ocserv: updated to 0.11.8
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
This commit is contained in:
Nikos Mavrogiannopoulos
parent
bd32212234
commit
0161310d85
|
|
@ -8,14 +8,14 @@
|
|||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=ocserv
|
||||
PKG_VERSION:=0.11.7
|
||||
PKG_VERSION:=0.11.8
|
||||
PKG_RELEASE:=1
|
||||
PKG_USE_MIPS16:=0
|
||||
|
||||
PKG_BUILD_DIR :=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
|
||||
PKG_SOURCE_URL:=ftp://ftp.infradead.org/pub/ocserv/
|
||||
PKG_MD5SUM:=4c47b039bfaf1cecea6a2206dfe0ccd6
|
||||
PKG_HASH:=735b9b88a004d5bc8a91d4093d07ea0e2c9fac370a35d84beccc394ed24420c7
|
||||
|
||||
PKG_LICENSE:=GPLv2+
|
||||
PKG_LICENSE_FILES:=COPYING
|
||||
|
|
|
|||
|
|
@ -1,3 +1,10 @@
|
|||
############################################################################
|
||||
# NOTE: Do not modify this file to configure ocserv. Add new directives #
|
||||
# in /etc/ocserv/ocserv.conf.local and these will be included in ocserv's #
|
||||
# configuration #
|
||||
############################################################################
|
||||
|
||||
|
||||
# User authentication method. Could be set multiple times and in that case
|
||||
# all should succeed.
|
||||
# Options: certificate, pam.
|
||||
|
|
@ -51,6 +58,12 @@ tcp-port = |PORT|
|
|||
# radius is in use.
|
||||
#stats-report-time = 360
|
||||
|
||||
# Stats reset time. The period of time statistics kept by main/sec-mod
|
||||
# processes will be reset. These are the statistics shown by cmd
|
||||
# 'occtl show stats'. For daily: 86400, weekly: 604800
|
||||
# This is unrelated to stats-report-time.
|
||||
server-stats-reset-time = 604800
|
||||
|
||||
# Keepalive in seconds
|
||||
keepalive = 32400
|
||||
|
||||
|
|
@ -136,7 +149,7 @@ tls-priorities = "NORMAL:%SERVER_PRECEDENCE:%COMPAT:-VERS-SSL3.0"
|
|||
|
||||
# The time (in seconds) that a client is allowed to stay connected prior
|
||||
# to authentication
|
||||
auth-timeout = 40
|
||||
auth-timeout = 240
|
||||
|
||||
# The time (in seconds) that a client is allowed to stay idle (no traffic)
|
||||
# before being disconnected. Unset to disable.
|
||||
|
|
@ -161,10 +174,10 @@ min-reauth-time = 360
|
|||
# locally from an HTTP server (i.e., when listen-clear-file is used).
|
||||
#
|
||||
# Set to zero to disable.
|
||||
max-ban-score = 50
|
||||
max-ban-score = 80
|
||||
|
||||
# The time (in seconds) that all score kept for a client is reset.
|
||||
ban-reset-time = 300
|
||||
ban-reset-time = 1200
|
||||
|
||||
# In case you'd like to change the default points.
|
||||
#ban-points-wrong-password = 10
|
||||
|
|
@ -172,13 +185,19 @@ ban-reset-time = 300
|
|||
#ban-points-kkdcp = 1
|
||||
|
||||
# Cookie timeout (in seconds)
|
||||
# which he can reconnect. That cookie will be invalided if not
|
||||
# used within this timeout value. On a user disconnection, that
|
||||
# cookie will also be active for this time amount prior to be
|
||||
# invalid. That should allow a reasonable amount of time for roaming
|
||||
# between different networks.
|
||||
# Once a client is authenticated he's provided a cookie with
|
||||
# which he can reconnect. That cookie will be invalidated if not
|
||||
# used within this timeout value. This cookie remains valid, during
|
||||
# the user's connected time, and after user disconnection it
|
||||
# remains active for this amount of time. That setting should allow a
|
||||
# reasonable amount of time for roaming between different networks.
|
||||
cookie-timeout = 300
|
||||
|
||||
# If this is enabled (not recommended) the cookies will stay
|
||||
# valid even after a user manually disconnects, and until they
|
||||
# expire. This may improve roaming with some broken clients.
|
||||
#persistent-cookies = true
|
||||
|
||||
# Whether roaming is allowed, i.e., if true a cookie is
|
||||
# restricted to a single IP address and cannot be re-used
|
||||
# from a different IP.
|
||||
|
|
@ -186,7 +205,8 @@ deny-roaming = false
|
|||
|
||||
# ReKey time (in seconds)
|
||||
# ocserv will ask the client to refresh keys periodically once
|
||||
# this amount of seconds is elapsed. Set to zero to disable.
|
||||
# this amount of seconds is elapsed. Set to zero to disable (note
|
||||
# that, some clients fail if rekey is disabled).
|
||||
rekey-time = 172800
|
||||
|
||||
# ReKey method
|
||||
|
|
@ -285,6 +305,10 @@ ipv4-netmask = |NETMASK|
|
|||
# it is not in use by another (unrelated to this server) host.
|
||||
ping-leases = |PING_LEASES|
|
||||
|
||||
# Whether to tunnel all DNS queries via the VPN. This is the default
|
||||
# when a default route is set.
|
||||
#tunnel-all-dns = true
|
||||
|
||||
# Unset to assign the default MTU of the device
|
||||
# mtu =
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue