summaryrefslogtreecommitdiff
path: root/lib/Vyatta/VPN
AgeCommit message (Collapse)Author
2017-03-23Fix VTI interface configuration to set both ikey and okeySylvain Munaut
Without this, the outgoing traffic is marked and encrypted but incoming traffic isn't properly forwarded to the VTI and just gets dropped. Partially Fixes T137 Signed-off-by: Sylvain Munaut <s.munaut@whatever-company.com>
2016-02-23Update vpn check file from "charon.ctl" to "charon.pid".Kim Hagen
2015-03-01Exclude '0s' from public key string input in rsa_convert_pubkey_pemRyan Riske
2015-03-01Add support for RSA keys with strongSwan 5.2.xRyan Riske
strongSwan 5.2.x no longer recognizes keys in RFC 3110 format inlined in ipsec.conf and ipsec.secrets. We need to convert the local private key and peer public keys to PEM format, without changing the config templates or user-visible key formats. This patch will require the Debian packages 'libcrypt-openssl-bignum-perl' and 'libcrypt-openssl-rsa-perl' to be added to the system.
2015-02-07Update references from pluto.ctl to charon.ctlJeff Leung
This needs to be updated or VPN configurations won't be properly handled on subsequent updates.
2014-12-04vyatta-cfg-vpn: formatting changes for style consistencyAlex Harpin
Update lib/Vyatta/VPN/vtiIntf.pm to have consistent identation levels and style throughout.
2014-12-04vyatta-cfg-vpn: reduce the vti mark base to prevent integer overflowAlex Harpin
Reduce the vtiMarkBase value to prevent integer overflow on the created ip xfrm states and policies.
2014-12-04vyatta-cfg-vpn: update parseVtiTun to account for vti changesAlex Harpin
Update the parseVtiTun function to account for the new way of configuring VTIs. Bug #358 http://bugzilla.vyos.net/show_bug.cgi?id=358
2014-12-04vyatta-cfg-vpn: move scripts/vtiIntf.pm to lib/Vyatta/VPN/vtiIntf.pmAlex Harpin
Move vtiIntf.pm to a more logical place, in line with all the other packages.
2011-06-15Bugfix 6767: Move /tmp/ipsec.log to /var/log/vyatta and rotate it.Bob Gilligan
2011-03-08Fix perlcritic errorsJohn Southworth
2011-02-03Initial additions to support local and remote protoport in general instead ↵John Southworth
of just for GRE
2010-03-28Fix perl critic warningsStephen Hemminger
Get rid of things deemed undesirable by Perl Best Practices: * Convert to 3 argument open. * Use local file handles
2010-01-12First pass code changes to vyatta-cfg-vpn for migration to strongswan :Mohit Mehta
Remove CLI support and back-end code for unsupported parameters * No aggressive mode support in strongswan * remove syslog facility.level CLI. strongswan uses authpriv facility by default, no syslog parameter support * remove Robert's disable-uniqreqids option for now. need to get strongswan to do the same thing first Remove Openswan specific parameters added to workaroung bugs * remove plutowait, this was added to workaround Openswan Bug 412 * remove nhelpers, this was added to workaround Openswan Bug 198 Other Changes * add '!' at the end of ike and esp proposal list to signify end of list * replace `ipsec start` commands with built-in commands for `ipsec starter` control utility * replace `ipsec auto` with `ipsec whack` commands. Still need to figure out if `ipsec auto --add|--up $connection` could be replaces by simply using `ipsec update` in stronswan * change pluto.ctl path
2008-11-24Convert to Vyatta:: hierarchyStephen Hemminger
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-20 07:04:04 +0000