ipsec_pf_key(8) [debian man page]
IPSEC_PF_KEY(8) [FIXME: manual] IPSEC_PF_KEY(8) NAME
ipsec_pf_key - shows pfkey messages emitted by the kernel when using the KLIPS or MAST stack. SYNOPSIS
pf_key --ah --esp --ipip --ipcomp --daemon filehmac-md5-96 | hmac-sha1-96 STACK
Note that pf_key is only supported on the KLIPS and MAST stacks. It is not supported on any other stack. DESCRIPTION
pf_key is a program to open a PF_KEY socket and print all messages that are received from it. With no options, it will register itself to receive key requests for AH, ESP, IPIP and IPCOMP security associations. If given more specific options, then it will listen only to those protocols which are listed. If the messages are recognized, the messages will be decoded. If the option --daemon is provided, then after doing the registrations, the program will fork into the background. The provided file will be opened and the process ID of the background process will be written to it. This option is present to present race conditions in regression testing. FILES
/proc/net/pf_key SEE ALSO
pf_key(5), ipsec(8), ipsec_manual(8), ipsec_eroute(5), ipsec_spi(5), ipsec_spigrp(5), ipsec_klipsdebug(5), ipsec_tncfg(8), ipsec_version(5) HISTORY
Written for the Linux FreeS/WAN project <http://www.freeswan.org/> by Michael Richardson <mcr@freeswan.org> [FIXME: source] 10/06/2010 IPSEC_PF_KEY(8)
Check Out this Related Man Page
IPSEC_PF_KEY(5) [FIXME: manual] IPSEC_PF_KEY(5) NAME
ipsec_pf_key - lists PF_KEY sockets registered with KLIPS SYNOPSIS
cat /proc/net/pf_key STACK
Note that pf_key is only supported on the KLIPS and MAST stacks. It is not supported on any other stack. DESCRIPTION
/proc/net/pf_key is a read-only file which lists the presently open PF_KEY sockets on the local system and their parameters. Each line lists one PF_KEY socket. A table entry consists of: + sock pointer (sock) + PID of the socket owner (pid) + flag to indicate if the socket is dead (d) + socket wait queue (sleep) + socket pointer (socket) + next socket in chain (next) + previous socket in chain (prev) + last socket error (e) + pointer to destruct routine (destruct) + is this a reused socket (r) + has this socket been zapped (z) + socket family to which this socket belongs (fa) + local port number (n) + protocol version number (p) + Receive queue bytes committed (r) + Transmit queue bytes committed (w) + option memory allocations (o) + size of send buffer in bytes (sndbf) + timestamp in seconds (stamp) + socket flags (Flags) + socket type (Type) + connection state (St) EXAMPLES
c3b8c140 3553 0 c0599818 c05997fc 0 0 0 0 1 0 15 0 2 0 0 0 65535 0.103232 00000000 00000003 01 shows that there is one pf_key socket set up that starts at c3b8c140, whose owning process has PID 3553, the socket is not dead, its wait queue is at c0599818, whose owning socket is at c05997fc, with no other sockets in the chain, no errors, no destructor, it is a reused socket which has not been zapped, from protocol family 15 (PF_KEY), local port number 0, protocol socket version 2, no memory allocated to transmit, receive or option queues, a send buffer of almost 64kB, a timestamp of 0.103232, no flags set, type 3, in state 1. FILES
/proc/net/pf_key SEE ALSO
ipsec(8), ipsec_manual(8), ipsec_eroute(5), ipsec_spi(5), ipsec_spigrp(5), ipsec_klipsdebug(5), ipsec_tncfg(8), ipsec_version(5) HISTORY
Written for the Linux FreeS/WAN project <http://www.freeswan.org/> by Richard Guy Briggs. [FIXME: source] 10/06/2010 IPSEC_PF_KEY(5)