diff options
| author | Yves-Alexis Perez <corsac@debian.org> | 2016-07-16 15:19:53 +0200 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@debian.org> | 2016-07-16 15:19:53 +0200 |
| commit | bf372706c469764d59e9f29c39e3ecbebd72b8d2 (patch) | |
| tree | 0f0e296e2d50e4a7faf99ae6fa428d2681e81ea1 /src/swanctl/swanctl.opt | |
| parent | 518dd33c94e041db0444c7d1f33da363bb8e3faf (diff) | |
| download | vyos-strongswan-bf372706c469764d59e9f29c39e3ecbebd72b8d2.tar.gz vyos-strongswan-bf372706c469764d59e9f29c39e3ecbebd72b8d2.zip | |
Imported Upstream version 5.5.0
Diffstat (limited to 'src/swanctl/swanctl.opt')
| -rw-r--r-- | src/swanctl/swanctl.opt | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/src/swanctl/swanctl.opt b/src/swanctl/swanctl.opt index 145fab28d..fe5b293fb 100644 --- a/src/swanctl/swanctl.opt +++ b/src/swanctl/swanctl.opt @@ -416,7 +416,7 @@ connections.<conn>.remote<suffix>.pubkeys = Comma separated list of raw public keys to accept for authentication. Comma separated list of raw public keys to accept for authentication. - The public keys may use a relative path from the **swanctl** _x509_ + The public keys may use a relative path from the **swanctl** _pubkey_ directory or an absolute path. connections.<conn>.remote<suffix>.revocation = relaxed @@ -684,6 +684,16 @@ connections.<conn>.children.<child>.reqid = 0 not more than once. The default of _0_ uses dynamic reqids, allocated incrementally. +connections.<conn>.children.<child>.priority = 0 + Optional fixed priority for IPsec policies. + + Optional fixed priority for IPsec policies. This could be useful to install + high-priority drop policies. The default of _0_ uses dynamically calculated + priorities based on the size of the traffic selectors. + +connections.<conn>.children.<child>.interface = + Optional interface name to restrict IPsec policies. + connections.<conn>.children.<child>.mark_in = 0/0x00000000 Netfilter mark and mask for input traffic. |