Annotation of embedaddon/strongswan/conf/plugins/load-tester.conf, revision 1.1
1.1 ! misho 1: # Section to configure the load-tester plugin, see LOAD TESTS in
! 2: # strongswan.conf(5) for details.
! 3: load-tester {
! 4:
! 5: # Whether to keep dynamic addresses even after the associated SA got
! 6: # terminated.
! 7: # addrs_keep = no
! 8:
! 9: # Network prefix length to use when installing dynamic addresses. If set to
! 10: # -1 the full address is used (i.e. 32 or 128).
! 11: # addrs_prefix = 16
! 12:
! 13: # Directory to load (intermediate) CA certificates from.
! 14: # ca_dir =
! 15:
! 16: # Seconds to start CHILD_SA rekeying after setup.
! 17: # child_rekey = 600
! 18:
! 19: # URI to a CRL to include as certificate distribution point in generated
! 20: # certificates.
! 21: # crl =
! 22:
! 23: # Delay between initiations for each thread.
! 24: # delay = 0
! 25:
! 26: # Delete an IKE_SA as soon as it has been established.
! 27: # delete_after_established = no
! 28:
! 29: # Digest algorithm used when issuing certificates.
! 30: # digest = sha1
! 31:
! 32: # DPD delay to use in load test.
! 33: # dpd_delay = 0
! 34:
! 35: # Base port to be used for requests (each client uses a different port).
! 36: # dynamic_port = 0
! 37:
! 38: # EAP secret to use in load test.
! 39: # eap_password = default-pwd
! 40:
! 41: # Enable the load testing plugin. WARNING: Never enable this plugin on
! 42: # productive systems. It provides preconfigured credentials and allows an
! 43: # attacker to authenticate as any user.
! 44: # enable = no
! 45:
! 46: # CHILD_SA proposal to use for load tests.
! 47: # esp = aes128-sha1
! 48:
! 49: # Fake the kernel interface to allow load-testing against self.
! 50: # fake_kernel = no
! 51:
! 52: # Seconds to start IKE_SA rekeying after setup.
! 53: # ike_rekey = 0
! 54:
! 55: # Global limit of concurrently established SAs during load test.
! 56: # init_limit = 0
! 57:
! 58: # Address to initiate from.
! 59: # initiator = 0.0.0.0
! 60:
! 61: # Authentication method(s) the initiator uses.
! 62: # initiator_auth = pubkey
! 63:
! 64: # Initiator ID used in load test.
! 65: # initiator_id =
! 66:
! 67: # Initiator ID to match against as responder.
! 68: # initiator_match =
! 69:
! 70: # Traffic selector on initiator side, as proposed by initiator.
! 71: # initiator_tsi =
! 72:
! 73: # Traffic selector on responder side, as proposed by initiator.
! 74: # initiator_tsr =
! 75:
! 76: # Number of concurrent initiator threads to use in load test.
! 77: # initiators = 0
! 78:
! 79: # Path to the issuer certificate (if not configured a hard-coded default
! 80: # value is used).
! 81: # issuer_cert =
! 82:
! 83: # Path to private key that is used to issue certificates (if not configured
! 84: # a hard-coded default value is used).
! 85: # issuer_key =
! 86:
! 87: # Number of IKE_SAs to initiate by each initiator in load test.
! 88: # iterations = 1
! 89:
! 90: # Whether to load the plugin. Can also be an integer to increase the
! 91: # priority of this plugin.
! 92: load = yes
! 93:
! 94: # IPsec mode to use, one of tunnel, transport, or beet.
! 95: # mode = tunnel
! 96:
! 97: # Provide INTERNAL_IPV4_ADDRs from a named pool.
! 98: # pool =
! 99:
! 100: # Preshared key to use in load test.
! 101: # preshared_key = <default-psk>
! 102:
! 103: # IKE proposal to use in load test.
! 104: # proposal = aes128-sha1-modp768
! 105:
! 106: # Request an INTERNAL_IPV4_ADDR from the server.
! 107: # request_virtual_ip = no
! 108:
! 109: # Address to initiation connections to.
! 110: # responder = 127.0.0.1
! 111:
! 112: # Authentication method(s) the responder uses.
! 113: # responder_auth = pubkey
! 114:
! 115: # Responder ID used in load test.
! 116: # responder_id =
! 117:
! 118: # Traffic selector on initiator side, as narrowed by responder.
! 119: # responder_tsi = initiator_tsi
! 120:
! 121: # Traffic selector on responder side, as narrowed by responder.
! 122: # responder_tsr = initiator_tsr
! 123:
! 124: # Shutdown the daemon after all IKE_SAs have been established.
! 125: # shutdown_when_complete = no
! 126:
! 127: # Socket provided by the load-tester plugin.
! 128: # socket = unix://${piddir}/charon.ldt
! 129:
! 130: # IKE version to use (0 means use IKEv2 as initiator and accept any version
! 131: # as responder).
! 132: # version = 0
! 133:
! 134: # Section that contains key/value pairs with address pools (in CIDR
! 135: # notation) to use for a specific network interface e.g. eth0 =
! 136: # 10.10.0.0/16.
! 137: addrs {
! 138:
! 139: }
! 140:
! 141: }
! 142:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to load-tester.conf CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / conf / plugins