/etc/strongswan.d/charon/stroke.conf is in strongswan-starter 5.6.2-1ubuntu2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 | stroke {
# Analyze addresses/hostnames in left|right to detect which side is local
# and swap configuration options if necessary. If disabled left is always
# local.
# allow_swap = yes
# Treat certificates in ipsec.d/cacerts and ipsec.conf ca sections as CA
# certificates even if they don't contain a CA basic constraint.
# ignore_missing_ca_basic_constraint = no
# Whether to load the plugin. Can also be an integer to increase the
# priority of this plugin.
load = yes
# Maximum number of stroke messages handled concurrently.
# max_concurrent = 4
# If enabled log level changes via stroke socket are not allowed.
# prevent_loglevel_changes = no
# Location of the ipsec.secrets file
# secrets_file = ${sysconfdir}/ipsec.secrets
# Socket provided by the stroke plugin.
# socket = unix://${piddir}/charon.ctl
# Timeout in ms for any stroke command. Use 0 to disable the timeout.
# timeout = 0
}
|