Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Correct variable names so that the logging is useful. | Seth Mos | 2009-07-06 | 1 | -2/+1 |
| | | | | Remove racoon reload signal | ||||
* | Remove some unneccessary calls to filter_configure() they just give recursivity! | Ermal Luçi | 2009-06-18 | 1 | -14/+2 |
| | |||||
* | Use is_dir, not is_file for detecting directory existance. | Scott Ullrich | 2009-06-02 | 1 | -1/+1 |
| | |||||
* | fix route deletion | Chris Buechler | 2009-05-31 | 1 | -2/+2 |
| | |||||
* | clarify log message | Chris Buechler | 2009-05-31 | 1 | -4/+2 |
| | |||||
* | Ensure /var/db/racoon exists | Scott Ullrich | 2009-05-30 | 1 | -0/+2 |
| | |||||
* | Fix PPTP+RADIUS. See ticket #1926. | jim-p | 2009-05-12 | 1 | -4/+13 |
| | |||||
* | Rename filter_translate_type_to_real_interface to ↵ | Ermal Luçi | 2009-05-05 | 1 | -1/+1 |
| | | | | | | interface_translate_type_to_real Move this function to interfaces.inc where it belongs. | ||||
* | Use correct variable name. | Ermal Luçi | 2009-04-26 | 1 | -2/+2 |
| | |||||
* | Fix a spd.conf not loading changes issue. | Ermal Luçi | 2009-04-26 | 1 | -0/+2 |
| | |||||
* | * Do not apply the settings directly from hitting the SAVE button show the ↵ | Ermal Luçi | 2009-04-22 | 1 | -3/+1 |
| | | | | apply settings option for consistency with other pages. | ||||
* | * Fix ipsec over carp handling. | Ermal Luçi | 2009-04-22 | 1 | -12/+10 |
| | | | | | * do not useinterface in Upper case when working on the backends. * Do not print Configuring IPSec during bootup if there is nothing configured. | ||||
* | * Hide interfaces internals to other code and use the propper interfaces. | Ermal Luçi | 2009-03-30 | 1 | -8/+8 |
| | | | | | | | Basically use get_interface*() functions instead of accessing fields like 'ipaddr'/'descr' etc... * Make get_interfaces_with_gateway less heavyweight by getting information from the configuration stored in config.xml * Some other missed custom interface list building and substituing with propper get_configured_interface*() NOTE: This should give indipendce on dynamic interfaces on some services that before could not be used on top of this type of interfaces. | ||||
* | Add secret option required on some setups. | Ermal Luçi | 2009-03-22 | 1 | -0/+2 |
| | |||||
* | We include ng_l2tp in kernel already, do not kldload | Scott Ullrich | 2009-03-15 | 1 | -3/+0 |
| | |||||
* | Correct a typo in vpn.inc that broke esp encryption algorithm configuration. | mgrooms | 2009-03-15 | 1 | -1/+1 |
| | |||||
* | Modify IPsec code to allow for transport mode. All existing configurations are | mgrooms | 2009-03-15 | 1 | -48/+88 |
| | | | | | marked as tunnel for backwards compatibility. There are problems with the spd read code which Will likely choke on transport entries. We can fix this later. | ||||
* | Move the IPsec pinghost option from phase1 to phase2. Correct some | mgrooms | 2009-03-15 | 1 | -11/+25 |
| | | | | bugs that were preventing the local address from being selected. | ||||
* | Move the admin socket parameter into the existing listen section. | Seth Mos | 2009-03-13 | 1 | -5/+2 |
| | |||||
* | Actually remove the spd reload files after processing it. This would break ↵ | Seth Mos | 2009-03-12 | 1 | -8/+8 |
| | | | | | | the tunnels as it would re-process all files in order every time the configuration reloads a tunnel. | ||||
* | Correct and expand the local and remote IP address endpoint check so that it ↵ | Seth Mos | 2009-03-12 | 1 | -2/+5 |
| | | | | specifies which one is at fault. | ||||
* | Migrate IPsec certificate management to centralized system. | mgrooms | 2009-03-12 | 1 | -56/+41 |
| | |||||
* | Fix typo in function names | Seth Mos | 2009-03-12 | 1 | -1/+1 |
| | |||||
* | If either the old or new local or remote endpoint is not a IP address we ↵ | Seth Mos | 2009-03-12 | 1 | -1/+4 |
| | | | | make sure to abort. | ||||
* | Correct spelling to the past tense | Seth Mos | 2009-03-11 | 1 | -1/+1 |
| | |||||
* | Use the new is_module_loaded function to avoid spamming the System log. | Ermal Luçi | 2009-03-08 | 1 | -1/+2 |
| | |||||
* | Increase time to wait after killing mpd4 on l2tp case. | Ermal Luçi | 2009-02-15 | 1 | -1/+1 |
| | |||||
* | Remove all global decalarations regarding pptp/pppoe/l2tp they are no more ↵ | Ermal Luçi | 2009-02-15 | 1 | -6/+3 |
| | | | | needed. | ||||
* | L2TP improvements. | Ermal Luçi | 2009-02-15 | 1 | -1/+2 |
| | |||||
* | Fix typo. | Ermal Luçi | 2009-02-15 | 1 | -1/+1 |
| | |||||
* | Remove radius-ip option also non present on mpd4. | Ermal Luçi | 2009-02-15 | 1 | -5/+0 |
| | |||||
* | radius-fallback option is no more present on mpd4. | Ermal Luçi | 2009-02-15 | 1 | -3/+0 |
| | |||||
* | Fix ltp links creation. | Ermal Luçi | 2009-02-15 | 1 | -1/+1 |
| | |||||
* | Catch up on mpd4 changes even when operation as pppoe/pptp/l2tp server. | Ermal Luçi | 2009-02-13 | 1 | -6/+6 |
| | |||||
* | can't continue when you aren't in a loop | Bill Marquette | 2009-02-09 | 1 | -1/+1 |
| | |||||
* | Use correct var so dnswatch will launch correctly. | Seth Mos | 2009-01-17 | 1 | -1/+1 |
| | |||||
* | Modify our function to process according to the new IPsec config.xml | Seth Mos | 2009-01-16 | 1 | -97/+78 |
| | | | | | | | | array format of 2.0 This should now correctly reload ipsec tunnels where a hostname is used as the endpoint. TODO: The UI pages still need to be changed for the granular IPsec policy reloading. | ||||
* | Improved logic to delete old ipsec policies. It can now be used in a generic ↵ | Seth Mos | 2009-01-14 | 1 | -35/+60 |
| | | | | | | | | fashion to replace spd policies instead of just dynamic dns endpoints. We know leave files in tmp which are picked up by vpn_ipsec_refresh_policies(). This allows us to use the apply buton again. | ||||
* | Oops forgot to modify and commit the code that tells racoon to re-read the ↵ | Seth Mos | 2009-01-13 | 1 | -1/+3 |
| | | | | configuration files. | ||||
* | Port the code for granular adding and removing IPsec SPD policies. | Seth Mos | 2009-01-13 | 1 | -33/+182 |
| | | | | | This is the backend part of it which is uses by rc.newipsecdns when a hostname changes IP | ||||
* | Merge the preferred SA logic from 1.113 of HEAD 2 years 7 months later | Bill Marquette | 2008-12-18 | 1 | -2/+2 |
| | |||||
* | I think mpd 4.x doesn't like "set pptp self 127.0.0.1" - removing this | Bill Marquette | 2008-11-29 | 1 | -1/+0 |
| | | | | | allows my iphone to connect to my pfsense box just like it does on 1.2.1 | ||||
* | Don't try to configure a blank WINS server, while it doesn't kill mpd, it | Bill Marquette | 2008-11-29 | 1 | -2/+2 |
| | | | | sure whines about it. | ||||
* | * Do not destory enc0 | Scott Ullrich | 2008-11-19 | 1 | -2/+2 |
| | | | | * Only run ifconfig if a real ip and netmask exists instead of ifconfig | ||||
* | Try to use where possible filter_configure so upcoming event modifications ↵ | Ermal Luçi | 2008-11-08 | 1 | -3/+3 |
| | | | | can be easily integrated. | ||||
* | Correct path to netstat | Seth Mos | 2008-11-07 | 1 | -1/+1 |
| | |||||
* | Correct route lookup | Seth Mos | 2008-11-06 | 1 | -1/+1 |
| | |||||
* | Lookup route table before attempting a delete | Seth Mos | 2008-11-06 | 1 | -2/+11 |
| | |||||
* | Surpress killall messages | Seth Mos | 2008-11-06 | 1 | -6/+6 |
| | |||||
* | Extra sighup not needed on 7 | Seth Mos | 2008-11-03 | 1 | -6/+0 |
| |