Changeset View
Changeset View
Standalone View
Standalone View
head/sbin/setkey/setkey.8
Show All 23 Lines | |||||
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||||
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||||
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||||
.\" SUCH DAMAGE. | .\" SUCH DAMAGE. | ||||
.\" | .\" | ||||
.\" $FreeBSD$ | .\" $FreeBSD$ | ||||
.\" | .\" | ||||
.Dd February 27, 2017 | .Dd March 7, 2017 | ||||
.Dt SETKEY 8 | .Dt SETKEY 8 | ||||
.Os | .Os | ||||
.\" | .\" | ||||
.Sh NAME | .Sh NAME | ||||
.Nm setkey | .Nm setkey | ||||
.Nd "manually manipulate the IPsec SA/SP database" | .Nd "manually manipulate the IPsec SA/SP database" | ||||
.\" | .\" | ||||
.Sh SYNOPSIS | .Sh SYNOPSIS | ||||
.Nm | .Nm | ||||
.Op Fl v | .Op Fl v | ||||
.Fl c | .Fl c | ||||
.Nm | .Nm | ||||
.Op Fl v | .Op Fl v | ||||
.Fl f Ar filename | .Fl f Ar filename | ||||
.Nm | .Nm | ||||
.Op Fl aPlv | .Op Fl Pgltv | ||||
.Fl D | .Fl D | ||||
.Nm | .Nm | ||||
.Op Fl Pv | .Op Fl Pv | ||||
.Fl F | .Fl F | ||||
.Nm | .Nm | ||||
.Op Fl h | .Op Fl h | ||||
.Fl x | .Fl x | ||||
.\" | .\" | ||||
Show All 19 Lines | |||||
If with | If with | ||||
.Fl P , | .Fl P , | ||||
the SPD entries are dumped. | the SPD entries are dumped. | ||||
.It Fl F | .It Fl F | ||||
Flush the SAD entries. | Flush the SAD entries. | ||||
If with | If with | ||||
.Fl P , | .Fl P , | ||||
the SPD entries are flushed. | the SPD entries are flushed. | ||||
.It Fl a | .It Fl g | ||||
The | Only SPD entries with global scope are dumped with | ||||
.Nm | .Fl D | ||||
utility | and | ||||
usually does not display dead SAD entries with | .Fl P | ||||
.Fl D . | flags. | ||||
If with | .It Fl t | ||||
.Fl a , | Only SPD entries with ifnet scope are dumped with | ||||
the dead SAD entries will be displayed as well. | .Fl D | ||||
A dead SAD entry means that | and | ||||
it has been expired but remains in the system | .Fl P | ||||
because it is referenced by some SPD entries. | flags. | ||||
Such SPD entries are linked to the corresponding | |||||
.Xr if_ipsec 4 | |||||
virtual tunneling interface. | |||||
.It Fl h | .It Fl h | ||||
Add hexadecimal dump on | Add hexadecimal dump on | ||||
.Fl x | .Fl x | ||||
mode. | mode. | ||||
.It Fl l | .It Fl l | ||||
Loop forever with short output on | Loop forever with short output on | ||||
.Fl D . | .Fl D . | ||||
.It Fl v | .It Fl v | ||||
▲ Show 20 Lines • Show All 588 Lines • ▼ Show 20 Lines | |||||
.Ed | .Ed | ||||
Use TCP MD5 between two numerically specified hosts: | Use TCP MD5 between two numerically specified hosts: | ||||
.Bd -literal -offset indent | .Bd -literal -offset indent | ||||
add 10.1.10.34 10.1.10.36 tcp 0x1000 -A tcp-md5 "TCP-MD5 BGP secret" ; | add 10.1.10.34 10.1.10.36 tcp 0x1000 -A tcp-md5 "TCP-MD5 BGP secret" ; | ||||
.Ed | .Ed | ||||
.\" | .\" | ||||
.Sh SEE ALSO | .Sh SEE ALSO | ||||
.Xr ipsec_set_policy 3 , | .Xr ipsec_set_policy 3 , | ||||
.Xr if_ipsec 4 , | |||||
.Xr racoon 8 , | .Xr racoon 8 , | ||||
.Xr sysctl 8 | .Xr sysctl 8 | ||||
.Rs | .Rs | ||||
.%T "Changed manual key configuration for IPsec" | .%T "Changed manual key configuration for IPsec" | ||||
.%U http://www.kame.net/newsletter/19991007/ | .%U http://www.kame.net/newsletter/19991007/ | ||||
.%D "October 1999" | .%D "October 1999" | ||||
.Re | .Re | ||||
.\" | .\" | ||||
Show All 21 Lines |