Showing entries 1-40 out of 40.
AH proposals to offer for the CHILD_SA
Action to perform after a CHILD_SA gets closed by the peer
Whether to copy the DF bit to the outer IPv4 header in tunnel mode
Whether to copy the DSCP (Differentiated Services Field Codepoint) header field to/from the outer …
Whether to copy the ECN (Explicit Congestion Notification) header field to/from the outer IP heade…
Action to perform for this CHILD_SA on DPD timeout
ESP proposals to offer for the CHILD_SA
Hostaccess variable to pass to updown script
Enable hardware offload for this CHILD_SA, if supported by the IPsec implementation
XFRM interface ID set on inbound policies/SA
XFRM interface ID set on outbound policies/SA
Timeout before closing CHILD_SA after inactivity
Optional interface name to restrict outbound IPsec policies
Enable IPComp compression before encryption
Maximum bytes processed before CHILD_SA gets closed
Maximum number of packets processed before CHILD_SA gets closed
Maximum lifetime before CHILD_SA gets closed
List of local traffic selectors to include in CHILD_SA
Netfilter mark and mask for input traffic
Whether to set mark_in on the inbound SA
Netfilter mark and mask for output traffic
IPsec Mode to establish CHILD_SA with.tunnel negotiates the CHILD_SA in IPsec Tunnel Mode,whereas …
Whether to install IPsec policies or not
Whether to install outbound FWD IPsec policies or not
Optional fixed priority for IPsec policies
Byte range from which to choose a random value to subtract from rekey_bytes
Packet range from which to choose a random value to subtract from rekey_packets
Time range from which to choose a random value to subtract from rekey_time
Number of bytes processed before initiating CHILD_SA rekeying
Number of packets processed before initiating CHILD_SA rekeying
Time to schedule CHILD_SA rekeying
List of remote selectors to include in CHILD_SA
IPsec replay window to configure for this CHILD_SA
Fixed reqid to use for this CHILD_SA
Netfilter mark applied to packets after the inbound IPsec SA processed them
Netfilter mark applied to packets after the outbound IPsec SA processed them
HMAC-SHA-256 is used with 128-bit truncation with IPsec
Action to perform after loading the configuration
Pads ESP packets with additional data to have a consistent ESP packet size for improved Traffic Fl…
Updown script to invoke on CHILD_SA up and down events