[Openswan dev] wiki page for configs

David McCullough david_mccullough at mcafee.com
Wed Oct 6 19:07:27 EDT 2010

Jivin Harald Jenny lays it down ...
> On Wed, Oct 06, 2010 at 10:44:35AM -0400, Paul Wouters wrote:
> > On Wed, 6 Oct 2010, Harald Jenny wrote:
> > 
> > >maybe a silly idea but how do you think about putting together a page with user
> > >created config examples like the one from Adam Crane posted on users? As far as
> > >I can tell this seems to be one of the greatest drawbacks for new users that we
> > >lack a central knowledge base... maybe we should also put up the manpages (or
> > >xml-files) on the webpage (preferable done automatically for the current active
> > >release). How do you think about this?
> > 
> > We do ship those as "examples". A source install gives you /etc/ipsec.d/examples/
> > and a fedora install gives those examples in /usr/share/doc/openswan-2*/*
> /etc/ipsec.d/examples$ ls -1
> hub-spoke.conf
> ipv6.conf
> l2tp-cert.conf
> l2tp-cert-orgWIN2KXP.conf
> l2tp-psk.conf
> l2tp-psk-orgWIN2KXP.conf
> linux-linux.conf
> no_oe.conf
> oe-exclude-dns.conf
> sysctl.conf
> xauth.conf
> These are the files available under debian... how much are there supposed to
> be?
> > 
> > But yes, we're still looking at migrating a lot of documentation and examples into
> > the redmine based wiki to replace www.openswan.org.
> Well the examples in /etc/ipsec.d/examples are nice but they do not really
> cover much real world scenarios... for example a star-based IPSec structure for
> a HQ and some other locations or the necessary quirks to use IPSecuritas under
> MacOS with openswan server - you can find these examples in the web but only
> when searching for a while.
> > If there are volunteers who
> > want to help with that, let me know.
> *handup*
> > documentation is hard to find people for.
> Yes for sure, but without good documentation how are people supposed to really
> use this software?
> > Once
> > they know too much, they tend to drop the documentation part (guilty as charged)
> Me too - I think most important is to fix things we discover (for example the
> issue you found concerning missing the protostack= line which results in MAST
> being used).

Actually,  just looked through the top level README in the source,  that
could do with an update as well,  INSTALL is actually better for most people.
I am happy to have a go at it if everyone agrees.


David McCullough,      david_mccullough at mcafee.com,  Ph:+61 734352815
McAfee - SnapGear      http://www.mcafee.com         http://www.uCdot.org

More information about the Dev mailing list