3d928c9ffd
fixed mobike address update from and to NAT
2007-07-02 12:55:07 +00:00
c598ac6360
changes in uml configuration to allow mobike
2007-07-02 09:52:20 +00:00
face844a87
proper update of IPsec SA when roaming a host-to-host tunnel
...
roaming of IPsec SAs using virtual IPs
2007-07-02 09:49:22 +00:00
530dd57c6a
fixed memleak
2007-07-02 08:33:15 +00:00
0d30da5dfd
updated charons architecture description
2007-06-29 09:21:28 +00:00
ffbca197c1
fixed dpd=hold when using virtual IPs
2007-06-29 08:03:32 +00:00
8ba7d34253
removed accidently checked in debbuging code
2007-06-29 07:40:04 +00:00
cea6634fde
MobIKE requires iptables to open udp/4500
2007-06-28 21:33:51 +00:00
b9212e5a93
MobIKE requires iptables to open udp/4500
2007-06-28 21:33:13 +00:00
c532d6460d
fixed IKE_SA reestablishment after DPD using port 500
2007-06-28 15:24:24 +00:00
c2bc2b2782
alphabetical order
2007-06-27 21:49:09 +00:00
e0e7ef070d
separated pluto, charon, and klips setup config section parameters
2007-06-27 15:42:11 +00:00
6a39bc4061
added passthrough scenario
2007-06-27 14:25:15 +00:00
487fe29ee3
added lefthostaccess and leftprotoport parameters
2007-06-27 14:03:56 +00:00
1fbdab8507
right=%<fqdn> wildcard added
2007-06-27 13:31:16 +00:00
7900ab1b7a
update ipsec.conf man page
2007-06-27 13:29:36 +00:00
c4c916f90a
add starter.8 man page to distribution
2007-06-27 13:29:20 +00:00
fc2d1c420f
further mobike improvements, regarding to NAT-T
2007-06-27 13:10:55 +00:00
6fa8bd61c1
cosmetics
2007-06-27 10:04:02 +00:00
2f153a2263
recognize wildcard keyingtries=%forever
2007-06-27 08:11:22 +00:00
a80521d13e
recognize wildcards right=%group and keyingtries=%forever
2007-06-27 08:11:08 +00:00
cae8f3e9b6
updated copyright statement
2007-06-27 07:36:44 +00:00
31302718ff
fixed distro and copyright information
2007-06-27 07:25:19 +00:00
2b3100b5d0
simple roaming of the client works (not MOBIKE conform yet!)
2007-06-26 13:04:13 +00:00
361712fe37
use of the right=%<fqdn> wildcard
2007-06-26 10:46:30 +00:00
4cb9d7a758
further fixed for mobike roaming
2007-06-25 13:26:02 +00:00
3f946e1c90
support of right=%<FQDN> wildcard
2007-06-25 11:28:39 +00:00
e6a22d8728
discarded unused functions
2007-06-25 09:06:13 +00:00
3345c0a1ed
make starter behave more gracefully in the presence of non-fatal errors
2007-06-25 07:10:23 +00:00
17d92e9732
further MOBIKE stuff:
...
kernel properly reports network reconfiguration and informs all IKE_SAs
MOBIKE in IKE_AUTH: MOBIKE_SUPPORTED notify and address exchange
reestablishment of IKE_SAs on network reconfiguration kinda works
not stable yet!
2007-06-21 15:25:28 +00:00
c25ef47702
added MOBIKE rfc
2007-06-20 10:12:11 +00:00
078ce348ae
IKEv1 rightallowany flag introduced
2007-06-20 09:46:54 +00:00
cbbb71c4ac
don't modify des/3des input key anymore
2007-06-19 07:56:28 +00:00
6835280041
fixed virtua IP: adding virtual IP to interface address list cache directly
...
corrected debug targets
2007-06-19 06:20:33 +00:00
280f6b1ab2
set nexthop to him when instantiating rightallowyes template with leftnexthop == right
2007-06-18 20:07:47 +00:00
d0f55e236d
support of right|leftallowany flag
2007-06-18 17:51:45 +00:00
571bca865b
added dynamic DNS scenarios
2007-06-18 17:50:54 +00:00
3b04350ab2
added extensions management to IKE_SA
...
fixed NATD payload (port) when using route lookup
2007-06-18 10:32:01 +00:00
7068410b6f
source address lookup in kernel interface
...
use it for NAT detection if no source address known from config
support for %any...%any connections
2007-06-18 07:25:58 +00:00
209c2e9049
support for left=%any change our address dynamically
2007-06-18 05:57:59 +00:00
ca68a75eaf
increased receive buffer to handle more interfaces
2007-06-18 05:56:18 +00:00
174c9e18c1
eliminated nexthop
2007-06-17 15:29:49 +00:00
2dc0366994
fixed typo
2007-06-16 20:22:05 +00:00
0c8e0615aa
recognize strongswan-2.8.5 VID
2007-06-16 20:21:14 +00:00
08a8f4496f
implemented more flexible iterator hook API
...
kernel interface handles interface changes and updates address list
2007-06-15 13:23:18 +00:00
02b3ec0a10
implemented address change notification (for MOBIKE)
...
implemented up to date address list cache to list interfaces
2007-06-14 15:16:15 +00:00
fede28be8b
fixed memleak when initiating to %any
2007-06-14 08:44:19 +00:00
04f4e82d53
added missing files to the last commit
2007-06-14 08:17:23 +00:00
26424f03c3
proper reauthentication:
...
IKE_SA is closed completely before the new is initiated,
resolves some issues when a dynamic IP is requested from a pool
2007-06-14 08:13:05 +00:00
eda454a261
case insensitive identification_t.equals() for FQDN and RFC822ADDR
2007-06-14 07:02:01 +00:00
Martin Willi