programs/examples/oe.conf.in


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68

# defines default policy groups for Opportunistic Encryption (OE)
#
# RCSID $Id: oe.conf.in,v 1.1 2004/08/28 11:25:09 as Exp $

conn packetdefault
	type=tunnel
	leftsubnet=0.0.0.0/0
	right=%opportunistic
	failureshunt=passthrough
	keyingtries=3
	ikelifetime=1h
	keylife=1h
	rekey=no
	also=oe_defaults
	auto=route

conn clear
	type=passthrough
	authby=never
	right=%group
	also=oe_defaults
	auto=route

conn clear-or-private
	type=passthrough
	right=%opportunisticgroup
	failureshunt=passthrough
	keyingtries=3
	ikelifetime=1h
	keylife=1h
	rekey=no
	also=oe_defaults
	auto=route

conn private-or-clear
	type=tunnel
	right=%opportunisticgroup
	failureshunt=passthrough
	keyingtries=3
	ikelifetime=1h
	keylife=1h
	rekey=no
	also=oe_defaults
	auto=route

conn private
	type=tunnel
	right=%opportunisticgroup
	failureshunt=drop
	keyingtries=3
	ikelifetime=1h
	keylife=1h
	rekey=no
	also=oe_defaults
	auto=route

conn block
	type=reject
	authby=never
	right=%group
	also=oe_defaults
	auto=route

conn oe_defaults
	left=%defaultroute
	leftid=%myid
	leftrsasigkey=%dnsondemand
	rightrsasigkey=%dnsondemand