Major new upstream release, just ran svn-upgrade for now (and wrote some

debian/changelong entries).

1 files changed, 104 insertions, 0 deletions

diff --git a/src/starter/README b/src/starter/README
new file mode 100644
index 000000000..12a60a11d
--- /dev/null
+++ b/src/starter/README
@@ -0,0 +1,104 @@
+
+IPsec Starter -- Version 0.2        [Contributed by Arkoon Network Security]
+============================        [                http://www.arkoon.net/]
+
+IPsec Starter is aimed to replace all the scripts which are used to
+start and stop strongSwan and to do that in a quicker and a smarter way.
+
+IPsec Starter can also reload the configuration file (kill --HUP or periodicaly)
+and apply the changes.
+
+Usage:
+  starter [--debug] [--auto_update <x seconds>]
+    --debug:       enable debugging output
+    --no_fork:     all msg (including pluto) are sent to the console
+    --auto_update: reload the config file (like kill -HUP) every x seconds
+                   and determine any configuration changes
+
+FEATURES
+--------
+
+o Load and unload KLIPS (ipsec.o kernel module)
+
+o Load modules of the native Linux 2.6 IPsec stack
+
+o Launch and monitor pluto
+
+o Add, initiate, route and del connections
+
+o Attach and detach interfaces according to config file
+
+o kill -HUP can be used to reload the config file. New connections will be
+  added, old ones will be removed and modified ones will be reloaded.
+  Interfaces/Klips/Pluto will be reloaded if necessary.
+
+o Full support of the %defaultroute wildcard parameter.
+
+o save own pid in /var/run/starter
+
+o Upon reloading, dynamic DNS addr will be resolved and reloaded. Use
+  --auto_update to periodicaly check dynamic DNS changes.
+
+o kill -USR1 can be used to reload all connections (delete then add and
+  route/initiate)
+
+o /var/run/dynip/xxxx can be used to use a virtual interface name in
+  ipsec.conf. By example, when adsl can be ppp0, ppp1, ... :
+    ipsec.conf:             interfaces="ipsec0=adsl"
+  And use /etc/ppp/ip-up to create /var/run/dynip/adsl
+    /var/run/dynip/adsl:    IP_PHYS=ppp0
+
+o %auto can be used to automaticaly name the connections
+
+o kill -TERM can be used to stop FS. pluto will be stopped and KLIPS unloaded
+  (if it has been loaded).
+
+o Can be used to start strongSwan and load lots of connections in a few
+  seconds.
+
+TODO
+----
+
+o handle wildcards in include lines -- use glob() fct
+    ex: include /etc/ipsec.*.conf
+
+o handle duplicates keywords and sections
+
+o 'also' keyword not supported
+
+o manually keyed connections
+
+o IPv6
+
+o Documentation
+
+
+CHANGES
+-------
+
+o Version 0.1 -- 2002.01.14 -- First public release
+
+o Version 0.2 -- 2002.09.04 -- Various enhancements
+                               FreeS/WAN 1.98b, x509 0.9.14, algo 0.8.0
+
+o Version 0.2d -- 2004.01.13 -- Adaptions for Openswan 1.0.0
+                                by Stephan Scholz <sscholz@astaro.com>
+
+o Version 0.2e -- 2004.10.14 -- Added support for change of interface address
+                                by Stephan Scholz <sscholz@astaro.com>
+
+o Version 0.2s -- 2005-12-02 -- Ported to strongSwan
+                                by Stephan Scholz <sscholz@astaro.com>
+
+o Version 0.2x -- 2006-01-02 -- Added missing strongSwan keywords
+				Full support of the native Linux 2.6 IPsec stack
+				Full support of %defaultroute
+				Improved parsing of keywords using perfect hash
+				function generated by gperf.
+                                by Andreas Steffen <andreas.steffen@hsr.ch>
+
+THANKS
+------
+
+o Nathan Angelacos - include fix
+