Imported Upstream version 5.5.0

1 files changed, 13 insertions, 1 deletions

diff --git a/src/swanctl/swanctl.conf.5.main b/src/swanctl/swanctl.conf.5.main
index a5b2a731f..013e35fb7 100644
--- a/src/swanctl/swanctl.conf.5.main
+++ b/src/swanctl/swanctl.conf.5.main
@@ -519,7 +519,7 @@ an absolute path.
 Comma separated list of raw public keys to accept for authentication. The public
 keys may use a relative path from the
 .RB "" "swanctl" ""
-.RI "" "x509" ""
+.RI "" "pubkey" ""
 directory or an
 absolute path.
 
@@ -856,6 +856,18 @@ once. The default of
 uses dynamic reqids, allocated incrementally.
 
 .TP
+.BR connections.<conn>.children.<child>.priority " [0]"
+Optional fixed priority for IPsec policies. This could be useful to install
+high\-priority drop policies.  The default of
+.RI "" "0" ""
+uses dynamically calculated
+priorities based on the size of the traffic selectors.
+
+.TP
+.BR connections.<conn>.children.<child>.interface " []"
+Optional interface name to restrict IPsec policies.
+
+.TP
 .BR connections.<conn>.children.<child>.mark_in " [0/0x00000000]"
 Netfilter mark and mask for input traffic. On Linux Netfilter may require marks
 on each packet to match an SA having that option set. This allows Netfilter