[Openswan dev] wiki page for configs

[Harald Jenny]

On Wed, Oct 06, 2010 at 10:44:35AM -0400, Paul Wouters wrote:
> On Wed, 6 Oct 2010, Harald Jenny wrote:
> 
> >maybe a silly idea but how do you think about putting together a page with user
> >created config examples like the one from Adam Crane posted on users? As far as
> >I can tell this seems to be one of the greatest drawbacks for new users that we
> >lack a central knowledge base... maybe we should also put up the manpages (or
> >xml-files) on the webpage (preferable done automatically for the current active
> >release). How do you think about this?
> 
> We do ship those as "examples". A source install gives you /etc/ipsec.d/examples/
> and a fedora install gives those examples in /usr/share/doc/openswan-2*/*

/etc/ipsec.d/examples$ ls -1
hub-spoke.conf
ipv6.conf
l2tp-cert.conf
l2tp-cert-orgWIN2KXP.conf
l2tp-psk.conf
l2tp-psk-orgWIN2KXP.conf
linux-linux.conf
no_oe.conf
oe-exclude-dns.conf
sysctl.conf
xauth.conf

These are the files available under debian... how much are there supposed to
be?

> 
> But yes, we're still looking at migrating a lot of documentation and examples into
> the redmine based wiki to replace www.openswan.org.

Well the examples in /etc/ipsec.d/examples are nice but they do not really
cover much real world scenarios... for example a star-based IPSec structure for
a HQ and some other locations or the necessary quirks to use IPSecuritas under
MacOS with openswan server - you can find these examples in the web but only
when searching for a while.

> If there are volunteers who
> want to help with that, let me know.

*handup*

> documentation is hard to find people for.

Yes for sure, but without good documentation how are people supposed to really
use this software?

> Once
> they know too much, they tend to drop the documentation part (guilty as charged)

Me too - I think most important is to fix things we discover (for example the
issue you found concerning missing the protostack= line which results in MAST
being used).

> 
> Paul

Harald