[Ipsec-tools-commits] ipsec-tools/src/racoon racoon.conf.5,1.44,1.45
Brought to you by:
mit_warlord,
netbsd
From: VANHULLEBUS Y. <va...@us...> - 2006-02-15 14:11:35
|
Update of /cvsroot/ipsec-tools/ipsec-tools/src/racoon In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv15626/src/racoon Modified Files: racoon.conf.5 Log Message: updated generate_policy syntax Index: racoon.conf.5 =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/src/racoon/racoon.conf.5,v retrieving revision 1.44 retrieving revision 1.45 diff -u -d -r1.44 -r1.45 --- racoon.conf.5 25 Nov 2005 16:05:21 -0000 1.44 +++ racoon.conf.5 15 Feb 2006 14:11:22 -0000 1.45 @@ -686,7 +686,7 @@ IPsec-SAs. The default is off. .\" -.It Ic generate_policy (on | off) ; +.It Ic generate_policy (on | off | require | unique) ; This directive is for the responder. Therefore you should set .Ic passive @@ -704,6 +704,13 @@ by the initiator, so other communications might fail if such policies are installed due to a policy mismatch between the initiator and the responder. +.Ic on +and +.Ic require +values means the same thing (generate a require policy). +.Ic unique +tells racoon to set up unique policies, with a monotoning increasing +reqid number between 1 and IPSEC_MANUAL_REQID_MAX). This directive is ignored in the initiator case. The default value is .Ic off . |