LOOK(8) Executable programs LOOK(8)NAME
ipsec_look - get a quick summary of Libreswan status
SYNOPSIS
ipsec look
DESCRIPTION
Look is used to get a quick overview of what the status of Libreswan is. It is the equivalent to running the commands ipsec eroute, ipsec
spigrp, ipsec tncfg, ipsec spi and netstat -rn. However a bit of processing is done to combine the outputs.
Some of the above commands, and there for ipsec look, are only supported with the KLIPS or MAST stack, and will give errors when used on
BSD, Windows or Linux with NETKEY.
SEE ALSO ipsec(8), ipsec_tncfg(8), ipsec_spi(8), ipsec_spigrp(8), ipsec_eroute(5), netstat(8).
HISTORY
Man page written for the Linux FreeS/WAN project <http://www.freeswan.org/> by Michael Richardson. Original program written by Henry
Spencer.
AUTHOR
Paul Wouters
placeholder to suppress warning
libreswan 12/16/2012 LOOK(8)
Check Out this Related Man Page
IPSEC_TNCFG(8) [FIXME: manual] IPSEC_TNCFG(8)NAME
ipsec_tncfg - manipulate KLIPS virtual interfaces
SYNOPSIS
ipsec tncfg
ipsec tncfg --create virtual
ipsec tncfg --delete virtual
ipsec tncfg --attach --virtual virtual --physical physical
ipsec tncfg --detach --virtual virtual
ipsec tncfg --clear
ipsec tncfg --version
ipsec tncfg --help
OBSOLETE
Note that tncfg is only supported on the classic KLIPS stack. It is not supported on any other stack and will be completely removed in
future versions. A replacement command still needs to be designed
DESCRIPTION
The historical use of tncfg is to attach/detach IPsec virtual interfaces (e.g. ipsec0) to/from physical interfaces (e.g. eth0) through
which packets will be forwarded once processed by KLIPS.
The modern use of tncfg is to create and delete virtual interfaces known as mastXXX. mast stands for Mooring and XXX.
The form with no additional arguments lists the contents of /proc/net/ipsec_tncfg. The format of /proc/net/ipsec_tncfg is discussed in
ipsec_tncfg(5).
The --attach form attaches the virtual interface to the physical one.
The --detach form detaches the virtual interface from whichever physical interface it is attached to.
The --clear form clears all the virtual interfaces from whichever physical interfaces they were attached to.
Virtual interfaces typically have names like ipsec0 or mast0 while physical interfaces typically have names like eth0 or ppp0.
EXAMPLES
ipsec tncfg --create mast12
creates the mast12 device.
ipsec tncfg --create ipsec4
creates an ipsec4 device, but does not attach it.
ipsec tncfg --attach --virtual ipsec0 --physical eth0
attaches the ipsec0 virtual device to the eth0 physical device.
FILES
/proc/net/ipsec_tncfg, /usr/local/bin/ipsec
SEE ALSO ipsec(8), ipsec_manual(8), ipsec_eroute(8), ipsec_spi(8), ipsec_spigrp(8), ipsec_klipsdebug(8), ipsec_tncfg(5)HISTORY
Written for the Linux FreeS/WAN project <http://www.freeswan.org/> by Richard Guy Briggs.
[FIXME: source] 10/06/2010 IPSEC_TNCFG(8)
Ok, I've read the manpages on netstat and it gives a good description of the state values such as CLOSE_WAIT, ESTABLISHED, SYN_RECEIVED, etc..
Can someone give me real world situations where you would get these states. LIke for example if I got SYN_RECEIVED what possible situations would be the... (1 Reply)
Hi guys!! I was wondering if you can help me with a couple quick questions in order for me to understand it better... Any help would be appreciated and i would like to say thanks!! In advanced... Ok here goes... (I think these are pretty basic, but i just want to clarify)
1. What would be the... (2 Replies)
I'm not sure that this has been asked (I did a quick search) but what is the more popular OS? Not your favorite but more on a business level. The versions would be Solaris, HP/UX, AIX, Linux (what ever version).
I would make a poll, but not sure how to.
Thanks. (3 Replies)
A developer of mine has this requirement - I couldn't tell her quickly how to do it with UNIX commands or a quick script so she's writing a quick program to do it - but that got my curiousity up and thought I'd ask here for advice.
In a text file, there are some records (about half of them)... (4 Replies)
I have search the forum for an easier way to write this code. I have two separate 'if' to do this and it works but am wondering if someone knows a quick way to combine them. I want anything between 1 and 100 but not '01' or '005', '0010', etc.
if ) ]] ||
]; then
echo "Try... (3 Replies)
Hi,
I have a server which receive lots of events to it and when I do netstat -Ie1000g0, I'm seeing the errors as below.
Name Mtu Net/Dest Address Ipkts Ierrs Opkts Oerrs Collis Queue
e1000g0 1500 abc-1.com abc-1.com 3093708246 12757 92069412 0
0 0
If anyone could direct me to right... (3 Replies)
I used to use a linux system that would allow me to bring up previously-used commands by typing the first (or more) letters of a previous command and then hitting the tab key. It was incredibly useful. Now I've switched to using a mac and it doesn't work. Is there an analog to this for macs? ... (3 Replies)
Hi, this is my first post...:p
Hello Admin :)
Can I have an ask for something with my configuration ?
I have finished some kind of the tutorial to build ipsec site to site, and the "step" has finished completely.
I have a simulation with a local design topology with two PC's (FreeBSD ... (0 Replies)
Hello All,
I am using netstat on HP-UX to retrieve the established network connections on my host. Can anyone please confirm how can I retrieve the PID and program name as well for these connections? These are available from the netstat version on Windows but I don't see PID and program name to... (10 Replies)
I want a lan encrypted with ipsec.
This is my /etc/inet/ike/config
p1_xform
{ auth_method preshared oakley_group 5 auth_alg sha256 encr_alg aes }
p2_pfs 2
this is my /etc/inet/secret/ike.preshared
# ike.preshared on hostA, 192.168.0.21
#...
{ localidtype IP
localid... (1 Reply)