| Port details |
- strongswan Open Source IKEv2 IPsec-based VPN solution
- 6.0.3_1 security
 =12       6.0.3Version of this port present on the latest quarterly branch. - Maintainer: strongswan@nanoteq.com
- Port Added: 2010-08-26 13:40:32
- Last Update: 2025-11-15 11:52:43
- Commit Hash: 5b3e57e
- People watching this port, also watch:: openvpn, postfix, dovecot, openssl, kea
- Also Listed In: net-vpn
- License: GPLv2
- WWW:
- https://www.strongswan.org
- Description:
- Strongswan is an open source IPsec-based VPN solution.
Strongswan for FreeBSD implements both the IKEv1 and IKEv2 (RFC 5996) key
exchange protocols.
  ¦  ¦  ¦  ¦ 
- Manual pages:
-
- pkg-plist: as obtained via:
make generate-plist - USE_RC_SUBR (Service Scripts)
-
- Dependency lines:
-
- strongswan>0:security/strongswan
- To install the port:
- cd /usr/ports/security/strongswan/ && make install clean
- To add the package, run one of these commands:
- pkg install security/strongswan
- pkg install strongswan
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.- PKGNAME: strongswan
- Flavors: there is no flavor information for this port.
- distinfo:
- TIMESTAMP = 1761585449
SHA256 (strongswan-6.0.3.tar.bz2) = 288f2111f5c9f6ec85fc08fa835bf39232f5c4044969bb4de7b4335163b1efa9
SIZE (strongswan-6.0.3.tar.bz2) = 4877482
Packages (timestamps in pop-ups are UTC):
- Dependencies
- NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
- Build dependencies:
-
- pkgconf>=1.3.0_1 : devel/pkgconf
- Library dependencies:
-
- libcurl.so : ftp/curl
- There are no ports dependent upon this port
Configuration Options:- ===> The following configuration options are available for strongswan-6.0.3_1:
CTR=off: Enable CTR cipher mode wrapper plugin
CURL=on: Enable CURL to fetch CRL/OCSP
DHCP=off: Enable DHCP based attribute provider plugin
EAPAKA3GPP2=off: Enable EAP AKA with 3gpp2 backend
EAPDYNAMIC=off: Enable EAP dynamic proxy module
EAPRADIUS=off: Enable EAP Radius proxy authentication
EAPSIMFILE=off: Enable EAP SIM with file backend
FARP=off: Enable farp plugin
GCM=on: Enable GCM AEAD wrapper crypto plugin
IKEV1=on: Enable IKEv1 support
IPSECKEY=off: Enable authentication with IPSECKEY resource records with DNSSEC
KDF=on: Enable KDF (prf+) implementation plugin
KERNELLIBIPSEC=off: Enable IPSec userland backend
LDAP=off: LDAP protocol support
LOADTESTER=off: Enable load testing plugin
MEDIATION=off: Enable IKEv2 Mediation Extension
ML=off: Enable Module-Lattice-based crypto plugin
MYSQL=off: MySQL database support
PKCS11=off: Enable PKCS11 token support
PKI=on: Enable PKI tools
PYTHON=off: Python VICI protocol plugin
SMP=off: Enable XML-based management protocol (DEPRECATED)
SQLITE=off: SQLite database support
STROKE=off: Enable stroke management protcol (DEPRECATED)
SWANCTL=on: Install swanctl (requires VICI)
TESTVECTOR=off: Enable crypto test vectors
TPM=off: Enable TPM plugin
TSS2=off: Enable TPM 2.0 TSS2 library
UNBOUND=off: Enable DNSSEC-enabled resolver
UNITY=off: Enable Cisco Unity extension plugin
VICI=on: Enable VICI management protocol
XAUTH=off: Enable XAuth password verification
====> Options available for the single PRINTF_HOOKS: you have to select exactly one of them
BUILTIN=on: Use builtin printf hooks
LIBC=off: Use libc printf hooks
VSTR=off: Use devel/vstr printf hooks
===> Use 'make config' to modify these settings
- Options name:
- security_strongswan
- USES:
- cpe libtool:keepla pkgconfig ssl tar:bzip2
- pkg-message:
- For install:
- The default strongSwan configuration interface have been updated to vici since version 5.9.2_1.
To use the stroke interface by default either compile the port without the vici option or
set 'strongswan_interface="stroke"' in your rc.conf file.
- If upgrading from > 5.9.2_1:
- The default strongSwan configuration interface have been updated to vici.
To use the stroke interface by default either compile the port without the vici option or
set 'strongswan_interface="stroke"' in your rc.conf file.
- Master Sites:
|
| Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
| Commit | Credits | Log message |
|---|
5.1.1
27 Jan 2014 13:35:41
   |
decke |
- Update to 5.1.1
- Added EAP dynamic proxy module
- Added EAP Radius proxy authentication
- Added DNSSEC/unbound support
- Added kernel libipsec plugin
- Changed configuration files to install to ${PREFIX}/etc/<filename>.conf.sample
- Convert to new options format
PR: ports/185535
Submitted by: Francois ten Krooden <strongswan@nanoteq.com> (maintainer)
Security: CVE-2013-5018
Security: CVE-2013-6075
Security: CVE-2013-6076 |
5.0.4_1
20 Sep 2013 22:55:26
|
bapt |
Add NO_STAGE all over the place in preparation for the staging support (cat:
security) |
5.0.4_1
11 Jul 2013 16:26:27
|
sunpoet |
- Update to 7.31.0
- Bump PORTREVISION for ftp/curl shlib change
- Add TEST_DEPENDS
- Convert to new options framework
- Adjust options:
- Add COOKIES
- Add CYASSL, NSS, POLARSSL, THREADED_RESOLVER, TLS_SRP [1]
- Add GSSAPI and SPNEGO [2]
- Remove KERBEROS4
- Rename LIBIDN to IDN
- Remove TRACKMEMORY [1]
- Sort option handler
- Add SLAVEDIRS: ftp/curl-hiphop
- Cosmetic change
- Cleanup Makefile header
- While I'm here, fix typo (PORTREVSION) in x11-wm/ede/Makefile
Changes: http://curl.haxx.se/changes.html
PR: ports/172325 (-exp run), ports/177369 (based on) [1]
Submitted by: Hirohisa Yamaguchi <umq@ueo.co.jp> [1], hrs (via email) [2]
Exp run by: miwi |
5.0.4
03 May 2013 18:16:36
|
ohauer |
- update to version 5.0.4 which fixes CVE-2013-2944.
- add entry to vuxml
- add CVE references to jankins vuxml entry
while I'm here remove .sh from rc script
PR: ports/178266
Submitted by: David Shane Holden <dpejesh@yahoo.com>
Approved by: strongswan@nanoteq.com (maintainer) |
5.0.1
07 Jan 2013 12:11:15
|
tota |
- Update to 5.0.1
- Change maintainer address
- Trim Makefile header
- Convert to new options framework
- Cleanup
PR: ports/173860 (based on)
Submitted by: Riaan Kruger (maintainer) |
4.5.3
14 Jan 2012 08:57:23
|
dougb |
In the rc.d scripts, change assignments to rcvar to use the
literal name_enable wherever possible, and ${name}_enable
when it's not, to prepare for the demise of set_rcvar().
In cases where I had to hand-edit unusual instances also
modify formatting slightly to be more uniform (and in
some cases, correct). This includes adding some $FreeBSD$
tags, and most importantly moving rcvar= to right after
name= so it's clear that one is derived from the other. |
4.5.3
22 Sep 2011 21:37:55
|
flo |
update to 4.5.3
PR: ports/160401
Submitted by: Riaan Kruger <riaank@gmail.com> maintainer |
4.5.1
29 Apr 2011 12:24:55
|
culot |
- Update to 4.5.1 [1]
- Pet portlint(1) (change spaces into tabs and reformat IGNORE message)
PR: ports/156711 [1]
Submitted by: Riaan Kruger <riaank@gmail.com> (maintainer) |
4.4.0
04 Dec 2010 07:34:27
|
ade |
Sync to new bsd.autotools.mk |
4.4.0
26 Aug 2010 13:40:11
|
pav |
Strongswan is an open source IPsec-based VPN solution.
Strongswan for FreeBSD supports IKEv2 but NOT IKEv1.
WWW: http://www.strongswan.org
PR: ports/147431
Submitted by: Riaan Kruger <riaank@gmail.com> |
As an Amazon Associate I earn from qualifying purchases.