| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | .\" $NetBSD: racoon.conf.5,v 1.55 2009/03/12 15:18:57 wiz Exp $ | | 1 | .\" $NetBSD: racoon.conf.5,v 1.56 2009/05/04 22:28:30 wiz Exp $ |
2 | .\" | | 2 | .\" |
3 | .\" Id: racoon.conf.5,v 1.54 2006/08/22 18:17:17 manubsd Exp | | 3 | .\" Id: racoon.conf.5,v 1.54 2006/08/22 18:17:17 manubsd Exp |
4 | .\" | | 4 | .\" |
5 | .\" Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | | 5 | .\" Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. |
6 | .\" All rights reserved. | | 6 | .\" All rights reserved. |
7 | .\" | | 7 | .\" |
8 | .\" Redistribution and use in source and binary forms, with or without | | 8 | .\" Redistribution and use in source and binary forms, with or without |
9 | .\" modification, are permitted provided that the following conditions | | 9 | .\" modification, are permitted provided that the following conditions |
10 | .\" are met: | | 10 | .\" are met: |
11 | .\" 1. Redistributions of source code must retain the above copyright | | 11 | .\" 1. Redistributions of source code must retain the above copyright |
12 | .\" notice, this list of conditions and the following disclaimer. | | 12 | .\" notice, this list of conditions and the following disclaimer. |
13 | .\" 2. Redistributions in binary form must reproduce the above copyright | | 13 | .\" 2. Redistributions in binary form must reproduce the above copyright |
14 | .\" notice, this list of conditions and the following disclaimer in the | | 14 | .\" notice, this list of conditions and the following disclaimer in the |
| @@ -1018,27 +1018,27 @@ For example, if you define 3ffe:501:4819 | | | @@ -1018,27 +1018,27 @@ For example, if you define 3ffe:501:4819 |
1018 | In the case of a longest prefix (selecting a single host), | | 1018 | In the case of a longest prefix (selecting a single host), |
1019 | .Ar address | | 1019 | .Ar address |
1020 | instructs to send ID type of ADDRESS while | | 1020 | instructs to send ID type of ADDRESS while |
1021 | .Ar subnet | | 1021 | .Ar subnet |
1022 | instructs to send ID type of SUBNET. | | 1022 | instructs to send ID type of SUBNET. |
1023 | Otherwise, these instructions are identical. | | 1023 | Otherwise, these instructions are identical. |
1024 | .Pp | | 1024 | .Pp |
1025 | The | | 1025 | The |
1026 | .Ic anonymous | | 1026 | .Ic anonymous |
1027 | keyword can be used to match any id. | | 1027 | keyword can be used to match any id. |
1028 | The | | 1028 | The |
1029 | .Ic clientaddr | | 1029 | .Ic clientaddr |
1030 | keyword can be used to match a remote id that is equal to either the peer | | 1030 | keyword can be used to match a remote id that is equal to either the peer |
1031 | ip address or the mode_cfg ip address ( if assigned ). | | 1031 | ip address or the mode_cfg ip address (if assigned). |
1032 | This can be useful | | 1032 | This can be useful |
1033 | to restrict policy generation when racoon is acting as a client gateway | | 1033 | to restrict policy generation when racoon is acting as a client gateway |
1034 | for peers with dynamic ip addresses. | | 1034 | for peers with dynamic ip addresses. |
1035 | .Pp | | 1035 | .Pp |
1036 | The | | 1036 | The |
1037 | .Ic from | | 1037 | .Ic from |
1038 | keyword allows an sainfo to only match for peers that use a specific phase1 | | 1038 | keyword allows an sainfo to only match for peers that use a specific phase1 |
1039 | id value during authentication. | | 1039 | id value during authentication. |
1040 | The | | 1040 | The |
1041 | .Ic group | | 1041 | .Ic group |
1042 | keyword allows an XAuth group membership check to be performed | | 1042 | keyword allows an XAuth group membership check to be performed |
1043 | for this sainfo section. | | 1043 | for this sainfo section. |
1044 | When the mode_cfg auth source is set to | | 1044 | When the mode_cfg auth source is set to |