diff options
| author | Yves-Alexis Perez <corsac@corsac.net> | 2017-05-30 20:59:31 +0200 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@corsac.net> | 2017-05-30 20:59:31 +0200 |
| commit | bba25e2ff6c4a193acb54560ea4417537bd2954e (patch) | |
| tree | 9e074fe343f9ab6f5ce1e9c5142d9a6cf180fcda /conf/plugins | |
| parent | 05ddd767992d68bb38c7f16ece142e8c2e9ae016 (diff) | |
| download | vyos-strongswan-bba25e2ff6c4a193acb54560ea4417537bd2954e.tar.gz vyos-strongswan-bba25e2ff6c4a193acb54560ea4417537bd2954e.zip | |
New upstream version 5.5.3
Diffstat (limited to 'conf/plugins')
| -rw-r--r-- | conf/plugins/attr-sql.conf | 4 | ||||
| -rw-r--r-- | conf/plugins/attr-sql.opt | 4 | ||||
| -rw-r--r-- | conf/plugins/kernel-netlink.opt | 6 | ||||
| -rw-r--r-- | conf/plugins/socket-default.conf | 3 | ||||
| -rw-r--r-- | conf/plugins/socket-default.opt | 6 |
5 files changed, 20 insertions, 3 deletions
diff --git a/conf/plugins/attr-sql.conf b/conf/plugins/attr-sql.conf index 24d4e809d..f56f54aee 100644 --- a/conf/plugins/attr-sql.conf +++ b/conf/plugins/attr-sql.conf @@ -1,5 +1,9 @@ attr-sql { + # Release all online leases during startup. Disable this to share the DB + # between multiple VPN gateways. + # crash_recovery = yes + # Database URI for attr-sql plugin used by charon. If it contains a # password, make sure to adjust the permissions of the config file # accordingly. diff --git a/conf/plugins/attr-sql.opt b/conf/plugins/attr-sql.opt index abd749e3e..58f05bb5f 100644 --- a/conf/plugins/attr-sql.opt +++ b/conf/plugins/attr-sql.opt @@ -1,3 +1,7 @@ +charon.plugins.attr-sql.crash_recovery = yes + Release all online leases during startup. Disable this to share the DB + between multiple VPN gateways. + charon.plugins.attr-sql.database Database URI for attr-sql plugin used by charon. If it contains a password, make sure to adjust the permissions of the config file accordingly. diff --git a/conf/plugins/kernel-netlink.opt b/conf/plugins/kernel-netlink.opt index 1136af1be..3d9c4a7a9 100644 --- a/conf/plugins/kernel-netlink.opt +++ b/conf/plugins/kernel-netlink.opt @@ -113,6 +113,6 @@ charon.plugins.kernel-netlink.xfrm_acq_expires = 165 trap policy. The value gets written to /proc/sys/net/core/xfrm_acq_expires. Indirectly controls the delay between XFRM acquire messages triggered by the kernel for a trap policy. The same value is used as timeout for SPIs - allocated by the kernel. The default value equals the default total - retransmission timeout for IKE messages, see IKEv2 RETRANSMISSION - in **strongswan.conf**(5). + allocated by the kernel. The default value equals the total retransmission + timeout for IKE messages, see IKEv2 RETRANSMISSION in + **strongswan.conf**(5). diff --git a/conf/plugins/socket-default.conf b/conf/plugins/socket-default.conf index 6d4b73dd5..abf4650ed 100644 --- a/conf/plugins/socket-default.conf +++ b/conf/plugins/socket-default.conf @@ -10,6 +10,9 @@ socket-default { # Set source address on outbound packets, if possible. # set_source = yes + # Force sending interface on outbound packets, if possible. + # set_sourceif = no + # Listen on IPv4, if possible. # use_ipv4 = yes diff --git a/conf/plugins/socket-default.opt b/conf/plugins/socket-default.opt index 483a0f03d..570bd0ec7 100644 --- a/conf/plugins/socket-default.opt +++ b/conf/plugins/socket-default.opt @@ -4,6 +4,12 @@ charon.plugins.socket-default.fwmark = charon.plugins.socket-default.set_source = yes Set source address on outbound packets, if possible. +charon.plugins.socket-default.set_sourceif = no + Force sending interface on outbound packets, if possible. + + Force sending interface on outbound packets, if possible. This allows + using IPv6 link-local addresses as tunnel endpoints. + charon.plugins.socket-default.use_ipv4 = yes Listen on IPv4, if possible. |