diff options
Diffstat (limited to 'src/swanctl/swanctl.conf')
| -rw-r--r-- | src/swanctl/swanctl.conf | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/src/swanctl/swanctl.conf b/src/swanctl/swanctl.conf index 789b128fd..b2045a3d8 100644 --- a/src/swanctl/swanctl.conf +++ b/src/swanctl/swanctl.conf @@ -47,7 +47,7 @@ # Timeout for DPD checks (IKEV1 only). # dpd_timeout = 0s - # Use IKE UDP datagram fragmentation. (yes, no or force). + # Use IKE UDP datagram fragmentation. (yes, accept, no or force). # fragmentation = yes # Send certificate requests payloads (yes or no). @@ -227,6 +227,9 @@ # ESP proposals to offer for the CHILD_SA. # esp_proposals = default + # Use incorrect 96-bit truncation for HMAC-SHA-256. + # sha256_96 = no + # Local traffic selectors to include in CHILD_SA. # local_ts = dynamic @@ -308,6 +311,10 @@ # IPsec replay window to configure for this CHILD_SA. # replay_window = 32 + # Enable hardware offload for this CHILD_SA, if supported by the + # IPsec implementation. + # hw_offload = no + # Action to perform after loading the configuration (none, trap, # start). # start_action = none |