iked dynamic address configuration

2014-04-29 Thread Ryan Slack
will drop all pools. If there is a usecase for it, I can add a reset pool to just drop all pools. Testing has thus far been limited to Windows 7. --Ryan Slack Index: config.c === RCS file: /cvs/src/sbin/iked/config.c,v retrieving revision

Re: LibreSSL 2.0.1 released - installation extra_mode

2014-07-15 Thread Ryan Slack
On OpenBSD, FreeBSD, Debian, and Ubuntu setting a library as executable means you can run it directly, and since ./libressl.so won't work it shouldn't be 755. Ten minutes of research reveals that Red Hat sets the execute bit on all shared libraries, and while its ldd script complains if it's not

udp route-to without to clause

2013-06-17 Thread Ryan Slack
If this is by design, please explain! If the to clause is always required with rdr-to, then the man page should be updated, and the parse code throw an error, and perhaps the pools FAQ updated (possibly by me). --Ryan Slack

Re: udp route-to without to clause

2013-06-19 Thread Ryan Slack
On Mon, Jun 17, 2013 at 3:22 PM, Ryan Slack r...@evine.ca wrote: Hosting a voip server behind OpenBSD with the following pf.conf file led to some surprising behaviour: voice_if = em0 data_if= vr0 ext_if = vr3 PBX = 192.168.234.200 voip_ports = 1:4 table remote_phones persist

[PATCH] iked protected-subnet support

2013-05-25 Thread Ryan Slack
Perhaps there was a reason it was never implmented, but in case it just got missed: Index: ikev2.c === RCS file: /cvs/src/sbin/iked/ikev2.c,v retrieving revision 1.82 diff -u -p -r1.82 ikev2.c --- ikev2.c 21 Mar 2013 04:30:14

iked address pools

2013-06-05 Thread Ryan Slack
I wish to submit a working implementation of address pools for iked, however as it's my first real code contribution and has 643 lines (mostly patch context) I'm wondering if posting here is the correct channel. Also, what is the preferred/normal way to include new files in a patch? --Ryan Slack

[PATCH] iked address pools

2013-06-06 Thread Ryan Slack
, which should be plenty. There is NO ipv6 support, partly because I'm not really sure how or why it would be needed. A request for a specific ip that is available in the pool will be honoured. Comments please! --Ryan Slack Index: addr_pool.c