|IPSECCTL(8)||System Manager's Manual||IPSECCTL(8)|
ipsecctl — control
flows for IPsec
ipsecctl utility controls flows that
determine which packets are to be processed by IPsec. It allows ruleset
configuration, and retrieval of status information from the kernel's SPD
(Security Policy Database) and SAD (Security Association Database). It also
can control isakmpd(8) and
establish tunnels using automatic keying with
isakmpd(8). The ruleset
grammar is described in
The options are as follows:
-soption to collapse flow output.
-doption is set, specified flows will be deleted from the SPD. Otherwise,
ipsecctlwill add flows.
-Foption flushes the SPD and the SAD.
-ioption specifies an alternate FIFO instead of /var/run/isakmpd.fifo, used to talk to isakmpd(8).
PF_KEYmessages exchanged with the kernel.
-vwill produce even more verbose output.
ipsecctl program first appeared in
|November 20, 2017||OpenBSD-6.9|