enabled crl fetching using crlcheckinterval != 0
authorAndreas Steffen <andreas.steffen@strongswan.org>
Thu, 5 Apr 2007 17:40:33 +0000 (17:40 -0000)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Thu, 5 Apr 2007 17:40:33 +0000 (17:40 -0000)
64 files changed:
testing/tests/ikev2/crl-revoked/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/crl-revoked/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/crl-revoked/pretest.dat
testing/tests/ikev2/crl-strict/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/crl-strict/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/crl-strict/pretest.dat
testing/tests/ikev2/double-nat-net/hosts/alice/etc/ipsec.conf
testing/tests/ikev2/double-nat-net/hosts/bob/etc/ipsec.conf
testing/tests/ikev2/double-nat/hosts/alice/etc/ipsec.conf
testing/tests/ikev2/double-nat/hosts/bob/etc/ipsec.conf
testing/tests/ikev2/dpd-clear/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/dpd-clear/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/dpd-hold/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/dpd-hold/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/dpd-restart/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/dpd-restart/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/host2host-cert/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/host2host-cert/hosts/sun/etc/ipsec.conf
testing/tests/ikev2/host2host-swapped/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/host2host-swapped/hosts/sun/etc/ipsec.conf
testing/tests/ikev2/host2host-transport/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/host2host-transport/hosts/sun/etc/ipsec.conf
testing/tests/ikev2/nat-one-rw/hosts/alice/etc/ipsec.conf
testing/tests/ikev2/nat-one-rw/hosts/sun/etc/ipsec.conf
testing/tests/ikev2/nat-two-rw/hosts/alice/etc/ipsec.conf
testing/tests/ikev2/nat-two-rw/hosts/sun/etc/ipsec.conf
testing/tests/ikev2/nat-two-rw/hosts/venus/etc/ipsec.conf
testing/tests/ikev2/net2net-cert/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/net2net-cert/hosts/sun/etc/ipsec.conf
testing/tests/ikev2/net2net-cert/posttest.dat
testing/tests/ikev2/net2net-cert/pretest.dat
testing/tests/ikev2/net2net-route/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/net2net-route/hosts/sun/etc/ipsec.conf
testing/tests/ikev2/net2net-start/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/net2net-start/hosts/sun/etc/ipsec.conf
testing/tests/ikev2/ocsp-untrusted-cert/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/ocsp-untrusted-cert/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/ocsp-untrusted-cert/posttest.dat
testing/tests/ikev2/ocsp-untrusted-cert/pretest.dat
testing/tests/ikev2/protoport-dual/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/protoport-dual/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/protoport-route/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/protoport-route/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/rw-cert/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/rw-cert/hosts/dave/etc/ipsec.conf
testing/tests/ikev2/rw-cert/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/rw-cert/posttest.dat
testing/tests/ikev2/rw-cert/pretest.dat
testing/tests/ikev2/rw-psk-rsa-mixed/hosts/dave/etc/ipsec.conf
testing/tests/ikev2/rw-psk-rsa-mixed/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/rw-psk-rsa-mixed/posttest.dat
testing/tests/ikev2/rw-psk-rsa-mixed/pretest.dat
testing/tests/ikev2/rw-psk-rsa-split/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/rw-psk-rsa-split/hosts/dave/etc/ipsec.conf
testing/tests/ikev2/rw-psk-rsa-split/posttest.dat
testing/tests/ikev2/rw-psk-rsa-split/pretest.dat
testing/tests/ikev2/strong-keys-certs/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/strong-keys-certs/hosts/dave/etc/ipsec.conf
testing/tests/ikev2/strong-keys-certs/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/strong-keys-certs/posttest.dat
testing/tests/ikev2/strong-keys-certs/pretest.dat
testing/tests/ikev2/wildcards/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/wildcards/hosts/dave/etc/ipsec.conf
testing/tests/ikev2/wildcards/hosts/moon/etc/ipsec.conf

index a6a1125..29b3c2a 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+       crlcheckinterval=180
        strictcrlpolicy=yes
        plutostart=no
 
index 539006b..a1a9587 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=yes
        plutostart=no
 
index 0b8e476..8984dcb 100644 (file)
@@ -1,4 +1,3 @@
-moon::wget -q http://crl.strongswan.org/strongswan.crl -O /etc/ipsec.d/crls/strongswan.crl
 moon::ipsec start
 carol::ipsec start
 carol::sleep 1 
index a423e58..52e5c29 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=yes
        plutostart=no
 
index 19d240c..a9f6a4b 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=yes
        plutostart=no
 
index eebd3eb..8984dcb 100644 (file)
@@ -1,5 +1,3 @@
-moon::wget -q http://crl.strongswan.org/strongswan.crl -O /etc/ipsec.d/crls/strongswan.crl
-carol::wget -q http://crl.strongswan.org/strongswan.crl -O /etc/ipsec.d/crls/strongswan.crl
 moon::ipsec start
 carol::ipsec start
 carol::sleep 1 
index d112d13..c8aa460 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index a7d9e15..f0c5b6f 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index d6f4b55..26830f3 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+       crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index e8338e1..b4a24cb 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index a8eee1f..e5d9ad4 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index 8658cfa..97b5411 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index d66c0e4..dff90e5 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index 8658cfa..97b5411 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index b7d8233..7c5b88a 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index 8658cfa..97b5411 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index 5ace1ba..2d41690 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index d127fda..7ffbf64 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index 7a5c3a2..0c3dd7a 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index 9add2f1..bd510cc 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index 9d3060b..f957e5f 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index 1467e7e..52b6050 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index ef36505..8db4321 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index 1b13ddd..a2c1686 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index 09d1448..3da2fcf 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index 8a289fd..d8b4263 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+       crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index 2a6de5f..3a70b34 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index a3213b9..e86ed4f 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index 06bf64b..ea55d2e 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index de041dd..a4c96e1 100644 (file)
@@ -2,6 +2,4 @@ moon::ipsec stop
 sun::ipsec stop
 moon::/etc/init.d/iptables stop 2> /dev/null
 sun::/etc/init.d/iptables stop 2> /dev/null
-moon::rm /etc/ipsec.d/crls/*
-sun::rm /etc/ipsec.d/crls/*
 
index d19d920..2d7a78a 100644 (file)
@@ -1,7 +1,5 @@
 moon::/etc/init.d/iptables start 2> /dev/null
 sun::/etc/init.d/iptables start 2> /dev/null
-moon::wget -q http://crl.strongswan.org/strongswan.crl -O /etc/ipsec.d/crls/strongswan.crl
-sun::wget -q http://crl.strongswan.org/strongswan.crl -O /etc/ipsec.d/crls/strongswan.crl
 moon::ipsec start
 sun::ipsec start
 moon::sleep 1 
index b805c06..8b85488 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index 06bf64b..ea55d2e 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index a96cde3..091871e 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index ec127a4..b2e4189 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index 0209111..3c685a8 100755 (executable)
@@ -1,7 +1,6 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
-       crlcheckinterval=180
        strictcrlpolicy=yes
        plutostart=no
 
index 21b48ef..e2fabe0 100755 (executable)
@@ -1,7 +1,6 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
-       crlcheckinterval=180
        strictcrlpolicy=yes
        plutostart=no
 
index cf72480..c6d6235 100644 (file)
@@ -1,4 +1,2 @@
 moon::ipsec stop
 carol::ipsec stop
-moon::iptables -F OUTPUT
-carol::iptables -F OUTPUT
index 7d9d600..d92333d 100644 (file)
@@ -1,5 +1,3 @@
-moon::iptables -I OUTPUT -d PH_IP_WINNETOU -p tcp --dport 80 -j DROP
-carol::iptables -I OUTPUT -d PH_IP_WINNETOU -p tcp --dport 80 -j DROP
 moon::ipsec start
 carol::ipsec start
 carol::sleep 2
index 3511171..eda0ddf 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index 19da44c..0bc0338 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index 4571ddb..7f4e37b 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index 19da44c..0bc0338 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index a8eee1f..e5d9ad4 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index 1fb8203..3c00149 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index 655c7c4..b8bc990 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index 0226dfd..7cebd7f 100644 (file)
@@ -4,6 +4,3 @@ dave::ipsec stop
 moon::/etc/init.d/iptables stop 2> /dev/null
 carol::/etc/init.d/iptables stop 2> /dev/null
 dave::/etc/init.d/iptables stop 2> /dev/null
-moon::rm /etc/ipsec.d/crls/*
-carol::rm /etc/ipsec.d/crls/*
-dave::rm /etc/ipsec.d/crls/*
index b3b89ab..42e9d7c 100644 (file)
@@ -1,9 +1,6 @@
 moon::/etc/init.d/iptables start 2> /dev/null
 carol::/etc/init.d/iptables start 2> /dev/null
 dave::/etc/init.d/iptables start 2> /dev/null
-moon::wget -q http://crl.strongswan.org/strongswan.crl -O /etc/ipsec.d/crls/strongswan.crl
-carol::wget -q http://crl.strongswan.org/strongswan.crl -O /etc/ipsec.d/crls/strongswan.crl
-dave::wget -q http://crl.strongswan.org/strongswan.crl -O /etc/ipsec.d/crls/strongswan.crl
 moon::ipsec start
 carol::ipsec start
 dave::ipsec start
index 1fb8203..ac99ac6 100755 (executable)
@@ -2,6 +2,7 @@
 
 config setup
        strictcrlpolicy=no
+        crlcheckinterval=180
        plutostart=no
 
 conn %default
index fcd5395..7419be9 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index 0226dfd..7cebd7f 100644 (file)
@@ -4,6 +4,3 @@ dave::ipsec stop
 moon::/etc/init.d/iptables stop 2> /dev/null
 carol::/etc/init.d/iptables stop 2> /dev/null
 dave::/etc/init.d/iptables stop 2> /dev/null
-moon::rm /etc/ipsec.d/crls/*
-carol::rm /etc/ipsec.d/crls/*
-dave::rm /etc/ipsec.d/crls/*
index b3b89ab..e48d11e 100644 (file)
@@ -1,9 +1,7 @@
 moon::/etc/init.d/iptables start 2> /dev/null
 carol::/etc/init.d/iptables start 2> /dev/null
 dave::/etc/init.d/iptables start 2> /dev/null
-moon::wget -q http://crl.strongswan.org/strongswan.crl -O /etc/ipsec.d/crls/strongswan.crl
-carol::wget -q http://crl.strongswan.org/strongswan.crl -O /etc/ipsec.d/crls/strongswan.crl
-dave::wget -q http://crl.strongswan.org/strongswan.crl -O /etc/ipsec.d/crls/strongswan.crl
+carol::rm /etc/ipsec.d/cacerts/*
 moon::ipsec start
 carol::ipsec start
 dave::ipsec start
index 9a5087f..6a8253d 100755 (executable)
@@ -1,6 +1,8 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
+       strictcrlpolicy=no
        plutostart=no
 
 conn %default
index 7b6e448..3c9e9a0 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index 0226dfd..7cebd7f 100644 (file)
@@ -4,6 +4,3 @@ dave::ipsec stop
 moon::/etc/init.d/iptables stop 2> /dev/null
 carol::/etc/init.d/iptables stop 2> /dev/null
 dave::/etc/init.d/iptables stop 2> /dev/null
-moon::rm /etc/ipsec.d/crls/*
-carol::rm /etc/ipsec.d/crls/*
-dave::rm /etc/ipsec.d/crls/*
index b3b89ab..42e9d7c 100644 (file)
@@ -1,9 +1,6 @@
 moon::/etc/init.d/iptables start 2> /dev/null
 carol::/etc/init.d/iptables start 2> /dev/null
 dave::/etc/init.d/iptables start 2> /dev/null
-moon::wget -q http://crl.strongswan.org/strongswan.crl -O /etc/ipsec.d/crls/strongswan.crl
-carol::wget -q http://crl.strongswan.org/strongswan.crl -O /etc/ipsec.d/crls/strongswan.crl
-dave::wget -q http://crl.strongswan.org/strongswan.crl -O /etc/ipsec.d/crls/strongswan.crl
 moon::ipsec start
 carol::ipsec start
 dave::ipsec start
index 9d2f533..4ddd992 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index 7f650e5..2b54073 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index ac7c2ce..9c0a14c 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index 240462c..9ccbaa1 100644 (file)
@@ -4,9 +4,6 @@ dave::ipsec stop
 moon::/etc/init.d/iptables stop 2> /dev/null
 carol::/etc/init.d/iptables stop 2> /dev/null
 dave::/etc/init.d/iptables stop 2> /dev/null
-moon::rm /etc/ipsec.d/crls/*
-carol::rm /etc/ipsec.d/crls/*
-dave::rm /etc/ipsec.d/crls/*
 moon::rm /etc/ipsec.d/private/*
 carol::rm /etc/ipsec.d/private/*
 dave::rm /etc/ipsec.d/private/*
index d917ec4..de51ccd 100644 (file)
@@ -1,9 +1,6 @@
 moon::/etc/init.d/iptables start 2> /dev/null
 carol::/etc/init.d/iptables start 2> /dev/null
 dave::/etc/init.d/iptables start 2> /dev/null
-moon::wget -q http://crl.strongswan.org/strongswan.crl -O /etc/ipsec.d/crls/strongswan.crl
-carol::wget -q http://crl.strongswan.org/strongswan.crl -O /etc/ipsec.d/crls/strongswan.crl
-dave::wget -q http://crl.strongswan.org/strongswan.crl -O /etc/ipsec.d/crls/strongswan.crl
 moon::ipsec start
 carol::ipsec start
 dave::ipsec start
index 7396427..59d41eb 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index 886d643..81e86e8 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
 
index ec252a8..366e1fa 100755 (executable)
@@ -1,6 +1,7 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
+        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no