Ecosyste.ms: OpenCollective

An open API service for software projects hosted on Open Collective.

github.com/vyos/vyatta-cfg-vpn

Vyatta VPN configuration
https://github.com/vyos/vyatta-cfg-vpn

T2816: migrated codebase to vyos-1x

e376591198e41eee717c0ca6879419a937990378 authored over 3 years ago by Christian Poessinger <[email protected]>
Merge pull request #42 from erkin/current

IPsec: T627: Fix misuse of `vpn_die()`

dd6419e6e215cc19690686dd474357028b2e6dd6 authored almost 4 years ago by Daniil Baturin <[email protected]>
IPsec: T627: Fix misuse of `vpn_die()`

221a762e5ceb898cd69d2dec69a00539f434549d authored almost 4 years ago by erkin <[email protected]>
Merge pull request #40 from srividya0208/T3131

pre-shared-secret: T3131: Fix typo of word secret

6497cdbbf72fe8298a770bcf2627b7b04561320c authored about 4 years ago by Daniil Baturin <[email protected]>
pre-shared-secret: T3131: Fix typo of word secret

There is typo in the spelling of "secret" mentioned in detailed information
of the pre-shared-se...

00697d0eb210cd99c712ee03bdac9ea51ab3ee3a authored about 4 years ago by srividya0208 <[email protected]>
T3035: allow mixed protocol IPsec (IPv4 over IPv6 and vice versa).

993f5bf9f54bcb7af20d44e7618586b55064a372 authored about 4 years ago by Daniil Baturin <[email protected]>
Merge pull request #39 from sever-sever/T2916

cfg-vpn: T2916: Fix typo for vti interface disable state

c3c27021ac9b8b3d946e4d7a5eeb9b47e3e3206c authored over 4 years ago by Daniil Baturin <[email protected]>
cfg-vpn: T2916: Fix typo for vti interface disable state

2d24f456b15dd3a5c53b8119cbc98f45fba3f89e authored over 4 years ago by sever-sever <[email protected]>
Merge pull request #38 from sever-sever/T2895

vfg-vpn: T2895: Removing unnecessary duplicate check for leftsubnet

10b8c6fdde6b6abc06200d60218950a9af81e34e authored over 4 years ago by Daniil Baturin <[email protected]>
vfg-vpn: T2895: Removing unnecessary duplicate check for leftsubnet

e93ca9815a95329d42889ded196b4943b639d189 authored over 4 years ago by sever-sever <[email protected]>
Merge pull request #37 from sever-sever/T2806

cfg-vpn: T2806: Fix local prefix is source from loopback

13d2b50ec7ed3641bb56c2fdcce07807777bf220 authored over 4 years ago by Christian Poessinger <[email protected]>
cfg-vpn: T2806: Fix local prefix is source from loopback

e4b094de012e041f7556af17a4e16f76163872f1 authored over 4 years ago by sever-sever <[email protected]>
Merge pull request #36 from erkin/current

IPsec: T2647: Replace obsoleted ipsec.conf option

342eb4fae3fd6c3b79440a9932c43f29e27d74c3 authored over 4 years ago by Daniil Baturin <[email protected]>
IPsec: T2647: Replace obsoleted ipsec.conf option

c3fd8886f733ea06581b8f98bb92d023c1419b5a authored over 4 years ago by erkin <[email protected]>
Merge pull request #35 from zdc/T2728-equuleus

IPSec tunnels: T2728: Fixed protocol selector for tunnels

ce56258f8dd52c5a14482a1055e4f23b89e462f6 authored over 4 years ago by Daniil Baturin <[email protected]>
IPSec tunnels: T2728: Fixed protocol selector for tunnels

The protocol selector used for tunnels in transport mode was ignored by the configuration script...

cec720d0fd241f656100b10674bf2c7c4f02b4ea authored over 4 years ago by zsdc <[email protected]>
Merge pull request #34 from zdc/T2701

ESP: T2701: Fixed "pfs enable" option usage

66a3c73455d80adc920d4120fb31a9b0070b4158 authored over 4 years ago by Daniil Baturin <[email protected]>
ESP: T2701: Fixed "pfs enable" option usage

When in ESP group configured "pfs enable" option (default behavior), PFS settings are taken from...

c56ddd91ac9a99bb410c872a4d777e962c08f36d authored over 4 years ago by zsdc <[email protected]>
Jenkins: T2625: migrate to build library

9b27f7fd624a69a242f84f73a8b085587fb18d0b authored over 4 years ago by Christian Poessinger <[email protected]>
Merge pull request #33 from DmitriyEshenko/cur-fix28052020

strongSwan: T2000: Add warning message if local prefix did not config…

756b511a02bf9367540368d44c1e0c05e468a2d0 authored over 4 years ago by Daniil Baturin <[email protected]>
strongSwan: T2000: Add warning message if local prefix did not configured

600e35bbae36ed5482c0816d077c86ab1a84c2ec authored over 4 years ago by DmitriyEshenko <[email protected]>
Merge pull request #30 from DmitriyEshenko/rolling-dmvpn

dmvpn: T2091: Move variable to cycle for multiple profiles

e0591ef0d2726fbb56261e888d59c83628d501e6 authored over 4 years ago by Daniil Baturin <[email protected]>
T2431: fix a reference to valida-value.py

7824620387475ccf977b1c859422b5fd7f0e8029 authored over 4 years ago by Daniil Baturin <[email protected]>
Merge pull request #31 from zdc/T1291

VTI: T1291: Fix for invlid VTI interface down state

5b016450085ceeb285175a71ddb5a8251221deb6 authored over 4 years ago by Christian Poessinger <[email protected]>
VTI: T1291: Fix for invlid VTI interface down state

In case when between hosts exists two IPSec tunnels for VTI (for example, when both sides act as...

00825afd79a45977698e25f31db65fc60d96628f authored over 4 years ago by zsdc <[email protected]>
dmvpn: T2091: Move variable to cycle for multiple profiles

5929f6f61635fe9ba92fe294bead2318c7aeebed authored over 4 years ago by DmitriyEshenko <[email protected]>
Merge pull request #29 from zdc/T2049

strongSwan: T2049: Added lost "disable" option to ESP PFS settings

64ebf2127d62165870e03653659116e381d1582e authored over 4 years ago by Christian Poessinger <[email protected]>
strongSwan: T2049: Added lost "disable" option to ESP PFS settings

a775210134986905b4c34fe0ba72e48b61681178 authored over 4 years ago by zsdc <[email protected]>
strongSwan: T2164: add dependency on libstrongswan-standard-plugins

8522b9cb88f918e62f627bc983b12b48a7a34a63 authored almost 5 years ago by John Estabrook <[email protected]>
Jenkins: T1870: support GitHub PullRequest builds

c03e8eb7e06433feef9ab3f163620b0c283ef733 authored almost 5 years ago by Christian Poessinger <[email protected]>
Merge pull request #28 from zdc/T2049

strongSwan: T2049: Extended list of cipher suites

1a81e83b00406ef4ad8d0e126ab28037c405e206 authored almost 5 years ago by Christian Poessinger <[email protected]>
strongSwan: T2049: Extended list of cipher suites

The list of supported cipher suites actualized according to the:
https://wiki.strongswan.org/pro...

2370ba1e8a769b30a64c815e0d4d2d2053bc8848 authored almost 5 years ago by zsdc <[email protected]>
Jenkins: make pipeline branch independent

9e7435826d97d1e603edb05efb89ece95887c0ba authored about 5 years ago by Christian Poessinger <[email protected]>
Jenkins: adjust to new Debian Buster build

e68d155960822d85b4f08acb1fa48cac8b49fddf authored about 5 years ago by Christian Poessinger <[email protected]>
Merge branch 'equuleus' of github.com:vyos/vyatta-cfg-vpn into current

* 'equuleus' of github.com:vyos/vyatta-cfg-vpn:
Jenkins: import Pipeline from vyos-1x commit b...

afeb7c2eaba67449b368677b235c2ad2eac4023f authored about 5 years ago by Christian Poessinger <[email protected]>
T1864: lower IKEv1 DPD timeout value from 10s to 2s

c4c8711939f709c445fe634b2f624933fa9651ab authored about 5 years ago by Christian Poessinger <[email protected]>
Merge branch 'current' of github.com:vyos/vyatta-cfg-vpn into equuleus

* 'current' of github.com:vyos/vyatta-cfg-vpn:
dmvpn: T1784: Run ipsec-settings before DMVPN
...

2de00855a3a208abfb9ca7451ce41b75cb755007 authored about 5 years ago by Christian Poessinger <[email protected]>
Merge pull request #27 from DmitriyEshenko/dmvpn

dmvpn: T1784: Run ipsec-settings before DMVPN

006beada13e22929b7439a2123f0b434b666d4cc authored about 5 years ago by Christian Poessinger <[email protected]>
dmvpn: T1784: Run ipsec-settings before DMVPN

69678925f5383f0087b0c764e272b6c2ff25f4bd authored about 5 years ago by DmitriyEshenko <[email protected]>
Merge pull request #26 from DmitriyEshenko/ipsec-closeact

T1780 Adding IPSec IKE close-action

a27ec88521929ebf4354ea09e84559ad41837da8 authored about 5 years ago by Christian Poessinger <[email protected]>
T1780 Adding IPSec IKE close-action

495c59a20cf35aeb5449f9166859f823c0ab08a7 authored about 5 years ago by DmitriyEshenko <[email protected]>
Jenkins: import Pipeline from vyos-1x commit bd00ec7

f3a9ad83ac87263fa3014bbe4678fd2d116c4bfc authored over 5 years ago by Christian Poessinger <[email protected]>
Jenkins: import Pipeline from vyos-1x commit bd00ec7

2ff7343c11aad93d1d6e00c9bb8ac316d9320227 authored over 5 years ago by Christian Poessinger <[email protected]>
Merge branch 'current' into equuleus

4fa5187c66fe9b7375b6b3edd2d422706924d6e4 authored over 5 years ago by Daniil Baturin <[email protected]>
update Jenkins file for equuleus

662278f70a1269873651ff175980b4acea76633a authored over 5 years ago by UnicronNL <[email protected]>
Merge pull request #25 from hagbard-01/l2tp

[accel-l2tp] - T834: L2TP implementation

a36a6c764bc7fb2d1f76179c13e0b6c7d9cf61a6 authored over 5 years ago by hagbard-01 <[email protected]>
[accel-l2tp] - T834: L2TP implementation

- disable legacy update-l2tp.pl
- ipsec-settings.py last entry to run after all the legacy s...

4101e824f28d3a8c66d1730d222a4ba3d88b166d authored over 5 years ago by hagbard <[email protected]>
T1499: Allow for usage of systemd interface mappings (#23)

7500490824d1675c62c152abc1ac49fe2324f62e authored over 5 years ago by runborg <[email protected]>
[logrotate] T1420 - logrotate permission errors on vyatta logfiles

51e07664ab03d001dfca457db06d82325d1e964f authored over 5 years ago by hagbard <[email protected]>
Create Jenkinsfile current

b117d9a9e8adce4b05fe493b60a1c2fb653e01f9 authored over 5 years ago by Kim Hagen <[email protected]>
add dependency

68ebd6165d7b5aba30b3b8e924675cb8983da55c authored over 5 years ago by Kim <[email protected]>
Fixes T1298 use vti tunnel with ipsec and dhcp.

* make dhcp interface work for vti interfaces

* clean up code, loger timeout use python api
...

bcdf0dead416fdc8e390ee3ba56fc5e7c6490e72 authored almost 6 years ago by Kim <[email protected]>
[pptp] version bump

9900fb602e29b52e940ba7ee6eae3886b764fbfe authored almost 6 years ago by hagbard <[email protected]>
removing script call for pptp which is now being handled by accel-ppp

2d3677832f40a4ff0db73345aed160e40e248fc7 authored almost 6 years ago by hagbard <[email protected]>
fix typo in dead-pear-detection

a1121dbb2f99e61103ee3973a2f719396162ddb2 authored almost 6 years ago by Kim <[email protected]>
fix typo

d8557aae8831317163ba884ec12e5f2b47633ecc authored almost 6 years ago by Kim Hagen <[email protected]>
do not display connection header when there are no tunnels created

a774a829810a1adccabda31028f727fd2ba3b978 authored almost 6 years ago by Kim Hagen <[email protected]>
Reference IPsec profile name in DMPN connection names for op mode.

12996340fe2a1e15613bb047d2f649f6205688ad authored almost 6 years ago by Daniil Baturin <[email protected]>
fixing cur_vers reference for Makefile

cb29fb982e5b3a97520de0dbcba4b0286d87281b authored almost 6 years ago by hagbard <[email protected]>
bumped config version so the migrate jobs work

2116cbff52c588fe68dd91faf903c4d00ba9fd96 authored almost 6 years ago by hagbard <[email protected]>
Fix: T1168 - Upgrade: 1,1,7 -> 1.2.0-epa2 Ipsec logging command failure.

8365c04cccb6e0216b048ca30e289081f0c0ae44 authored almost 6 years ago by hagbard <[email protected]>
T777: improve "connection-type" option help strings.

2fff1e01a2bf70af8da2b38375d08ee3213db284 authored about 6 years ago by Daniil Baturin <[email protected]>
Fix: T1048: [IPSec] Protocol all does not work in IPSec Tunnel

a413b8acc402c52fcc112b27ed722709db84579b authored about 6 years ago by hagbard <[email protected]>
T1006: allow the "any" value for the local-address option.

de1f3fbfaaa499e476ae15d53a023e286908c009 authored about 6 years ago by Daniil Baturin <[email protected]>
Set the architecture to 'all' since this package has no architecture-dependent files.

a15cc184a9d2f5fcff971828bb5f043bb244d6dc authored about 6 years ago by Daniil Baturin <[email protected]>
T1006: replace the is_valid_address.pl script with ipaddrcheck.

c99bab513e81e7d3e135a57d95cdf1375ead393c authored about 6 years ago by Daniil Baturin <[email protected]>
Add plugins to dependencies.

2fbd0e519cc232d86651df3f00eca1135ed58af8 authored over 6 years ago by Daniil Baturin <[email protected]>
Merge pull request #19 from runborg/current

T787: Make sure dmvpn config is generated after ipsec config.

68b37220255fff247cc8796fee29070d2634707c authored over 6 years ago by Daniil Baturin <[email protected]>
T787: Make sure dmvpn config is generated after ipsec config. this one needs more testing to test for breakages on ipsec

3b09d829a524dceee31c88f71e49ab93b1078961 authored over 6 years ago by Runar Borge <[email protected]>
T767: cleanup vpn-config.pl - removal of KLIPS

Two IPsec kernel stacks are currently available: KLIPS and NETKEY. The
Linux kernel NETKEY code ...

e6648cebe1a19f3becf1553b45ec2b9337332e65 authored over 6 years ago by Christian Poessinger <[email protected]>
T767: remove IPSEC deprecated keyword 'interfaces'

'interfaces' option no longer available in StrongSWAN as of their Wiki [1].

[1]: https://wiki.s...

ac3e95a9fce6ce8fc9592072a66fcf140f123e36 authored over 6 years ago by Christian Poessinger <[email protected]>
T71: call the ipsec-settings.py script in VPN.

9e5bbf83dfd8698488baadc3e6d74df6924908b6 authored over 6 years ago by Daniil Baturin <[email protected]>
T628: delete the default route from the StrongSWAN table (220 hardcoded) for VTI connections

60fc8a28827c55050ead78371fbefd7566df6287 authored over 6 years ago by Daniil Baturin <[email protected]>
T674: set DH group default in IKE groups to 2.

Using the default: tag in the template for now, this issue should be
addressed properly when we g...

90daa5e2cf02ffd3fd5936b4f372f1e85ab62ef6 authored over 6 years ago by Daniil Baturin <[email protected]>
Merge branch 'current' of github.com:vyos/vyatta-cfg-vpn into current

5ff70d5fe970fa13b76ed4207dded560cd6b3ea1 authored over 6 years ago by Daniil Baturin <[email protected]>
T675: for downgrading strongswan to 5.5, remove explicit dependency on libvici.

In 5.5 from stretch, it's inside the swanctl package.
In 5.6 from sid, the swanctl package depen...

21547cc288d60c6e44268a4ef39ad71120bbfb8b authored over 6 years ago by Daniil Baturin <[email protected]>
Merge pull request #18 from unixninja92/T542

Lowered minimum DPD interval and timeout as per T542

4f43655e6f68257a8f3e27ebe11846de5a7a1c93 authored almost 7 years ago by Kim <[email protected]>
Lowered minimum DPD interval and timeout as per T542

1d0a489519e0f67985b5b92ebaf2723b826aef20 authored almost 7 years ago by unixninja92 <[email protected]>
Merge pull request #17 from Taniadz/current

T126: charon listening on ALL interfaces

489211d40ccd6d594817993a94d12278da7c5579 authored about 7 years ago by Daniil Baturin <[email protected]>
T126: charon listening on ALL interfaces(correct sorting)

b53019e4bf1b51b40cefc263479ee0531341cb78 authored about 7 years ago by Taniadz <[email protected]>
T126: charon listening on ALL interfaces(add ipsec restart)

d0e7c861ed20d871d71efd46caf517bbee8c1a69 authored about 7 years ago by Taniadz <[email protected]>
T126: charon listening on ALL interfaces( fix the style issues)

55d30fb7a0cf3e794cacef8210590297c37373c2 authored about 7 years ago by Taniadz <[email protected]>
T126: charon listening on ALL interfaces

60960c1c891d99d2fe10aa0daa5367e31833cb25 authored about 7 years ago by Taniadz <[email protected]>
T423: use listNodes rather than listActiveNodes to enable completion for uncommited IKE and ESP groups.

ff15bdcdeda459bb7cf5de450d02ea2cee53041c authored about 7 years ago by Daniil Baturin <[email protected]>
Merge pull request #15 from smunaut/T137

Fix VTI interface configuration to set both ikey and okey

18f30fbda88e075fbd48459f2f6d646ba333ff3c authored over 7 years ago by Kim <[email protected]>
Fix VTI interface configuration to set both ikey and okey

Without this, the outgoing traffic is marked and encrypted but incoming
traffic isn't properly f...

4e78db594120375843a981eae43d87edc873177a authored almost 8 years ago by Sylvain Munaut <[email protected]>
T287: Merge pull request #14 from paulgear/patch-1

T287: Add missingok to logrotate for ipsec

876cb466c7256973917dc56f81f08bf8364b900d authored almost 8 years ago by Daniil Baturin <[email protected]>
Add missingok to logrotate for ipsec

If this is not present, it causes hourly messages in /var/log/messages like this:

Mar 2 19:1...

0ff779958f9c8951bb7e3e866ca52bc70b470fa9 authored almost 8 years ago by Paul Gear <[email protected]>
load swanctl configuration on ipsec start

7308178f1b9925064b728a53d79bbdcaef6eaf20 authored almost 9 years ago by UnicronNL <[email protected]>
use 'dh-group' for first ike proposal

enable config for dead peer detection

82b5e5a3763affe18d77f707f614ccc56d0c84d6 authored almost 9 years ago by UnicronNL <[email protected]>
add secret from config to swanctl.conf

b5deaca6cebe4ea23f818e2db9447071a6531c0c authored almost 9 years ago by UnicronNL <[email protected]>
add dependencies needed for dmvpn configuration

ce7363f43a0eedfd42c5df5753ded95f648f0108 authored almost 9 years ago by Kim Hagen <[email protected]>
add libcrypt-openssl-rsa-perl dependency

c27d2596db3acd27b8beaded9502cc48afb20c27 authored almost 9 years ago by Kim Hagen <[email protected]>
First version of new dmvpn script rewrite.

984030a79c415ac5d4041db1bd638b86946871fd authored almost 9 years ago by Kim Hagen <[email protected]>
remove reference to dmvpn.secrets and chang dmvpn.conf to swanctl.conf

9118f812de63247b4d4ee9e4262d040090697bea authored almost 9 years ago by Kim Hagen <[email protected]>
Update vpn check file from "charon.ctl" to "charon.pid".

e6bde39b75eca1f4b30b7d4fa3c6eb9dd0100775 authored almost 9 years ago by Kim Hagen <[email protected]>
Update the changelog.

38ddb04edcf5d9a87edd7047ff3f2bce9bf0ba24 authored almost 9 years ago by Daniil Baturin <[email protected]>
Merge branch 'lithium-strongswan5' of https://github.com/TriJetScud/vyatta-cfg-vpn into current

a9d0b5972c64c1d32fe89def263df635525b1d7d authored almost 9 years ago by Daniil Baturin <[email protected]>
Revert "Remove charonstart an interfaces from ipsec.conf file, they are depricated."

This reverts commit fbddff7f2b6b485c93b5d3cf4d60a75f84c3a2b6.

2cda998101aa8d83ab92e9d3d1abddf672ac2c2d authored almost 9 years ago by Kim Hagen <[email protected]>
Revert "Set default pfs and ike dh group. (required by strongswan charon)"

This reverts commit 8353f0f8fc746c69d6006e5bba9baf45afe16385.

849551db87c42494d7c44fd463aebba003ba978e authored almost 9 years ago by Kim Hagen <[email protected]>