summaryrefslogtreecommitdiffstats
path: root/etc/inc/vpn.inc
Commit message (Collapse)AuthorAgeFilesLines
* Fix regression on interface list.(missed merge from RELENG_1_MULTI_ANYTHING)Ermal Luçi2008-07-181-3/+1
|
* Add myself to the Copyright.Ermal Luçi2008-07-141-0/+1
|
* * Merge multiple PPPoE/PPTP interfaces from RELENG_1_MULTI_ANYTHINGErmal Luçi2008-07-141-145/+140
| | | | | | | * Much improved rule generation speed * Many bug fixing in general of the interface handling NOTE: this is only half part of the changes the other half will come after
* Introduce a new and improved version of IPsec mobile client support. TheMatthew Grooms2008-07-131-62/+161
| | | | | | | mobile client tab is now used to configure user authentication (Xauth) and client configuration (mode-cfg) options. User authentication is currently limited to system password file entries. This will be extended to support external RADIUS and LDAP account DBs in a follow up comiit.
* Overhaul IPsec related code. Shared functions have been consolidated intoMatthew Grooms2008-07-111-411/+453
| | | | | | | | | | | | | | a new file named /etc/ipsec.inc. Tunnel definitions have been split into phase1 and phase2. This allows any number of phase2 definitions to be created for a single phase1 definition. Several facets of configuration have also been improved. The key size for variable length algorithms can now be selected and the phase1 ID options have been extended to allow for more flexible configuration. Several NAT-T related issues have also been resolved. Please note, IPsec remote access functionality has been temporarily disabled. An improved implementation will be included in a follow up commit.
* Correct setkey path to correct usr local sbin location.Seth Mos2008-07-041-10/+10
|
* PPPoE server fixes. Patch submitted by Ermal.Scott Ullrich2008-06-301-9/+8
|
* Update binary to use mpd4Scott Ullrich2008-06-201-3/+3
|
* Get correct interface list.Ermal Luçi2008-06-191-2/+2
|
* Interface list improvements.Ermal Luçi2008-06-181-2/+3
|
* The physical interface must be passed to find_interface_ip()Chris Buechler2008-06-071-1/+2
| | | | this was breaking the racoon.conf for OPT WAN IPsec when interface is not statically addressed
* Correctly process non carp interfacesSeth Mos2008-06-061-1/+5
|
* Correctly update static routes on changeSeth Mos2008-06-061-9/+16
|
* Make the vpn configuration add static routes on interfaces other then WAN.Seth Mos2008-06-051-0/+15
| | | | link_carp_interface_to_parent() now correctly returns parent interface instead of always WAN.
* Start PPTPD.Scott Ullrich2008-05-191-1/+1
|
* Start MPD correctly on newer mpdScott Ullrich2008-05-191-1/+1
|
* Fix mpd startupScott Ullrich2008-05-191-1/+1
|
* Unbreak racoonScott Ullrich2008-05-191-6/+2
|
* Do not quote an empty string when the DN identifier is blank.Scott Ullrich2008-05-171-2/+10
| | | | Obtained-from: m0n0wall
* Bump dpd from 20 to 120Seth Mos2008-04-101-2/+2
|
* Use DPD and frag support we already haveSeth Mos2008-04-051-0/+4
|
* Send extra sighup after startingSeth Mos2008-04-011-0/+6
|
* Pass -c along to mpdScott Ullrich2008-03-221-1/+1
|
* With the current Racoon we need to inform that we are reloading our SPDSeth Mos2008-02-051-0/+4
| | | | entries with a SIGHUP
* Update to racoon-0.7-cvs with Timo Teras patches.Seth Mos2008-02-011-14/+4
| | | | Use setkey -f because spd loading works normally now.
* attempt loading SPD entries 4 timesSeth Mos2008-01-151-2/+2
|
* Somehow sending a SIGHUP before flushing and reloading works better thenSeth Mos2008-01-151-4/+6
| | | | after. Technically a SIGHUP to racoon should not do anything.
* Flush both SA and SPD entriesSeth Mos2008-01-151-0/+1
|
* repair logic I think. Can we please use more curlies?Seth Mos2008-01-141-4/+4
|
* Make 3 passes at loading the SPD entries as this will fail on large ↵Seth Mos2008-01-141-27/+31
| | | | | | configurations > 250 tunnels. Tested by smos@ 399 tunnels, 239 active, ok by sullrich@
* touch up textChris Buechler2008-01-081-2/+2
| | | | Ticket #1569
* freeradius and pptp changes by forum-user 'cybrsrfr'Martin Fuchs2007-12-211-1/+8
|
* Adding dnswatch support.Scott Ullrich2007-12-171-367/+557
| | | | Obtained-from: m0n0wall
* IPSEC keep alive pinger using the wrong source IP addressScott Ullrich2007-11-051-8/+8
| | | | Ticket #1482
* Adding keep alive host to IPsec causes warning in webGUIScott Ullrich2007-11-011-1/+1
| | | | Ticket #1509
* Ticket #1482 - set the source to an interface that is inside the subnet ↵Bill Marquette2007-10-191-3/+10
| | | | definition
* Sync NATT support from m0n0wallScott Ullrich2007-08-041-0/+6
|
* Unbreak IPSEC, correct pathnamesSeth Mos2007-07-081-6/+6
|
* Fix loading and reloading config for IPSEC.Seth Mos2007-07-041-16/+18
| | | | MFC: Possible candidate, works for seth. Needs test.
* Add ASN1DN identities support to IPSEC. Subbmitted-by: Nic Bernstein ↵Scott Ullrich2007-06-301-1/+10
| | | | <nic_AT_onlight.com>
* use killallScott Ullrich2007-06-021-1/+1
|
* * Flush SPD's on reload * Kilall -HUP racoon if its already running since ↵Scott Ullrich2007-06-021-6/+4
| | | | racoonctl is brokie brokie
* * Remove path from racoon grep * Remove [r] from racoon and simply grep for ↵Scott Ullrich2007-06-021-1/+1
| | | | racoon
* Correct ps locationScott Ullrich2007-06-021-1/+1
|
* Remove trailing space / crScott Ullrich2007-05-271-1/+1
|
* Commit forgotten vpn_ipsec_force_reload()Seth Mos2007-05-201-0/+35
|
* Do not flush SPA and SPD before starting. It upsets racoon.Seth Mos2007-05-111-4/+5
|
* Rework stop and start logic. If we are already alive, reload instead of stop ↵Seth Mos2007-05-101-11/+27
| | | | | | and start. Tested by Seth.
* further changes to 1.3 for pppoe server and pptp server. added to gui add ↵Scott Ullrich2007-05-041-20/+34
| | | | radius acct and auth ports add acct update in seconds option for external radius servers add backup radius server changes rearranges xml for better use moved radius specific features inside tags added options for additional server above 2 miner bug fixes Ticket #1306
* Switch over to mpd4 Code-submitted-by: alan_AT_radiowave.ieScott Ullrich2007-04-291-64/+125
|
OpenPOWER on IntegriCloud