templates/vpn/ipsec/disable-uniqreqids/node.def | 1 templates/vpn/ipsec/ike-group/node.tag/aggressive-mode/node.def | 7 templates/vpn/ipsec/logging/facility/node.def | 13 templates/vpn/ipsec/logging/level/node.def | 12 debian/control | 2 lib/Vyatta/VPN/Util.pm | 2 scripts/vpn-config.pl | 202 +++------- scripts/vyatta-vpn-ppp-updown.pl | 4 templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/id/node.def | 2 9 files changed, 81 insertions(+), 164 deletions(-)
New commits: commit 8612b9da11ef7fd0237a7734582d3353efc1b136 Author: Mohit Mehta <[email protected]> Date: Tue Dec 22 12:29:25 2009 -0800 use leftsourceip to add route to remote subnet (cherry picked from commit eb6d27497bab9e82218d8999778f7b4959fd34ea) commit dd85b276b1903e08e24a777525a527d6c7e3bd64 Author: Mohit Mehta <[email protected]> Date: Wed Dec 9 18:54:28 2009 -0800 Do not start IKEv2 daemon for now (cherry picked from commit 7fab51307ecaf65a7da880f60a97a73bda87e5c7) commit 089294082d982b3375bf34ebb9f53dcc0a1a4ffa Author: Mohit Mehta <[email protected]> Date: Fri Dec 4 18:45:17 2009 -0800 * remove extraneous unused code * use @id for identification when it's specified. It can be used even if local-ip is not 0.0.0.0 * extend syntax check for id to allow specifying hostnames * fix ipsec.secrets generation - if specified always use ids for local and remote peer (cherry picked from commit 3e7a4e45af00c11e6009d38fd97c67c2de0fa145) commit 1b24da8c4e6528db464d677af0ed01912a0a66eb Author: Mohit Mehta <[email protected]> Date: Sat Nov 28 00:59:03 2009 -0800 add comment to identify end of connection description (cherry picked from commit cb9ed22ae45d03fa37148273d02cef4a9a179d1d) commit 9576a0b4207f299c963b2be915816c0442ab19ac Author: Mohit Mehta <[email protected]> Date: Wed Nov 25 20:38:26 2009 -0800 no need to maintain state of connections and take state-specific actions for each connection when config changes. `ipsec update` in strongswan determines any changes in ipsec.conf and updates the configuration on running daemon (cherry picked from commit 55b703e669e0f792c04d29541d8fe00d2a9d624b) commit 229dd4af29f29d8a2a4983a811b0c4bef7111892 Author: Mohit Mehta <[email protected]> Date: Tue Nov 24 21:33:31 2009 -0800 First pass code changes to vyatta-cfg-vpn for migration to strongswan : Remove CLI support and back-end code for unsupported parameters * No aggressive mode support in strongswan * remove syslog facility.level CLI. strongswan uses authpriv facility by default, no syslog parameter support * remove Robert's disable-uniqreqids option for now. need to get strongswan to do the same thing first Remove Openswan specific parameters added to workaroung bugs * remove plutowait, this was added to workaround Openswan Bug 412 * remove nhelpers, this was added to workaround Openswan Bug 198 Other Changes * add '!' at the end of ike and esp proposal list to signify end of list * replace `ipsec start` commands with built-in commands for `ipsec starter` control utility * replace `ipsec auto` with `ipsec whack` commands. Still need to figure out if `ipsec auto --add|--up $connection` could be replaces by simply using `ipsec update` in stronswan * change pluto.ctl path commit 275789c02381ebe359d2f0a970aabcf7587e0f58 Author: Mohit Mehta <[email protected]> Date: Fri Nov 20 17:46:54 2009 -0800 vyatta-cfg-vpn depends on vyatta-ipsec provided by vyatta-strongswan (cherry picked from commit f830e7cfd66d7cf368d47cd5dea47dd26711875a) http://suva.vyatta.com/git/?p=vyatta-cfg-vpn.git;a=commitdiff;h=8612b9da11ef7fd0237a7734582d3353efc1b136 http://suva.vyatta.com/git/?p=vyatta-cfg-vpn.git;a=commitdiff;h=dd85b276b1903e08e24a777525a527d6c7e3bd64 http://suva.vyatta.com/git/?p=vyatta-cfg-vpn.git;a=commitdiff;h=089294082d982b3375bf34ebb9f53dcc0a1a4ffa http://suva.vyatta.com/git/?p=vyatta-cfg-vpn.git;a=commitdiff;h=1b24da8c4e6528db464d677af0ed01912a0a66eb http://suva.vyatta.com/git/?p=vyatta-cfg-vpn.git;a=commitdiff;h=9576a0b4207f299c963b2be915816c0442ab19ac http://suva.vyatta.com/git/?p=vyatta-cfg-vpn.git;a=commitdiff;h=229dd4af29f29d8a2a4983a811b0c4bef7111892 http://suva.vyatta.com/git/?p=vyatta-cfg-vpn.git;a=commitdiff;h=275789c02381ebe359d2f0a970aabcf7587e0f58 _______________________________________________ svn mailing list [email protected] http://mailman.vyatta.com/mailman/listinfo/svn
