Age | Commit message (Collapse) | Author | |
---|---|---|---|
2010-06-03 | Fix Bug 5652 set ike/ipsec keying tries to forever | Mohit Mehta | |
2010-05-26 | 0.12.36debian/0.12.36 | Mohit Mehta | |
2010-05-26 | add passthrough connection if remote-subnet contains local-subnet | Mohit Mehta | |
2010-04-19 | 0.12.35debian/0.12.35 | Mohit Mehta | |
2010-04-19 | Fix Bug 5542 | Mohit Mehta | |
* add commment for op-mode commands' dependency on config-mode check | |||
2010-03-31 | 0.12.34debian/0.12.34 | Mohit Mehta | |
2010-03-31 | Fix Bug 5500 Unable to establish a VPN connection from a remote peer with a | Mohit Mehta | |
dynamic peer when using FQDN identifier for remote end * allow remote peer with dynamic IP to connect using Main Mode/PSK | |||
2010-03-30 | 0.12.33debian/0.12.33 | Stephen Hemminger | |
2010-03-28 | Fix perl critic warnings | Stephen Hemminger | |
Get rid of things deemed undesirable by Perl Best Practices: * Convert to 3 argument open. * Use local file handles | |||
2010-03-19 | Replace old form (expression) in end: tag | Stephen Hemminger | |
Use shell syntax. | |||
2010-03-18 | 0.12.32debian/0.12.32 | Mohit Mehta | |
2010-03-18 | Fix Bug 5087 add support to specify PFS group when PFS is enabled | Mohit Mehta | |
2010-02-17 | 0.12.31debian/0.12.31 | An-Cheng Huang | |
2010-02-05 | 0.12.30debian/0.12.30 | Mohit Mehta | |
2010-02-05 | 1. use correct notation to represent private,public networks | Mohit Mehta | |
i.e. use vhost:%priv,%no instead of %priv,%no. Previously used notation was never supposed to work. Corrected notation is what we use in l2tp/ipsec as well and is also recommended otherwise. 2. cannot use leftsourceip to add route when right-subnet is not specific is based on generalized private,public networks | |||
2010-01-30 | 0.12.29debian/0.12.29 | Mohit Mehta | |
2010-01-30 | Fix Bug 1832 VPN copy-tos Disabling copy-tos field doesn't work | Mohit Mehta | |
* remove copy-tos field under 'vpn ipsec'. It's not supposed to work with NETKEY | |||
2010-01-28 | 0.12.28debian/0.12.28 | Mohit Mehta | |
2010-01-28 | perltidy vpn-config.pl | Mohit Mehta | |
2010-01-28 | remove dead code. we use 'ipsec update' to update changes to connections now | Mohit Mehta | |
2010-01-25 | 0.12.27debian/0.12.27 | Mohit Mehta | |
2010-01-25 | add back CLI node for disabling uniqreqid | Mohit Mehta | |
2010-01-14 | 0.12.26debian/0.12.26 | Mohit Mehta | |
2010-01-14 | bump up ipsec version | Mohit Mehta | |
2010-01-12 | 0.12.25debian/0.12.25 | Mohit Mehta | |
2010-01-12 | use leftsourceip to add route to remote subnet | Mohit Mehta | |
(cherry picked from commit eb6d27497bab9e82218d8999778f7b4959fd34ea) | |||
2010-01-12 | Do not start IKEv2 daemon for now | Mohit Mehta | |
(cherry picked from commit 7fab51307ecaf65a7da880f60a97a73bda87e5c7) | |||
2010-01-12 | * remove extraneous unused code | Mohit Mehta | |
* use @id for identification when it's specified. It can be used even if local-ip is not 0.0.0.0 * extend syntax check for id to allow specifying hostnames * fix ipsec.secrets generation - if specified always use ids for local and remote peer (cherry picked from commit 3e7a4e45af00c11e6009d38fd97c67c2de0fa145) | |||
2010-01-12 | add comment to identify end of connection description | Mohit Mehta | |
(cherry picked from commit cb9ed22ae45d03fa37148273d02cef4a9a179d1d) | |||
2010-01-12 | no need to maintain state of connections and take state-specific actions for | Mohit Mehta | |
each connection when config changes. `ipsec update` in strongswan determines any changes in ipsec.conf and updates the configuration on running daemon (cherry picked from commit 55b703e669e0f792c04d29541d8fe00d2a9d624b) | |||
2010-01-12 | First pass code changes to vyatta-cfg-vpn for migration to strongswan : | Mohit Mehta | |
Remove CLI support and back-end code for unsupported parameters * No aggressive mode support in strongswan * remove syslog facility.level CLI. strongswan uses authpriv facility by default, no syslog parameter support * remove Robert's disable-uniqreqids option for now. need to get strongswan to do the same thing first Remove Openswan specific parameters added to workaroung bugs * remove plutowait, this was added to workaround Openswan Bug 412 * remove nhelpers, this was added to workaround Openswan Bug 198 Other Changes * add '!' at the end of ike and esp proposal list to signify end of list * replace `ipsec start` commands with built-in commands for `ipsec starter` control utility * replace `ipsec auto` with `ipsec whack` commands. Still need to figure out if `ipsec auto --add|--up $connection` could be replaces by simply using `ipsec update` in stronswan * change pluto.ctl path | |||
2010-01-12 | vyatta-cfg-vpn depends on vyatta-ipsec provided by vyatta-strongswan | Mohit Mehta | |
(cherry picked from commit f830e7cfd66d7cf368d47cd5dea47dd26711875a) | |||
2009-12-02 | 0.12.24debian/0.12.24 | Mohit Mehta | |
2009-11-30 | 0.12.22 | Michael Larson | |
2009-11-30 | added required keyword to help text. | Michael Larson | |
2009-11-25 | 0.12.21debian/0.12.21 | Mohit Mehta | |
2009-11-25 | 0.12.19 | Mohit Mehta | |
2009-11-25 | pptp config check not needed when vpn ipsec is configured | Mohit Mehta | |
2009-11-13 | 0.12.18debian/0.12.18 | Michael Larson | |
2009-11-13 | dependency update | Michael Larson | |
2009-11-06 | 0.12.17debian/0.12.17 | An-Cheng Huang | |
2009-11-06 | use vyatta openswan | An-Cheng Huang | |
2009-11-02 | 0.12.16debian/0.12.16 | Mohit Mehta | |
2009-11-02 | more formatting clean-up | Mohit Mehta | |
2009-11-02 | indent and reformat script using perltidy in hope of making it easier to read | Mohit Mehta | |
2009-10-27 | add support for same reqids to openswan cfg | Robert Bays | |
2009-10-20 | 0.12.15debian/0.12.15 | slioch | |
2009-10-20 | add priority to project node. | slioch | |
2009-10-09 | 0.12.14debian/0.12.14 | Mohit Mehta | |
2009-10-09 | add allowed values for ike, esp groups | Mohit Mehta | |