vyatta-op-vpn (0.13.75) unstable; urgency=low * new branch -- Deepti Kulkarni Thu, 07 Jul 2011 20:58:28 -0700 vyatta-op-vpn (0.13.74) unstable; urgency=low * Fix off by one error on byte conversion function -- John Southworth Wed, 06 Jul 2011 20:33:10 -0500 vyatta-op-vpn (0.13.73) unstable; urgency=low * remove extraneous debug output -- John Southworth Thu, 16 Jun 2011 13:06:53 -0500 vyatta-op-vpn (0.13.72) unstable; urgency=low * Bugfix 7146: parse properly when port is only setup on one endpoint -- John Southworth Thu, 09 Jun 2011 13:13:27 -0500 vyatta-op-vpn (0.13.71) unstable; urgency=low * fix parsing of esp string when only one side has data. Remove attempt to figure out the dh-group when the pfs-group shows Phase1, since it doesn't work properly -- John Southworth Tue, 17 May 2011 18:47:20 -0500 vyatta-op-vpn (0.13.70) unstable; urgency=low * fix special case for wildcard peer since it uses 'EVENT_SA_REPLACE_IF_USED' on initial connection -- John Southworth Thu, 05 May 2011 16:16:48 -0500 vyatta-op-vpn (0.13.69) unstable; urgency=low * Add ability to generate an x509 key pair (certificate signing request, private key) -- John Southworth Thu, 05 May 2011 12:19:43 -0500 vyatta-op-vpn (0.13.68) unstable; urgency=low * Fix Bug 7010 Update commands to save/retrieve files from /config -- Mohit Mehta Wed, 04 May 2011 17:44:05 -0700 vyatta-op-vpn (0.13.67) unstable; urgency=low * Fix perlcritic error -- John Southworth Tue, 08 Mar 2011 13:10:33 -0600 vyatta-op-vpn (0.13.66) unstable; urgency=low * Moved the diffie-hellman group out to the 'show vpn ike sa' command as it is related to phase1 and not phase2. Processing of the value still happens in the 'show vpn ipsec sa detail' code as it may need the value because if now pfs group is defined for phase2 it uses the same group as phase1 -- John Southworth Mon, 28 Feb 2011 20:14:27 -0600 vyatta-op-vpn (0.13.65) unstable; urgency=low * Diffie-Hellman group is an ike parameter, moving it to the peer level of the detailed ipsec output -- John Southworth Mon, 28 Feb 2011 17:19:20 -0600 vyatta-op-vpn (0.13.64) unstable; urgency=low * Print description for a peer from the configuration if it is configured in the show commands -- John Southworth Mon, 28 Feb 2011 12:17:51 -0600 vyatta-op-vpn (0.13.63) unstable; urgency=low * add a function to get the ike state of a peer * add a function to get the ike state of a peer -- John Southworth Fri, 25 Feb 2011 18:38:13 -0600 vyatta-op-vpn (0.13.62) unstable; urgency=low * Fix 'show vpn ike status' -- John Southworth Fri, 25 Feb 2011 16:01:54 -0600 vyatta-op-vpn (0.13.61) unstable; urgency=low * Make 'show vpn ipsec status' aware of the dhcp-interface option -- John Southworth Thu, 24 Feb 2011 19:22:32 -0600 vyatta-op-vpn (0.13.60) unstable; urgency=low * Fix case where local-ip is 0.0.0.0 -- John Southworth Thu, 24 Feb 2011 11:55:06 -0600 vyatta-op-vpn (0.13.59) unstable; urgency=low * Remove old op mode commands from build -- John Southworth Tue, 22 Feb 2011 16:53:19 -0600 vyatta-op-vpn (0.13.58) unstable; urgency=low * Clean up some duplicate code in OPMode module -- John Southworth Tue, 22 Feb 2011 12:45:45 -0600 vyatta-op-vpn (0.13.57) unstable; urgency=low * Fix a special case where the peer is 0.0.0.0 for op-mode commands -- John Southworth Fri, 18 Feb 2011 16:51:02 -0600 vyatta-op-vpn (0.13.56) unstable; urgency=low * Make spacing between peers more noticable -- John Southworth Fri, 11 Feb 2011 16:34:43 -0600 vyatta-op-vpn (0.13.55) unstable; urgency=low * Changed output of ipsec opmode to be cleaner, minor adjustment -- John Southworth Fri, 11 Feb 2011 16:20:22 -0600 vyatta-op-vpn (0.13.54) unstable; urgency=low * Changed output of ipsec opmode to be cleaner -- John Southworth Fri, 11 Feb 2011 16:11:07 -0600 vyatta-op-vpn (0.13.53) unstable; urgency=low * Faster per peer/tunnel processing for operational mode commands -- John Southworth Thu, 10 Feb 2011 16:10:15 -0600 vyatta-op-vpn (0.13.52) unstable; urgency=low * Initial x509 for site-to-site ipsec vpn -- John Southworth Tue, 08 Feb 2011 19:06:49 -0600 vyatta-op-vpn (0.13.51) unstable; urgency=low * Fix parsing when only the left subnet is configured -- John Southworth Mon, 07 Feb 2011 18:38:18 -0600 vyatta-op-vpn (0.13.50) unstable; urgency=low * Bugfix 5802: add auto-update feature, for Dynamic DNS peers -- John Southworth Mon, 07 Feb 2011 16:00:36 -0600 vyatta-op-vpn (0.13.49) unstable; urgency=low * Fix filehandlers to conform to perl style guidelines -- John Southworth Mon, 07 Feb 2011 12:34:09 -0600 vyatta-op-vpn (0.13.48) unstable; urgency=low * Allow debugging of specific peers and tunnels -- John Southworth Fri, 04 Feb 2011 17:44:05 -0600 vyatta-op-vpn (0.13.47) unstable; urgency=low * Fix handling of IKE SA's in show commands -- John Southworth Fri, 04 Feb 2011 17:22:23 -0600 vyatta-op-vpn (0.13.46) unstable; urgency=low * Work on new IPsec operational mode script. Since protocol must be the same on local and remote we can show it on the brief output -- John Southworth Fri, 04 Feb 2011 13:25:45 -0600 vyatta-op-vpn (0.13.45) unstable; urgency=low * Work on new IPsec operational mode script. Cleanup output for protoport -- John Southworth Thu, 03 Feb 2011 20:11:00 -0600 vyatta-op-vpn (0.13.44) unstable; urgency=low * Work on new IPsec operational mode script. Initial additions to support local/remote protoport -- John Southworth Thu, 03 Feb 2011 19:19:55 -0600 vyatta-op-vpn (0.13.43) unstable; urgency=low * Work on new IPsec operational mode script. Split into perl module; Adjustments for showing per tunnel information; Fix parsing of ipsecstatus all when using GRE matching -- John Southworth Wed, 02 Feb 2011 18:15:45 -0600 vyatta-op-vpn (0.13.42) unstable; urgency=low * Work on new IPsec operational mode script. Removed calls to external functions; Processes 6000 tunnel configuration in approx 2 sec. * Work on new IPsec operational mode script. Removed calls to external functions; Cleaned up formatting -- John Southworth Tue, 01 Feb 2011 20:06:09 -0600 vyatta-op-vpn (0.13.41) unstable; urgency=low * Work on new IPsec operational mode script. Fix 'show vpn ipsec sa nat-traversal'; Clean up formatting -- John Southworth Tue, 01 Feb 2011 17:16:17 -0600 vyatta-op-vpn (0.13.40) unstable; urgency=low * Work on new IPsec operational mode script. Add more relevent information to 'show vpn ipsec sa' -- John Southworth Tue, 01 Feb 2011 15:42:59 -0600 vyatta-op-vpn (0.13.39) unstable; urgency=low * Work on new IPsec operational mode script. Make processing of natt and static values more efficient -- John Southworth Tue, 01 Feb 2011 12:23:01 -0600 vyatta-op-vpn (0.13.38) unstable; urgency=low * Work on new IPsec operational mode script. Added sorting and fixed cases where peer is set to '@' -- John Southworth Mon, 31 Jan 2011 20:16:05 -0600 vyatta-op-vpn (0.13.37) unstable; urgency=low * Work on new IPsec operational mode script. Rework to reduce the amount of redundant information in 'show vpn ipsec sa detail' -- John Southworth Mon, 31 Jan 2011 14:31:26 -0600 vyatta-op-vpn (0.13.36) unstable; urgency=low * Work on new IPsec operational mode script. Fix some syntax; make show based on peer better; Add show ike secrets -- John Southworth Mon, 31 Jan 2011 13:02:09 -0600 vyatta-op-vpn (0.13.35) unstable; urgency=low * Work on new IPsec operational mode script. Integrate with more CLI commands -- John Southworth Mon, 31 Jan 2011 11:46:38 -0600 vyatta-op-vpn (0.13.34) unstable; urgency=low * Work on new IPsec operational mode script. New format for commands for the pending addition of ipv6 -- John Southworth Mon, 31 Jan 2011 10:59:49 -0600 vyatta-op-vpn (0.13.33) unstable; urgency=low * Work on new IPsec operational mode script. Clean up capitalization; New format for 'show vpn ipsec sa' for pending addition of ipv6 -- John Southworth Fri, 28 Jan 2011 19:56:02 -0600 vyatta-op-vpn (0.13.32) unstable; urgency=low * Work on new IPsec operational mode script. Integrated with the vyatta-cli -- John Southworth Fri, 28 Jan 2011 13:59:08 -0600 vyatta-op-vpn (0.13.31) unstable; urgency=low * Work on new IPsec operational mode script. Fixed some output bugs -- John Southworth Fri, 28 Jan 2011 13:29:54 -0600 vyatta-op-vpn (0.13.30) unstable; urgency=low * Work on new IPsec operational mode script. Fixed script to work when not in configure mode -- John Southworth Fri, 28 Jan 2011 11:42:21 -0600 vyatta-op-vpn (0.13.29) unstable; urgency=low * Work on new IPsec operational mode script. setkey is deprecated so switched NAT-T detection to 'ip xfrm' -- John Southworth Thu, 27 Jan 2011 20:03:01 -0600 vyatta-op-vpn (0.13.28) unstable; urgency=low * Work on new IPsec operational mode script. Made processing of NAT-T information more efficient -- John Southworth Thu, 27 Jan 2011 19:22:48 -0600 vyatta-op-vpn (0.13.27) unstable; urgency=low * Work on new IPsec operational mode script. Initial NAT-T detection code * Work on new IPsec operational mode script. Fixed inverted SPIs * Work on new IPsec operational mode script. Better NAT-T detection * Work on new IPsec operational mode script. Cleaned up some un-need output -- John Southworth Thu, 27 Jan 2011 18:56:37 -0600 vyatta-op-vpn (0.13.26) unstable; urgency=low * Work on new IPsec operational mode script. Still needs a way to detect NAT-T -- John Southworth Thu, 27 Jan 2011 17:23:03 -0600 vyatta-op-vpn (0.13.25) unstable; urgency=low * Add new operational mode script, doesn't replace current programs yet but included in package; Related to bugs: 5305 and 6228 -- John Southworth Mon, 24 Jan 2011 11:10:20 -0600 vyatta-op-vpn (0.13.24) unstable; urgency=low * Bugfix 2837: Change vpn rsa-key generate to generate vpn rsa-key to be more consistent with the rest of the system -- John Southworth Fri, 21 Jan 2011 18:55:27 -0600 vyatta-op-vpn (0.13.23) unstable; urgency=low * Make adjustment so OP mode can deal with new secrets file format -- John Southworth Thu, 20 Jan 2011 19:23:51 -0600 vyatta-op-vpn (0.13.22) unstable; urgency=low * new branch -- An-Cheng Huang Tue, 28 Dec 2010 13:51:13 -0800 vyatta-op-vpn (0.13.21) unstable; urgency=low * UNRELEASED -- An-Cheng Huang Thu, 02 Sep 2010 18:30:14 -0700 vyatta-op-vpn (0.13.20) unstable; urgency=low * fix squeeze build issues -- An-Cheng Huang Fri, 27 Aug 2010 16:02:21 -0700 vyatta-op-vpn (0.13.19) unstable; urgency=low * remove CLI backend env variables usage -- An-Cheng Huang Wed, 11 Aug 2010 17:18:44 -0700 vyatta-op-vpn (0.13.18) unstable; urgency=low * fix incorrect types to work with 64-bit -- An-Cheng Huang Tue, 27 Jul 2010 11:59:29 -0700 vyatta-op-vpn (0.13.17) unstable; urgency=low * UNRELEASED -- An-Cheng Huang Thu, 22 Jul 2010 17:25:26 -0700 vyatta-op-vpn (0.13.16) unstable; urgency=low * part of fix for BZ 5839 - move clear process cmds under restart -- Mohit Mehta Tue, 20 Jul 2010 14:19:49 -0700 vyatta-op-vpn (0.13.15) unstable; urgency=low * remove op-mode command to show vpn route in table 220 -- Mohit Mehta Wed, 26 May 2010 20:15:33 -0700 vyatta-op-vpn (0.13.14) unstable; urgency=low * Fix Bug 5542 -- Mohit Mehta Mon, 19 Apr 2010 18:48:17 -0700 vyatta-op-vpn (0.13.13) unstable; urgency=low * Fix Bug 5500 Unable to establish a VPN connection from a remote peer with a -- Mohit Mehta Wed, 31 Mar 2010 15:36:17 -0700 vyatta-op-vpn (0.13.12) unstable; urgency=low * Part of fix for Bug 5067 to add PFS group support -- Mohit Mehta Thu, 18 Mar 2010 14:55:51 -0700 vyatta-op-vpn (0.13.11) unstable; urgency=low * Fix Bug 5464 "show vpn ipsec status" returns no interface and active tunnel number -- Mohit Mehta Wed, 17 Mar 2010 16:14:17 -0700 vyatta-op-vpn (0.13.10) unstable; urgency=low * UNRELEASED -- An-Cheng Huang Wed, 17 Feb 2010 16:15:32 -0800 vyatta-op-vpn (0.13.9) unstable; urgency=low * add op-mode command to show routes added for VPN remote-subnet -- Mohit Mehta Fri, 29 Jan 2010 16:02:23 -0800 vyatta-op-vpn (0.13.8) unstable; urgency=low * vyatta-op-vpn depends on vyatta-ipsec provided by vyatta-strongswan * fix op-mode commands for migration to strongswan * use correct path for ported newhostkey command * fix show vpn commands to work with strongswan -- Mohit Mehta Tue, 12 Jan 2010 17:20:32 -0800 vyatta-op-vpn (0.13.7) unstable; urgency=low * skip used tags -- An-Cheng Huang Wed, 02 Dec 2009 10:46:17 -0800 vyatta-op-vpn (0.13.4) unstable; urgency=low * use vyatta openswan -- An-Cheng Huang Fri, 06 Nov 2009 15:06:09 -0800 vyatta-op-vpn (0.13.3) unstable; urgency=low * * Fix Bug 4017 Add the ability to restart individual IPSec tunnels -- Mohit Mehta Fri, 09 Oct 2009 17:13:48 -0700 vyatta-op-vpn (0.13.2) unstable; urgency=low * UNRELEASED -- An-Cheng Huang Fri, 29 May 2009 18:36:48 -0700 vyatta-op-vpn (0.13.1) unstable; urgency=low [ An-Cheng Huang ] * add support for development build [ Stephen Hemminger ] * Convert to Vyatta:: [ Stig Thormodsrud ] * "vpn rsa-key generate" command broken - use new perl hierarchy. [ Stephen Hemminger ] * Fix reference to Vyatta::VPNUtil [ An-Cheng Huang ] * update maintainer information * "files" file should be removed before package build -- An-Cheng Huang Thu, 08 Jan 2009 09:40:45 -0800 vyatta-op-vpn (0.13) unstable; urgency=low 3.2.0 [ Mark O'Brien ] [ An-Cheng Huang ] * allow multi-arch build [ Mark O'Brien ] -- Mark O'Brien Tue, 25 Nov 2008 19:10:05 -0800 vyatta-op-vpn (0.12) unstable; urgency=low 3.1.2 [ Mark O'Brien ] [ Stig Thormodsrud ] * Fix permission on call to ipsec. [ An-Cheng Huang ] * partial fix for bugs 3044, 3047, 3048: minor show command output header [ Stig Thormodsrud ] * Fix 3194: VPN: xml error in "show vpn ike" command output [ Mark O'Brien ] -- Mark O'Brien Wed, 23 Jul 2008 21:36:08 -0700 vyatta-op-vpn (0.11) unstable; urgency=low 3.1.1 [ Mark O'Brien ] [ rbalocca ] * Fix syntax issue [ Mark O'Brien ] -- Mark O'Brien Sat, 28 Jun 2008 11:22:22 -0700 vyatta-op-vpn (0.10) unstable; urgency=low 3.1.0 [ Mark O'Brien ] [ Stig Thormodsrud ] * Fix 3285: "show vpn debug" has bash error * Fix 3285: CLI command does not restart VPN: run clear vpn ipsec- process [ rbalocca ] * Ignore derived files * Convert to our method of changelog creation [ Mohit Mehta ] * Fix Bug 3069 Help strings should be standardized [ Mark O'Brien ] -- Mark O'Brien Tue, 17 Jun 2008 09:27:11 -0700 vyatta-op-vpn (0.9) unstable; urgency=low 3.0.5 -- Mark O'Brien Tue, 06 May 2008 12:43:36 -0700 vyatta-op-vpn (0.8) unstable; urgency=low 3.0.4 -- Mark O'Brien Mon, 05 May 2008 16:40:53 -0700 vyatta-op-vpn (0.7) unstable; urgency=low 3.0.3 [ Mark O'Brien ] [ rbalocca ] * Indicate the VC4.0.2 release candidate in the changelog [ Mark O'Brien ] -- Mark O'Brien Tue, 29 Apr 2008 16:42:38 -0700 vyatta-op-vpn (0.6) unstable; urgency=low VC4.0.2 -- Mark O'Brien Sat, 19 Apr 2008 11:56:22 -0700 vyatta-op-vpn (0.5) unstable; urgency=low VC4.0.2 release candidate -- Mark O'Brien Wed, 16 Apr 2008 09:50:23 -0700 vyatta-op-vpn (0.4) unstable; urgency=low 3.0.2 [ Mark O'Brien ] * 3.0.1 [ Stig Thormodsrud ] * Fix 3023 "show vpn debug" displays system errors [ rbalocca ] * Add missing dependencies * Fix debian dependencies * Set dependencies on either bash or vyatta-bash [ Mark O'Brien ] -- Mark O'Brien Fri, 04 Apr 2008 18:01:07 -0700 vyatta-op-vpn (0.3) unstable; urgency=low VC4.0.1 [ Mark O'Brien ] [ Marat Nepomnyashy ] * Query original/active runtime config rather than the new/pending config. * Added 'libsablot0' dependencies. [ Stephen Hemminger ] * Replace VPL with GPLv2 * Change license from VPL to GPLv2 * update from VPL1.0 to GPLv2 * update scripts from VPL1.0 to GPLv2 [ Stig Thormodsrud ] * Fix 2838: Clearing VPN process starts VPN , even if not configured. [ Mark O'Brien ] -- Mark O'Brien Tue, 18 Mar 2008 19:04:52 -0700 vyatta-op-vpn (0.2) unstable; urgency=low vc4.0.0 [ Mark O'Brien ] [ Marat Nepomnyashy ] * Moved execution of 'show vpn' commands to '/opt/vyatta/bin/sudo- users' so that operator users can execute them. Bug 2865 fix. * Fixed-up operator commands 'clear vpn ipsec-process' and 'show vpn debug detail' so that they no longer require sudo password. * Initialize variable and check for invalid args. * Call 'gen_local_rsa_key.pl' from '/opt/vyatta/bin/sudo-users/' rather than '/opt/vyatta/sbin/'. Bug 2883 fix. [ Stig Thormodsrud ] * Fix 2838 Clearing VPN process starts VPN, even if not configured [ Mark O'Brien ] -- Mark O'Brien Mon, 25 Feb 2008 17:39:21 -0800 vyatta-op-vpn (0.1) unstable; urgency=low * Initial Release. -- Marat Nepomnyashy Wed, 02 Jan 2008 12:19:47 -0700