diff options
| author | Yves-Alexis Perez <corsac@corsac.net> | 2017-05-30 20:59:31 +0200 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@corsac.net> | 2017-05-30 20:59:31 +0200 |
| commit | bba25e2ff6c4a193acb54560ea4417537bd2954e (patch) | |
| tree | 9e074fe343f9ab6f5ce1e9c5142d9a6cf180fcda /testing/hosts/default/etc | |
| parent | 05ddd767992d68bb38c7f16ece142e8c2e9ae016 (diff) | |
| download | vyos-strongswan-bba25e2ff6c4a193acb54560ea4417537bd2954e.tar.gz vyos-strongswan-bba25e2ff6c4a193acb54560ea4417537bd2954e.zip | |
New upstream version 5.5.3
Diffstat (limited to 'testing/hosts/default/etc')
| -rw-r--r-- | testing/hosts/default/etc/ip6tables.rules | 2 | ||||
| -rw-r--r-- | testing/hosts/default/etc/strongswan.conf.testing | 7 |
2 files changed, 7 insertions, 2 deletions
diff --git a/testing/hosts/default/etc/ip6tables.rules b/testing/hosts/default/etc/ip6tables.rules index 6a2c6af8e..bcb868414 100644 --- a/testing/hosts/default/etc/ip6tables.rules +++ b/testing/hosts/default/etc/ip6tables.rules @@ -28,7 +28,7 @@ -A INPUT -p icmpv6 --icmpv6-type neighbor-advertisement -j ACCEPT -A OUTPUT -p icmpv6 --icmpv6-type neighbor-advertisement -j ACCEPT -# allow crl and certficate fetch from winnetou +# allow crl and certificate fetch from winnetou -A INPUT -i eth0 -p tcp --sport 80 -s fec0::15 -j ACCEPT -A OUTPUT -o eth0 -p tcp --dport 80 -d fec0::15 -j ACCEPT diff --git a/testing/hosts/default/etc/strongswan.conf.testing b/testing/hosts/default/etc/strongswan.conf.testing index 55efbe7d1..b62355097 100644 --- a/testing/hosts/default/etc/strongswan.conf.testing +++ b/testing/hosts/default/etc/strongswan.conf.testing @@ -2,6 +2,11 @@ charon { retransmit_tries = 2 retransmit_timeout = 1.0 retransmit_base = 1 + plugins { + kernel-netlink { + xfrm_acq_expires = 60 + } + } } -include strongswan.conf
\ No newline at end of file +include strongswan.conf |