[BACK]Return to load-tester.opt CVS log [TXT] [DIR] Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / conf / plugins
File:  [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / conf / plugins / load-tester.opt
Revision 1.1.1.2 (vendor branch): download - view: text, annotated - select for diffs - revision graph
Wed Mar 17 00:20:08 2021 UTC (4 years, 1 month ago) by misho
Branches: strongswan, MAIN
CVS tags: v5_9_2p0, HEAD
strongswan 5.9.2

    1: charon.plugins.load-tester {}
    2: 	Section to configure the load-tester plugin, see LOAD TESTS in
    3: 	**strongswan.conf**(5) for details.
    4: 
    5: charon.plugins.load-tester.addrs {}
    6: 	Section that contains key/value pairs with address pools (in CIDR notation)
    7: 	to use for a specific network interface e.g. eth0 = 10.10.0.0/16.
    8: 
    9: charon.plugins.load-tester.addrs_keep = no
   10: 	Whether to keep dynamic addresses even after the associated SA got
   11: 	terminated.
   12: 
   13: charon.plugins.load-tester.addrs_prefix = 16
   14: 	Network prefix length to use when installing dynamic addresses.
   15: 	If set to -1 the full address is used (i.e. 32 or 128).
   16: 
   17: charon.plugins.load-tester.ca_dir =
   18: 	Directory to load (intermediate) CA certificates from.
   19: 
   20: charon.plugins.load-tester.child_rekey = 600
   21: 	Seconds to start CHILD_SA rekeying after setup.
   22: 
   23: charon.plugins.load-tester.crl
   24: 	URI to a CRL to include as certificate distribution point in generated
   25: 	certificates.
   26: 
   27: charon.plugins.load-tester.delay = 0
   28: 	Delay between initiations for each thread.
   29: 
   30: charon.plugins.load-tester.delete_after_established = no
   31: 	Delete an IKE_SA as soon as it has been established.
   32: 
   33: charon.plugins.load-tester.digest = sha1
   34: 	Digest algorithm used when issuing certificates.
   35: 
   36: charon.plugins.load-tester.dpd_delay = 0
   37: 	DPD delay to use in load test.
   38: 
   39: charon.plugins.load-tester.dynamic_port = 0
   40: 	Base port to be used for requests (each client uses a different port).
   41: 
   42: charon.plugins.load-tester.eap_password = default-pwd
   43: 	EAP secret to use in load test.
   44: 
   45: charon.plugins.load-tester.enable = no
   46: 	Enable the load testing plugin. **WARNING**: Never enable this plugin on
   47: 	productive systems. It provides preconfigured credentials and allows an
   48: 	attacker to authenticate as any user.
   49: 
   50: charon.plugins.load-tester.esp = aes128-sha1
   51: 	CHILD_SA proposal to use for load tests.
   52: 
   53: charon.plugins.load-tester.fake_kernel = no
   54: 	Fake the kernel interface to allow load-testing against self.
   55: 
   56: charon.plugins.load-tester.ike_rekey = 0
   57: 	Seconds to start IKE_SA rekeying after setup.
   58: 
   59: charon.plugins.load-tester.init_limit = 0
   60: 	Global limit of concurrently established SAs during load test.
   61: 
   62: charon.plugins.load-tester.initiator = 0.0.0.0
   63: 	Address to initiate from.
   64: 
   65: charon.plugins.load-tester.initiators = 0
   66: 	Number of concurrent initiator threads to use in load test.
   67: 
   68: charon.plugins.load-tester.initiator_auth = pubkey
   69: 	Authentication method(s) the initiator uses.
   70: 
   71: charon.plugins.load-tester.initiator_id =
   72: 	Initiator ID used in load test.
   73: 
   74: charon.plugins.load-tester.initiator_match =
   75: 	Initiator ID to match against as responder.
   76: 
   77: charon.plugins.load-tester.initiator_tsi =
   78: 	Traffic selector on initiator side, as proposed by initiator.
   79: 
   80: charon.plugins.load-tester.initiator_tsr =
   81: 	Traffic selector on responder side, as proposed by initiator.
   82: 
   83: charon.plugins.load-tester.iterations = 1
   84: 	Number of IKE_SAs to initiate by each initiator in load test.
   85: 
   86: charon.plugins.load-tester.issuer_cert =
   87: 	Path to the issuer certificate (if not configured a hard-coded default value
   88: 	is used).
   89: 
   90: charon.plugins.load-tester.issuer_key =
   91: 	Path to private key that is used to issue certificates (if not configured a
   92: 	hard-coded default value is used).
   93: 
   94: charon.plugins.load-tester.mode = tunnel
   95: 	IPsec mode to use, one of _tunnel_, _transport_, or _beet_.
   96: 
   97: charon.plugins.load-tester.pool =
   98: 	Provide INTERNAL_IPV4_ADDRs from a named pool.
   99: 
  100: charon.plugins.load-tester.preshared_key = <default-psk>
  101: 	Preshared key to use in load test.
  102: 
  103: charon.plugins.load-tester.proposal = aes128-sha1-modp768
  104: 	IKE proposal to use in load test.
  105: 
  106: charon.plugins.load-tester.responder = 127.0.0.1
  107: 	Address to initiation connections to.
  108: 
  109: charon.plugins.load-tester.responder_auth = pubkey
  110: 	Authentication method(s) the responder uses.
  111: 
  112: charon.plugins.load-tester.responder_id =
  113: 	Responder ID used in load test.
  114: 
  115: charon.plugins.load-tester.responder_tsi = initiator_tsi
  116: 	Traffic selector on initiator side, as narrowed by responder.
  117: 
  118: charon.plugins.load-tester.responder_tsr = initiator_tsr
  119: 	Traffic selector on responder side, as narrowed by responder.
  120: 
  121: charon.plugins.load-tester.request_virtual_ip = no
  122: 	Request an INTERNAL_IPV4_ADDR and INTERNAL_IPV6_ADDR from the server.
  123: 
  124: charon.plugins.load-tester.shutdown_when_complete = no
  125: 	Shutdown the daemon after all IKE_SAs have been established.
  126: 
  127: charon.plugins.load-tester.socket = unix://${piddir}/charon.ldt
  128: 	Socket provided by the load-tester plugin.
  129: 
  130: charon.plugins.load-tester.version = 0
  131: 	IKE version to use (0 means use IKEv2 as initiator and accept any version as
  132: 	responder).
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>