| Age | Commit message (Collapse) | Author |
|---|
|
Current permission is not executable
$ ls -la /opt/vyatta/sbin//vyatta-gen-x509-keypair
-rw-r--r-- 1 root root 345 May 11 2016 /opt/vyatta/sbin//vyatta-gen-x509-keypair
Fix template path
$ sudo /opt/vyatta/sbin//vyatta-gen-x509-keypair foo
Can't open /etc/key-pair.template for reading, No such file or directory
Expected path '/opt/vyatta/etc/key-pair.template'
|
|
With command "restart vpn" in some cases charon process is not
fully loaded when is used DMVPN. It is impossible to load
"swanctl -q" configuration while "charon" not loaded
Add timeout and wait until charon will be available, after that
load swanctl configuration
|
|
After command "restart vpn" nhrp/IPSec configuration not loaded
Add checks if nhrp exist in the configuration and help to load it
via swanctl.
|
|
The current resetting is affected for parent SA, in that case
all child SA's are ressetting
This commit fix such behaviour for correct resetting child SA's.
|
|
|
|
Strongswan 'ipsec status' command changed output format.
|
|
|
|
Conflicts:
templates/show/vpn/ipsec/sa/nat-traversal/node.def.in
templates/show/vpn/ipsec/sa/node.def
templates/show/vpn/ipsec/status/node.def.in
|
|
* Non-maintainer upload.
* address lintian issues
- script-not-executable: removed #!/usr/bin/perl from .pm files
- debhelper-but-no-misc-depends: added ${misc:Depends} to Depends: field
- debian-rules-missing-recommended-target: added build-arch build-indep
- out-of-date-standards-version: updated standards version to 3.9.4
- package-contains-linda-override: removed linda override
- file-in-unusual-dir: not triggering, removed from override
- script-with-language-extension: renamed vyatta-gen-x509-keypair.sh
vyatta-gen-x509-keypair
* address dpkg-gencontrol issue:
- unknown substitution variable ${shlibs:Depends} - removed
* address dpkg-source issue:
- debian/source/format set to "3.0 (native)"
* removed all references to /opt/vyatta but one from source
Signed-off-by: C.J. Collier <cjcollier@linuxfoundation.org>
|
|
Address debconf warnings
|
|
Since pluto doesn't exist anymore in strongSwan 5.0 and later series,
we are updating references from pluto* to charon*.
|
|
ipsec.conf file
Commenting out the tunnel and restoring it does not reset the tunnel.
Use the ipsec commands to actually bring it down and back up to properly
reset the tunnel.
|
|
* Non-maintainer upload.
* address lintian issues
- script-not-executable: removed #!/usr/bin/perl from .pm files
- debhelper-but-no-misc-depends: added ${misc:Depends} to Depends: field
- debian-rules-missing-recommended-target: added build-arch build-indep
- out-of-date-standards-version: updated standards version to 3.9.4
- package-contains-linda-override: removed linda override
- file-in-unusual-dir: not triggering, removed from override
- script-with-language-extension: renamed vyatta-gen-x509-keypair.sh
vyatta-gen-x509-keypair
* address dpkg-gencontrol issue:
- unknown substitution variable ${shlibs:Depends} - removed
* address dpkg-source issue:
- debian/source/format set to "3.0 (native)"
Signed-off-by: C.J. Collier <cjcollier@linuxfoundation.org>
|
|
|
|
Look for addresses using the local-address node rather than the local-ip node.
VyOS Bug #331 http://bugzilla.vyos.net/show_bug.cgi?id=331
|
|
The command "show vpn ike rsa-keys" currently displays the full system
file path rather than using the shorter config path. This sets it to
display the config path instead.
Bug #278 http://bugzilla.vyos.net/show_bug.cgi?id=278
|
|
If the command "generate vpn rsa-key" is aborted during key generation
it leaves behind a temporary file. If the command is then executed
again, this temporary file is appended to rather than being replaced,
resulting in a key file with an extra : RSA { line at the beginning.
This patch checks if this temporary file exists, deleting it if it
does.
Bug #262 http://bugzilla.vyos.net/show_bug.cgi?id=262
|
|
|
|
|
|
|
|
|
|
Add a new cli 'reset vpn ipsec-peer <peer-ip> vti'.
|
|
(cherry picked from commit dc6d6a389a1648ebd3240691d76edf7fa523d05d)
|
|
|
|
private key)
|
|
* use shorter /config path when presenting configuration directory to users
|
|
|
|
|
|
|
|
|
|
|
|
Adjustments for showing per tunnel information; Fix parsing of ipsecstatus all when using GRE matching
|
|
functions; Cleaned up formatting
|
|
functions; Processes 6000 tunnel configuration in approx 2 sec.
|
|
nat-traversal'; Clean up formatting
|
|
'show vpn ipsec sa'
|
|
static values more efficient
|
|
where peer is set to '@<id>'
|
|
redundant information in 'show vpn ipsec sa detail'
|
|
on peer better; Add show ike secrets
|
|
|
|
pending addition of ipv6
|
|
format for 'show vpn ipsec sa' for pending addition of ipv6
|
|
|
|
configure mode
|
|
NAT-T detection to 'ip xfrm'
|
|
information more efficient
|
|
|
|
|
|
|
