jason McIntyre | |
| 2006-09-01 | use shell-independent examples; | Jason McIntyre | |
| 2006-09-01 | Add a new UI command to force isakmpd into passive only mode. | Marco Pfatschbacher | |
| Will be used by sasyncd to prevent two talking isakmpd's in an HA setup. Based on a diff by ho@. OK ho@, hshoexer@, deraadt@ | |||
| 2006-08-31 | document an issue with subjectAltName found by reyk; | Jason McIntyre | |
| ok hshoexer ho reyk | |||
| 2006-08-31 | Security Association Database is abbreviated 'SAD' (RFC 2401 et al), not ↵ | Hakan Olsson | |
| 'SADB'. jmc@, hshoexer@ ok. | |||
| 2006-08-31 | knock out the cpp/m4 stuff from MACROS; after discussion with many... | Jason McIntyre | |
| 2006-08-31 | some improvements to srcid and destid, as noted by mpf; | Jason McIntyre | |
| ok hshoexer mpf | |||
| 2006-08-31 | remove a confusing sentence; ok hshoexer ho | Jason McIntyre | |
| 2006-08-31 | expand DESCRIPTION; input from ho hshoexer naddy | Jason McIntyre | |
| 2006-08-31 | adjust link detection further: if no link, bring interface up and check | Theo de Raadt | |
| for link for 10 seconds. otherwise, if there was link, no problem! ok henning, claudio, tested by others | |||
| 2006-08-31 | clarify an .Sh; agreed with hshoexer | Jason McIntyre | |
| 2006-08-30 | fix isakmpd -Ka, as used by bgpd, or acquire flows set up via ipsecctl. | Henning Brauer | |
| acquire flows need to be recorded on the fly via connection_record_passive(), otherwise later lookups fail and the policy check fails. ok hshoexer ho markus msf deraadt | |||
| 2006-08-30 | rewording; from reyk cloder hshoexer | Jason McIntyre | |
| ok ho | |||
| 2006-08-30 | need to retry writing to pfkey socket on EAGAIN, ok theo hshoexer | Henning Brauer | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |