diff options
| author | Yves-Alexis Perez <corsac@debian.org> | 2015-11-18 14:49:27 +0100 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@debian.org> | 2015-11-18 14:49:27 +0100 |
| commit | 1e980d6be0ef0e243c6fe82b5e855454b97e24a4 (patch) | |
| tree | 0d59eec2ce2ed332434ae80fc78a44db9ad293c5 /conf/options | |
| parent | 5dca9ea0e2931f0e2a056c7964d311bcc30a01b8 (diff) | |
| download | vyos-strongswan-1e980d6be0ef0e243c6fe82b5e855454b97e24a4.tar.gz vyos-strongswan-1e980d6be0ef0e243c6fe82b5e855454b97e24a4.zip | |
Imported Upstream version 5.3.4
Diffstat (limited to 'conf/options')
| -rw-r--r-- | conf/options/charon-logging.conf | 5 | ||||
| -rw-r--r-- | conf/options/charon-logging.opt | 4 | ||||
| -rw-r--r-- | conf/options/charon.conf | 8 | ||||
| -rw-r--r-- | conf/options/charon.opt | 8 |
4 files changed, 25 insertions, 0 deletions
diff --git a/conf/options/charon-logging.conf b/conf/options/charon-logging.conf index c91421dea..454405985 100644 --- a/conf/options/charon-logging.conf +++ b/conf/options/charon-logging.conf @@ -25,6 +25,11 @@ charon { # numerical identifier for each IKE_SA. # ike_name = no + # Adds the milliseconds within the current second after the + # timestamp (separated by a dot, so time_format should end with %S + # or %T). + # time_add_ms = no + # Prefix each log entry with a timestamp. The option accepts a # format string as passed to strftime(3). # time_format = diff --git a/conf/options/charon-logging.opt b/conf/options/charon-logging.opt index b437a9cc3..2bbb5dce4 100644 --- a/conf/options/charon-logging.opt +++ b/conf/options/charon-logging.opt @@ -28,6 +28,10 @@ charon.filelog.<filename>.time_format Prefix each log entry with a timestamp. The option accepts a format string as passed to **strftime**(3). +charon.filelog.<filename>.time_add_ms = no + Adds the milliseconds within the current second after the timestamp + (separated by a dot, so _time_format_ should end with %S or %T). + charon.syslog {} Section to define syslog loggers, see LOGGER CONFIGURATION in **strongswan.conf**(5). diff --git a/conf/options/charon.conf b/conf/options/charon.conf index 5f27b08e3..b55d429a7 100644 --- a/conf/options/charon.conf +++ b/conf/options/charon.conf @@ -24,6 +24,10 @@ charon { # strength. # dh_exponent_ansi_x9_42 = yes + # Use RTLD_NOW with dlopen when loading plugins and IMV/IMCs to reveal + # missing symbols immediately. + # dlopen_use_rtld_now = no + # DNS server assigned to peer via configuration payload (CP). # dns1 = @@ -123,6 +127,10 @@ charon { # Initiate IKEv2 reauthentication with a make-before-break scheme. # make_before_break = no + # Maximum number of IKEv1 phase 2 exchanges per IKE_SA to keep state about + # and track concurrently. + # max_ikev1_exchanges = 3 + # Maximum packet size accepted by charon. # max_packet = 10000 diff --git a/conf/options/charon.opt b/conf/options/charon.opt index 5d137aee8..816f3250c 100644 --- a/conf/options/charon.opt +++ b/conf/options/charon.opt @@ -65,6 +65,10 @@ charon.dh_exponent_ansi_x9_42 = yes Use ANSI X9.42 DH exponent size or optimum size matched to cryptographic strength. +charon.dlopen_use_rtld_now = no + Use RTLD_NOW with dlopen when loading plugins and IMV/IMCs to reveal missing + symbols immediately. + charon.dns1 DNS server assigned to peer via configuration payload (CP). @@ -204,6 +208,10 @@ charon.load_modular = no plugin list is preserved. Enabled plugins not found in that list are ordered alphabetically before other plugins with the same priority. +charon.max_ikev1_exchanges = 3 + Maximum number of IKEv1 phase 2 exchanges per IKE_SA to keep state about and + track concurrently. + charon.max_packet = 10000 Maximum packet size accepted by charon. |