From patchwork Wed Feb 5 11:24:25 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Tremer X-Patchwork-Id: 2753 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 48CK374HPvz3xyL for ; Wed, 5 Feb 2020 11:24:35 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail02.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 48CK360gWSz6ZT; Wed, 5 Feb 2020 11:24:34 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 48CK3553Ncz2yW9; Wed, 5 Feb 2020 11:24:33 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 48CK3504Fkz2xrx for ; Wed, 5 Feb 2020 11:24:33 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id 48CK342x38z6Z2; Wed, 5 Feb 2020 11:24:32 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=201909ed25519; t=1580901872; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:in-reply-to:in-reply-to:references:references; bh=twwV5TM8lTTnzZGHA5ebHjlbBMoyp+VqxLZtauc/snc=; b=NFDiv1WtaZYP4LKhvb31EC1lhz8u28m2xIXZmDH+wV8I+WtQDPe3EIXnQAyVl8s6T/Y/Ai aQ8CUqvBx50Bs8CQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201909rsa; t=1580901872; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:in-reply-to:in-reply-to:references:references; bh=twwV5TM8lTTnzZGHA5ebHjlbBMoyp+VqxLZtauc/snc=; b=j5eUys4GMA46bWNhYhId3mASxRMbpko6vfkGNXQtnuHTCsqm6GVgCCXflD3zSw/7DTLxkR tp6T+ZZIudh12yjTvcGAYIsqtpt4ox/4VikMJxZGTCSyL9/lOLVcIdVRvFE0dX4z0a3onB eqn8AP2J/tD9ra8lzQkR71bsfv3CE0+feZ6lnq9BR5wpAAnLdbGEjuyRjhjYYmGLjFOK37 /3ko69qfj0hXfk7V28k98tl2cfNncmVrQy1PAw5NpKZlsz/pDV/+/M2Xwasg6rTHpE3PnJ 9x8KL8IwVgcDMTtZ62sfSg00Dl7Re497BLTd67Oeb6cRCqkm7pnov0Nh28sTvQ== From: Michael Tremer To: development@lists.ipfire.org Subject: [PATCH 2/2] ipsec: Silence charon Date: Wed, 5 Feb 2020 11:24:25 +0000 Message-Id: <20200205112425.20108-2-michael.tremer@ipfire.org> In-Reply-To: <20200205112425.20108-1-michael.tremer@ipfire.org> References: <20200205112425.20108-1-michael.tremer@ipfire.org> Authentication-Results: mail01.ipfire.org; auth=pass smtp.mailfrom=michael.tremer@ipfire.org X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michael Tremer Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Charon has some verbose logging enabled by default. This clutters the logs a lot. This patch disables debug logging but still lets charon log important messages like tunnels that are going up or down. Signed-off-by: Michael Tremer --- html/cgi-bin/vpnmain.cgi | 3 +++ 1 file changed, 3 insertions(+) diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi index b3cd3e51e..d2bc70a27 100644 --- a/html/cgi-bin/vpnmain.cgi +++ b/html/cgi-bin/vpnmain.cgi @@ -266,6 +266,9 @@ sub writeipsecfiles { flock CONF, 2; flock SECRETS, 2; print CONF "version 2\n\n"; + print CONF "config setup\n"; + print CONF "\tcharondebug=\"dmn 0, mgr 0, ike 0, chd 0, job 0, cfg 0, knl 0, net 0, asn 0, enc 0, lib 0, esp 0, tls 0, tnc 0, imc 0, imv 0, pts 0\"\n"; + print CONF "\n"; print CONF "conn %default\n"; print CONF "\tkeyingtries=%forever\n"; print CONF "\n";