From c60f1da424b025fbc1b221c2b533e82a3bf623c7 Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@revosec.ch>
Date: Tue, 31 Jul 2012 11:20:22 +0200
Subject: [PATCH] Add a description of the leftdns option to ipsec.conf.5

---
 man/ipsec.conf.5.in | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/man/ipsec.conf.5.in b/man/ipsec.conf.5.in
index ca77ee7ded..b3210baa47 100644
--- a/man/ipsec.conf.5.in
+++ b/man/ipsec.conf.5.in
@@ -585,6 +585,16 @@ Comma separated list of certificate policy OIDs the peer's certificate must
 have.
 OIDs are specified using the numerical dotted representation.
 .TP
+.BR leftdns " = <servers>"
+Comma separated list of DNS server addresses to exchange as configuration
+attributes. On the initiator, a server is a fixed IPv4 / IPv6 address, or
+.B %config4
+/
+.B %config6
+to request attributes without an address. On the responder,
+only fixed IPv4 /IPv6 addresses are allowed and define DNS servers assigned
+to the client.
+.TP
 .BR leftfirewall " = yes | " no
 whether the left participant is doing forwarding-firewalling
 (including masquerading) using iptables for traffic from \fIleftsubnet\fR,
-- 
2.47.2