[ previous ] [ next ] [ threads ]
 From:  "Brian Z" <mono at ricerage dot org>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  ipsec config feature request
 Date:  Sun, 18 Jan 2004 22:49:23 -0500 (EST)
Hi all,

Really this is a request for input, rather than a plea for yet another
useless feature. Here it comes...

Under the IPSec tunnels menu, how about instead of just disabling IPSec
completely, an option be added to each configuration profile to disable
it? I have no plans to use such a multi-tunnel config, but it seems like
a beneficial option for those who plan on using m0n0wall to connect
multiple remote offices into their main branch.

Surely the existing option to disable it across the board should stay,
but would it actually be difficult to have profiles "taken out of
service"? Now, personally I've never touched a line of code in any
language, much less PHP, but wouldn't it be a simple matter of
commenting out the particular config stanzas in the racoon conf, and
restarting the daemon? My understanding of BSD's IPSec implementation is
shaky (much like my ipfilter knowledge), so apologies if I'm way off
base on any or all of this. Any and all responses are, of
course,welcome. Thanks.