This is actually Henry's to-do file, which covers more than just the utilities, but had to go somewhere... (H = high, M = medium, L = low, list otherwise unordered) H untangle the unnecessary generality in plutorun H should left=%defaultroute be available without interfaces=%defaultroute? H change config default to m H showhostkey should run hostname only if it must H overridemtu=%calculate ? H do something to warn of changes to ipsec.conf boilerplate? H how to handle /usr/src/linux-2.4 H precise reporting of unknown chars in base64 (etc.) keys H use metric trickery to do atomic route updates? H do something about the IPSEC EVENT message H chkconfig, maybe even startup, in RPM install H install the docs in /usr/local/doc, beware referenced files H malformed public keys are reported very mysteriously H manual and auto should verify ipsec running before proceeding H --reversemap option for showhostkey (look up name?) H proxy ARP support?? H base64 decoder should (at least optionally) skip white space H prepluto should be synchronous H double startup message H better support for interface-flap restart H test & set up module-only installs H severity tagging for messages H ipchains setup H FreeS/WAN version number into manpages, C programs H non-interactive version of ogo H shell minimization in new setup stuff H patcher vs. config files H sort out rp_filter business H updown manpage, incl. suggesting location for custom one H ipsec_setup determine and note appropriate log files H showhostkey --list H option to copy files into kernel instead of symlinking? aids packaging H updown hooks for shunts H ranbits, rsasigkey check availability of bits before asking for them H library function for mapping syslog name to number H "/usr/local" should be a macro defined in top-level Makefile only H terminology standard for docs H ttoaddr, ttosubnet variants which refer DNS back to caller H some way to check success of xconfig etc.? H setup should call "updown init" H sysctl.conf need any attention? H sweep logs and startup messages for unnecessary/incorrect/debugging crud H another look at the DESTDIR stuff, use makefile include H experiment with tncfg -- no need to tear all down when interfaces change? H auto vs. whack error messages, non-error output too H showroute command to postprocess auto --status? H rsasigkey (optionally?) generate SPKI format, RFC 2459, also RFC 2440? H revise look output format for compactness H gnats -- include send-freeswan-pr in dist, SH docs H SuSE etc. H plutoadd is N^2, too slow for large numbers of connections H make check H general manpages (ipsec? klips?) and refs to same (incl bugs) H investigate cross-compiles H general name/address mapping for manual (shell utilities for atosubnet etc.) H rethink syslog locations, esp. info and debug H snapshot notices to whole team H way to bring one interface up or down? M snapshot naming to match candidate naming M network restart should cause ipsec restart M cert build and extract utilities M save and replace existing routes? M auto-unroute option? M tar files should have files owned by bin/bin (1/1), not freeswan/freeswan M startup very slow when DNS is unavailable M basic regression testing (hooks needed in Klips and Pluto?) M ifconfig, etc. mods to use our syntaxes M way to force renegotiation of all connections L audit Klips code for magic numbers, inline, etc. L more thorough regression testing, full functionality, corner cases L examples in manpages L do daemons need to auto-restart on death? 2.x drop spibase from conf file and manual 2.x get rid of the obsolete-syntax provisions in manual and auto 2.x revise defaults This file is RCSID $Id: TODO,v 1.120 2002/03/20 17:36:41 henry Exp $