7 files changed, 61 insertions, 0 deletions

diff --git a/conf/Makefile.am b/conf/Makefile.am
index f10af25a2..7cee0cbd6 100644
--- a/conf/Makefile.am
+++ b/conf/Makefile.am
@@ -14,6 +14,7 @@ options = \
 	options/charon-logging.opt \
 	options/charon-systemd.opt \
 	options/imcv.opt \
+	options/imv_policy_manager.opt \
 	options/manager.opt \
 	options/medsrv.opt \
 	options/pacman.opt \
diff --git a/conf/Makefile.in b/conf/Makefile.in
index 4b391402a..fb3082b1d 100644
--- a/conf/Makefile.in
+++ b/conf/Makefile.in
@@ -396,6 +396,7 @@ options = \
 	options/charon-logging.opt \
 	options/charon-systemd.opt \
 	options/imcv.opt \
+	options/imv_policy_manager.opt \
 	options/manager.opt \
 	options/medsrv.opt \
 	options/pacman.opt \
diff --git a/conf/options/imv_policy_manager.conf b/conf/options/imv_policy_manager.conf
new file mode 100644
index 000000000..8979b28bc
--- /dev/null
+++ b/conf/options/imv_policy_manager.conf
@@ -0,0 +1,18 @@
+imv_policy_manager {
+
+    # Shell command to be executed with recommendation allow.
+    # command_allow =
+
+    # Shell command to be executed with all other recommendations.
+    # command_block =
+
+    # Database URI for the database that stores the package information. If it
+    # contains a password, make sure to adjust the permissions of the config
+    # file accordingly.
+    # database =
+
+    # Plugins to load in IMV policy manager.
+    # load = sqlite
+
+}
+
diff --git a/conf/options/imv_policy_manager.opt b/conf/options/imv_policy_manager.opt
new file mode 100644
index 000000000..6ed0efc2a
--- /dev/null
+++ b/conf/options/imv_policy_manager.opt
@@ -0,0 +1,13 @@
+imv_policy_manager.database =
+	Database URI for the database that stores the package information. If it
+	contains a password, make sure to adjust the permissions of the config file
+	accordingly.
+
+imv_policy_manager.load = sqlite
+	Plugins to load in IMV policy manager.
+
+imv_policy_manager.command_allow =
+	Shell command to be executed with recommendation allow.
+
+imv_policy_manager.command_block =
+	Shell command to be executed with all other recommendations. 
diff --git a/conf/plugins/kernel-netlink.conf b/conf/plugins/kernel-netlink.conf
index 723bf0a49..6ea341fbe 100644
--- a/conf/plugins/kernel-netlink.conf
+++ b/conf/plugins/kernel-netlink.conf
@@ -1,5 +1,8 @@
 kernel-netlink {
 
+    # Buffer size for received Netlink messages.
+    # buflen = 4096
+
     # Firewall mark to set on the routing rule that directs traffic to our
     # routing table.
     # fwmark =
diff --git a/conf/plugins/kernel-netlink.opt b/conf/plugins/kernel-netlink.opt
index 800ba20c0..4338a5fbd 100644
--- a/conf/plugins/kernel-netlink.opt
+++ b/conf/plugins/kernel-netlink.opt
@@ -1,3 +1,6 @@
+charon.plugins.kernel-netlink.buflen = 4096
+	Buffer size for received Netlink messages.
+
 charon.plugins.kernel-netlink.fwmark =
 	Firewall mark to set on the routing rule that directs traffic to our routing
 	table.
diff --git a/conf/strongswan.conf.5.main b/conf/strongswan.conf.5.main
index b6db9c914..b81b58ca0 100644
--- a/conf/strongswan.conf.5.main
+++ b/conf/strongswan.conf.5.main
@@ -853,6 +853,10 @@ plugins can be used
 to circumvent that problem.
 
 .TP
+.BR charon.plugins.kernel-netlink.buflen " [4096]"
+Buffer size for received Netlink messages.
+
+.TP
 .BR charon.plugins.kernel-netlink.fwmark " []"
 Firewall mark to set on the routing rule that directs traffic to our routing
 table. The format is [!]mark[/mask], where the optional exclamation mark inverts
@@ -1661,6 +1665,24 @@ Specifies the default loglevel to be used for subsystems for which no specific
 loglevel is defined.
 
 .TP
+.BR imv_policy_manager.command_allow " []"
+Shell command to be executed with recommendation allow.
+
+.TP
+.BR imv_policy_manager.command_block " []"
+Shell command to be executed with all other recommendations.
+
+.TP
+.BR imv_policy_manager.database " []"
+Database URI for the database that stores the package information. If it
+contains a password, make sure to adjust the permissions of the config file
+accordingly.
+
+.TP
+.BR imv_policy_manager.load " [sqlite]"
+Plugins to load in IMV policy manager.
+
+.TP
 .BR libimcv.debug_level " [1]"
 Debug level for a stand\-alone
 .RI "" "libimcv" ""