IPSECCTL(8) | System Manager's Manual | IPSECCTL(8) |
ipsecctl
— control
flows for IPsec
ipsecctl |
[-cdFkmnv ] [-D
macro=value]
[-f file]
[-i fifo]
[-s modifier] |
The ipsecctl
utility controls flows that
determine which packets are to be processed by IPsec. It allows ruleset
configuration, and retrieval of status information from the kernel's SPD
(Security Policy Database) and SAD (Security Association Database). It also
can control isakmpd(8) and
establish tunnels using automatic keying with
isakmpd(8). The ruleset
grammar is described in
ipsec.conf(5).
The options are as follows:
-c
-s
option to collapse
flow output.-D
macro=value-d
-d
option is set, specified flows will be
deleted from the SPD. Otherwise, ipsecctl
will add
flows.-F
-F
option flushes the SPD and the SAD.-f
file-i
fifo-i
option specifies an alternate
FIFO instead of /var/run/isakmpd.fifo, used to
talk to isakmpd(8).-k
-m
PF_KEY
messages exchanged
with the kernel.-n
-s
modifier-v
-v
will produce even more verbose output.The ipsecctl
program first appeared in
OpenBSD 3.8.
November 20, 2017 | OpenBSD-6.9 |