Browse Source

ocserv: updated to 0.11.8

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
lilik-openwrt-22.03
Nikos Mavrogiannopoulos 8 years ago
parent
commit
d92ea54c4f
2 changed files with 36 additions and 12 deletions
  1. +3
    -3
      net/ocserv/Makefile
  2. +33
    -9
      net/ocserv/files/ocserv.conf.template

+ 3
- 3
net/ocserv/Makefile View File

@ -8,14 +8,14 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=ocserv PKG_NAME:=ocserv
PKG_VERSION:=0.11.7
PKG_RELEASE:=3
PKG_VERSION:=0.11.8
PKG_RELEASE:=1
PKG_USE_MIPS16:=0 PKG_USE_MIPS16:=0
PKG_BUILD_DIR :=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) PKG_BUILD_DIR :=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=ftp://ftp.infradead.org/pub/ocserv/ PKG_SOURCE_URL:=ftp://ftp.infradead.org/pub/ocserv/
PKG_MD5SUM:=4c47b039bfaf1cecea6a2206dfe0ccd6
PKG_HASH:=735b9b88a004d5bc8a91d4093d07ea0e2c9fac370a35d84beccc394ed24420c7
PKG_LICENSE:=GPLv2+ PKG_LICENSE:=GPLv2+
PKG_LICENSE_FILES:=COPYING PKG_LICENSE_FILES:=COPYING


+ 33
- 9
net/ocserv/files/ocserv.conf.template View File

@ -1,3 +1,10 @@
############################################################################
# NOTE: Do not modify this file to configure ocserv. Add new directives #
# in /etc/ocserv/ocserv.conf.local and these will be included in ocserv's #
# configuration #
############################################################################
# User authentication method. Could be set multiple times and in that case # User authentication method. Could be set multiple times and in that case
# all should succeed. # all should succeed.
# Options: certificate, pam. # Options: certificate, pam.
@ -51,6 +58,12 @@ tcp-port = |PORT|
# radius is in use. # radius is in use.
#stats-report-time = 360 #stats-report-time = 360
# Stats reset time. The period of time statistics kept by main/sec-mod
# processes will be reset. These are the statistics shown by cmd
# 'occtl show stats'. For daily: 86400, weekly: 604800
# This is unrelated to stats-report-time.
server-stats-reset-time = 604800
# Keepalive in seconds # Keepalive in seconds
keepalive = 32400 keepalive = 32400
@ -136,7 +149,7 @@ tls-priorities = "NORMAL:%SERVER_PRECEDENCE:%COMPAT:-VERS-SSL3.0"
# The time (in seconds) that a client is allowed to stay connected prior # The time (in seconds) that a client is allowed to stay connected prior
# to authentication # to authentication
auth-timeout = 40
auth-timeout = 240
# The time (in seconds) that a client is allowed to stay idle (no traffic) # The time (in seconds) that a client is allowed to stay idle (no traffic)
# before being disconnected. Unset to disable. # before being disconnected. Unset to disable.
@ -161,10 +174,10 @@ min-reauth-time = 360
# locally from an HTTP server (i.e., when listen-clear-file is used). # locally from an HTTP server (i.e., when listen-clear-file is used).
# #
# Set to zero to disable. # Set to zero to disable.
max-ban-score = 50
max-ban-score = 80
# The time (in seconds) that all score kept for a client is reset. # The time (in seconds) that all score kept for a client is reset.
ban-reset-time = 300
ban-reset-time = 1200
# In case you'd like to change the default points. # In case you'd like to change the default points.
#ban-points-wrong-password = 10 #ban-points-wrong-password = 10
@ -172,13 +185,19 @@ ban-reset-time = 300
#ban-points-kkdcp = 1 #ban-points-kkdcp = 1
# Cookie timeout (in seconds) # Cookie timeout (in seconds)
# which he can reconnect. That cookie will be invalided if not
# used within this timeout value. On a user disconnection, that
# cookie will also be active for this time amount prior to be
# invalid. That should allow a reasonable amount of time for roaming
# between different networks.
# Once a client is authenticated he's provided a cookie with
# which he can reconnect. That cookie will be invalidated if not
# used within this timeout value. This cookie remains valid, during
# the user's connected time, and after user disconnection it
# remains active for this amount of time. That setting should allow a
# reasonable amount of time for roaming between different networks.
cookie-timeout = 300 cookie-timeout = 300
# If this is enabled (not recommended) the cookies will stay
# valid even after a user manually disconnects, and until they
# expire. This may improve roaming with some broken clients.
#persistent-cookies = true
# Whether roaming is allowed, i.e., if true a cookie is # Whether roaming is allowed, i.e., if true a cookie is
# restricted to a single IP address and cannot be re-used # restricted to a single IP address and cannot be re-used
# from a different IP. # from a different IP.
@ -186,7 +205,8 @@ deny-roaming = false
# ReKey time (in seconds) # ReKey time (in seconds)
# ocserv will ask the client to refresh keys periodically once # ocserv will ask the client to refresh keys periodically once
# this amount of seconds is elapsed. Set to zero to disable.
# this amount of seconds is elapsed. Set to zero to disable (note
# that, some clients fail if rekey is disabled).
rekey-time = 172800 rekey-time = 172800
# ReKey method # ReKey method
@ -285,6 +305,10 @@ ipv4-netmask = |NETMASK|
# it is not in use by another (unrelated to this server) host. # it is not in use by another (unrelated to this server) host.
ping-leases = |PING_LEASES| ping-leases = |PING_LEASES|
# Whether to tunnel all DNS queries via the VPN. This is the default
# when a default route is set.
#tunnel-all-dns = true
# Unset to assign the default MTU of the device # Unset to assign the default MTU of the device
# mtu = # mtu =


Loading…
Cancel
Save