Browse code

modules: readme files regenerated - ims_ipsec_pcscf ... [skip ci]

Kamailio Dev authored on 24/05/2022 08:46:28
Showing 1 changed files
... ...
@@ -51,6 +51,8 @@ Tsvetomir Dimitrov
51 51
               3.6. ipsec_reuse_server_port (int)
52 52
               3.7. ipsec_spi_id_start (int)
53 53
               3.8. ipsec_spi_id_range (int)
54
+              3.9. ipsec_preferred_alg (string)
55
+              3.10. ipsec_preferred_ealg (string)
54 56
 
55 57
         4. Functions
56 58
 
... ...
@@ -68,9 +70,11 @@ Tsvetomir Dimitrov
68 70
    1.6. ipsec_reuse_server_port parameter usage
69 71
    1.7. ipsec_spi_id_start parameter usage
70 72
    1.8. ipsec_spi_id_range parameter usage
71
-   1.9. ipsec_create
72
-   1.10. ipsec_forward
73
-   1.11. ipsec_destroy
73
+   1.9. ipsec_preferred_alg parameter usage
74
+   1.10. ipsec_preferred_ealg parameter usage
75
+   1.11. ipsec_create
76
+   1.12. ipsec_forward
77
+   1.13. ipsec_destroy
74 78
 
75 79
 Chapter 1. Admin Guide
76 80
 
... ...
@@ -92,6 +96,8 @@ Chapter 1. Admin Guide
92 96
         3.6. ipsec_reuse_server_port (int)
93 97
         3.7. ipsec_spi_id_start (int)
94 98
         3.8. ipsec_spi_id_range (int)
99
+        3.9. ipsec_preferred_alg (string)
100
+        3.10. ipsec_preferred_ealg (string)
95 101
 
96 102
    4. Functions
97 103
 
... ...
@@ -130,6 +136,8 @@ Chapter 1. Admin Guide
130 136
    3.6. ipsec_reuse_server_port (int)
131 137
    3.7. ipsec_spi_id_start (int)
132 138
    3.8. ipsec_spi_id_range (int)
139
+   3.9. ipsec_preferred_alg (string)
140
+   3.10. ipsec_preferred_ealg (string)
133 141
 
134 142
 3.1. ipsec_listen_addr (string)
135 143
 
... ...
@@ -159,8 +167,7 @@ modparam("ims_ipsec_pcscf", "ipsec_listen_addr6", "")
159 167
 
160 168
 3.3. ipsec_client_port (int)
161 169
 
162
-   Start port number which will be bound for incoming (server) IPSec
163
-   traffic.
170
+   Port number which will be bound for incoming (server) IPSec traffic.
164 171
 
165 172
    Default value is 5062.
166 173
 
... ...
@@ -171,8 +178,7 @@ modparam("ims_ipsec_pcscf", "ipsec_client_port", 5062)
171 178
 
172 179
 3.4. ipsec_server_port (int)
173 180
 
174
-   Start port number which will be bound for incoming (server) IPSec
175
-   traffic.
181
+   Port number which will be bound for incoming (server) IPSec traffic.
176 182
 
177 183
    Default value is 5063.
178 184
 
... ...
@@ -183,11 +189,7 @@ modparam("ims_ipsec_pcscf", "ipsec_server_port", 5063)
183 189
 
184 190
 3.5. ipsec_max_connections (int)
185 191
 
186
-   Maximum IPSec connections for the process. E.g. if
187
-   ipsec_client_port=5100, ipsec_server_port=6100 and
188
-   ipsec_max_connections=10, all client ports between 5100 and 5109 and
189
-   all server ports between 6100 and 6109 will be used for maximum to 10
190
-   IPSec connections.
192
+   Maximum simultanious IPSec connections
191 193
 
192 194
    Default value is 2.
193 195
 
... ...
@@ -198,11 +200,10 @@ modparam("ims_ipsec_pcscf", "ipsec_max_connections", 10)
198 200
 
199 201
 3.6. ipsec_reuse_server_port (int)
200 202
 
201
-   Reuse (1) or not (0) the P-CSCF Server port for Re-registration for one
202
-   UA. When set to 0 - During Re-registration P-CSCF will distribute new
203
-   P-CSCF client and P-CSCF server ports. When set to 1 - During
204
-   Re-registration P-CSCF will reuse the old P-CSCF server port and will
205
-   distribute a new P-CSCF client port.
203
+   Reuse (1) or not (0) the P-CSCF IPSec information for Re-registration
204
+   for one UA. When set to 0 - During Re-registration P-CSCF will create
205
+   new IPSec tunnels. When set to 1 - During Re-registration P-CSCF will
206
+   reuse the old IPSec tunnels.
206 207
 
207 208
    Default value is 1.
208 209
 
... ...
@@ -238,6 +239,33 @@ modparam("ims_ipsec_pcscf", "ipsec_spi_id_start", 100)
238 239
 modparam("ims_ipsec_pcscf", "ipsec_spi_id_range", 1000)
239 240
 ...
240 241
 
242
+3.9. ipsec_preferred_alg (string)
243
+
244
+   A name of an authentication algorithm which the Proxy-CSCF will prefer
245
+   when creating IPSec tunnels.
246
+
247
+   Default value is empty string (null) - the last algorithm in the
248
+   Sec-Agree header will be used.
249
+
250
+   Example 1.9. ipsec_preferred_alg parameter usage
251
+...
252
+modparam("ims_ipsec_pcscf", "ipsec_preferred_alg", "hmac-sha-1-96")
253
+...
254
+
255
+3.10. ipsec_preferred_ealg (string)
256
+
257
+   A name of an encrytion algorithm which the Proxy-CSCF will prefer when
258
+   creating IPSec tunnels.
259
+
260
+   Default value is empty string (null) - the last algorithm in the
261
+   Sec-Agree header will be used. Note that the possibility of it being
262
+   the "null" algorithm is not insignificant.
263
+
264
+   Example 1.10. ipsec_preferred_ealg parameter usage
265
+...
266
+modparam("ims_ipsec_pcscf", "ipsec_preferred_ealg", "aes-cbc")
267
+...
268
+
241 269
 4. Functions
242 270
 
243 271
    4.1. ipsec_create(domain)
... ...
@@ -258,7 +286,7 @@ modparam("ims_ipsec_pcscf", "ipsec_spi_id_range", 1000)
258 286
        every registration. This is an optional parameter, default value -
259 287
        0.
260 288
 
261
-   Example 1.9. ipsec_create
289
+   Example 1.11. ipsec_create
262 290
 ...
263 291
 ipsec_create("location");
264 292
 # or
... ...
@@ -278,7 +306,7 @@ ipsec_create("location", "1");
278 306
        the memory. Useful when contact alias is disabled. This is an
279 307
        optional parameter, default value - 0.
280 308
 
281
-   Example 1.10. ipsec_forward
309
+   Example 1.12. ipsec_forward
282 310
 ...
283 311
 ipsec_forward("location");
284 312
 # or
... ...
@@ -293,7 +321,7 @@ ipsec_forward("location", "1");
293 321
      * domain - Logical domain within the registrar. If a database is used
294 322
        then this must be name of the table which stores the contacts.
295 323
 
296
-   Example 1.11. ipsec_destroy
324
+   Example 1.13. ipsec_destroy
297 325
 ...
298 326
 ipsec_destroy("location");
299 327
 ...