The OpenNET Project / Index page

[ новости /+++ | форум | теги | ]

Интерактивная система просмотра системных руководств (man-ов)

 ТемаНаборКатегория 
 
 [Cписок руководств | Печать]

ipsec_setup (8)
  • >> ipsec_setup (8) ( Разные man: Команды системного администрирования )
  •  

    NAME

    ipsec setup - control IPsec subsystem
     
    

    SYNOPSIS

    ipsec setup command  

    DESCRIPTION

    Setup controls the FreeS/WAN IPsec subsystem, including both the Klips kernel code and the Pluto key-negotiation daemon. (It is a synonym for the ``rc'' script for the subsystem; the system runs the equivalent of ipsec setup start at boot time, and ipsec setup stop at shutdown time, more or less.)

    The action taken depends on the specific command, and on the contents of the config setup section of the IPsec configuration file (/etc/openswan/ipsec.conf, see ipsec.conf(5)). Current commands are:

    start
    start Klips and Pluto, including setting up Klips to do crypto operations on the interface(s) specified in the configuration file, and (if the configuration file so specifies) setting up manually-keyed connections and/or asking Pluto to negotiate automatically-keyed connections to other security gateways
    stop
    shut down Klips and Pluto, including tearing down all existing crypto connections
    restart
    equivalent to stop followed by start
    status
    report the status of the subsystem; normally just reports IPsec running and pluto pid nnn, or IPsec stopped, and exits with status 0, but will go into more detail (and exit with status 1) if something strange is found. (An ``illicit'' Pluto is one that does not match the process ID in Pluto's lock file; an ``orphaned'' Pluto is one with no lock file.)

    The stop operation tries to clean up properly even if assorted accidents have occurred, e.g. Pluto having died without removing its lock file. If stop discovers that the subsystem is (supposedly) not running, it will complain, but will do its cleanup anyway before exiting with status 1.

    Although a number of configuration-file parameters influence setup's operations, the key one is the interfaces parameter, which must be right or chaos will ensue.  

    FILES

    /etc/rc.d/init.d/ipsec         the script itself

    /etc/init.d/ipsec             alternate location for the script

    /etc/openswan/ipsec.conf      IPsec configuration file

    /proc/sys/net/ipv4/ip_forward forwarding control

    /var/run/ipsec.info           saved information

    /var/run/pluto.pid            Pluto lock file

    /var/run/ipsec_setup.pid      IPsec lock file
     

    SEE ALSO

    ipsec.conf(5), ipsec(8), ipsec_manual(8), ipsec_auto(8), route(8)  

    DIAGNOSTICS

    All output from the commands start and stop goes both to standard output and to syslogd(8), via logger(1). Selected additional information is logged only to syslogd(8).  

    HISTORY

    Written for the FreeS/WAN project <http://www.freeswan.org> by Henry Spencer.  

    BUGS

    Old versions of logger(1) inject spurious extra newlines onto standard output.


     

    Index

    NAME
    SYNOPSIS
    DESCRIPTION
    FILES
    SEE ALSO
    DIAGNOSTICS
    HISTORY
    BUGS


    Поиск по тексту MAN-ов: 




    Партнёры:
    PostgresPro
    Inferno Solutions
    Hosting by Hoster.ru
    Хостинг:

    Закладки на сайте
    Проследить за страницей
    Created 1996-2024 by Maxim Chirkov
    Добавить, Поддержать, Вебмастеру