From aea35c5aca126e10d6aeb803b5c929b136ca9f97 Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu, 25 Jul 2013 16:46:54 +0200
Subject: [PATCH] vpnmain.cgi: Use MODP groups with smaller key lengths by
 default.

https://bugzilla.ipfire.org/show_bug.cgi?id=10396
---
 html/cgi-bin/vpnmain.cgi | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi
index 2e3ef9a570..58645c39c2 100644
--- a/html/cgi-bin/vpnmain.cgi
+++ b/html/cgi-bin/vpnmain.cgi
@@ -1840,7 +1840,7 @@ END
 	#use default advanced value
 	$cgiparams{'IKE_ENCRYPTION'} = 'aes256|aes192|aes128|3des';	#[18];
 	$cgiparams{'IKE_INTEGRITY'}  = 'sha2_256|sha|md5';	#[19];
-	$cgiparams{'IKE_GROUPTYPE'}  = '8192|6144|4096|3072|2048|1536|1024';		#[20];
+	$cgiparams{'IKE_GROUPTYPE'}  = '4096|3072|2048|1536|1024';		#[20];
 	$cgiparams{'IKE_LIFETIME'}   = '3';		#[16];
 	$cgiparams{'ESP_ENCRYPTION'} = 'aes256|aes192|aes128|3des';	#[21];
 	$cgiparams{'ESP_INTEGRITY'}  = 'sha2_256|sha1|md5';	#[22];
-- 
2.39.2