Enable padlock support
Move )
Pointy-hat-to: Me
Missing )
Forced commit to note that failover ipsec should be enabled as well (even if your not using failover, it simply sets the racoon listen ip address)
Add NATT support. Currently this option is disabled. To enable simply set the <developer/> tag inside <system> in config.xml
Use correct mtu for pptp when wan is pppoe.
Have I mentioned how much I HATE pptp lately?
Set /sbin/sysctl net.inet.ipsec.crypto_support=1 if Padlock
Detect ACE in CPU line
Do not set net.inet.ipsec.crypto_support
Only run padlock functions if <developer> bit is set
Query Features line for ACE
Echo out when enabling padlock
Clear out setkey after enabling as instructions show.
Only enable Padlock if we find ACE in the dmesg
Spello in comments
Enable hardware IPSEC
Padlock -> ACE
Minor style cleanups
Only setup via padlock on bootup.
Alert on bootup if we are enabling padlock
Add via padlock support
Check to see if item is dynamic dns a little better
Detect DNS names and correctly set
dir_exist() -> dir_exists()
Allow PPPoE server subnet to be defined by user.
Ticket #282
Make sure /var/etc/mpd-vpn exists
Set pppoe interface
Use unique variable name for interface
Do not accept encryption
Kill sasyncd before restarting
Assign a unique pppoe id
Set mtu to 1492
Translate interface
Do not set 10.* dns address
Add PPPoE server interface field
Load pppoe, not pt.
i -> $i
vpn_pptp_configure() -> vpn_pptpd_configure()
Add PPPoE server hooks
Do not spew sasyncd output to web browser.
Reload the filter even on bootup
WINS Server option
Ticket #255
Add Dynamic DNS support to IPSEC.
Touch the /tmp/filter_dirty file and allow the filter to be reloaded on final bootup.
Ping 10 times to bring up tunnel
Start sasyncd in the backgrounds
Resync with prior working vpn.inc and add back in failover ipsec and cert support.
Ping 10 times when bringing tunnel up
Use logger to ensure we are getting sasyncd logs
Add more -v
Start sasyncd verbose
Reload filter configuration after vpn changes
Setup sasyncd
Do not assign variables if $config['installedpackages']['sasyncd']['config'] is not defined
Various code cleanups and a few actual bugfixes courtesy of Zend
Clean up foreach() warnings if you don't use sasyncd
Correctly setup sasyncd and vpn failover
Correctly set failover ip address
only echo out when we're booting
Use packages bindto area
Do not call filer_configure() if booting. set /tmp/filter_boot_dirty flag.
Do not clear out previous string.
Remove extra white space
Add mode, listen on and flush mode sync directives for sasyncd
Add failover vpn backend support.
Import m0n0wall's backend vpn.inc which has certificate support.
Allow maximum PPTP clients to be overridden by:pptp->n_pptp_unitspptp->n_pptp_units
Do not foreach through $ipseccfg['tunnel'] if its not defined
Override correct wan ip address for vpn failover.
extra }
Allow ipsec->ip override for listen interface and spd.conf
Add $Id$ tag
use better mkdir function
Allow setting of racoon listening interface on the ipsec vpn screen. This allows failover vpn!
Redirect sysctl output to /dev/null
Supply full path to sysctl
sysctl -> system
fastforwarding is not compatible with ipsec tunnels -- turn it off if the user has ipsec tunnels.
Add Copyright to each file that we have touched so far and re attribute the file to Manuel Kasper such as:
Copyright (C) 2004 Scott Ullrich All rights reserved.
originally part of m0n0wall (http://m0n0.ch/wall) Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>....
bug fix: Honour newer sa setting
add support for net.key.preferred_oldsa and add a checkbox on IPSec screen
add support for net.key.preferred_oldsa
take out the previous echo $ifface since that was a debugging item.
allow user to set a hidden ipsec field called "creategif" which will create gif entries which are useful for routing.
Initial revision