Mercurial > hg > freeDiameter
view doc/acl_wl.conf.sample @ 1249:4ad4d614acfa
Attempt to produce a CEA that is compliant with the ABNF when the Error bit is not set. Thanks Antonio Martinez for the report -- http://lists.freediameter.net/pipermail/dev/2013-December/000263.html
author | Sebastien Decugis <sdecugis@freediameter.net> |
---|---|
date | Mon, 16 Dec 2013 15:55:36 +0100 |
parents | 79768bf7d208 |
children | 0dff6a604b0a |
line wrap: on
line source
# Configuration file for the peer whitelist extension. # # This extension is meant to allow connection from remote peers, without actively # maintaining this connection ourselves (as it would be the case by declaring the # peer in a ConnectPeer directive). # The format of this file is very simple. It contains a list of peer names # separated by spaces or newlines. # # The peer name must be a fqdn. We allow also a special "*" character as the # first label of the fqdn, to allow all fqdn with the same domain name. # Example: *.example.net will allow host1.example.net and host2.example.net # # At the beginning of a line, the following flags are allowed (case sensitive) -- either or both can appear: # ALLOW_OLD_TLS : we accept unprotected CER/CEA exchange with Inband-Security-Id = TLS # ALLOW_IPSEC : we accept implicitly protected connection with with peer (Inband-Security-Id = IPSec) # It is specified for example as: # ALLOW_IPSEC vpn.example.net vpn2.example.net *.vpn.example.net # These flag take effect from their position, until the end of the line.