racoon2-spmdctl (8) - Linux Manuals

racoon2-spmdctl: Control spmd

Command to display racoon2-spmdctl manual in Linux: $ man 8 racoon2-spmdctl

NAME

spmdctl - Control spmd

SYNOPSIS

spmdctl [option] COMMAND

DESCRIPTION

spmdctl connects to the spmd interface which is specified in racoon2 configuration file, and requests operation to spmd.
Available operations are:

: set, get, and delete DNS server address(es) for spmd DNS proxy function.
: add IPsec Policy.
: get spmd statistics.
The following options are available:
-d: Display all messages which exchanged with spmd.
-f FILE: Specify racoon2 configuration file name FILE.
The following COMMANDs are available:
ns add ADDRESS
: Add DNS server address ADDRESS to spmd DNS server list.
ns delete ADDRESS
: Delete DNS server address ADDRESS from spmd DNS server list.
ns list
: Show DNS server address(es) in spmd DNS Server list. Top line is currently used.
policy add SELECTOR_INDEX LIFETIME {transport|tunnel| SP_SRC_IPADDR SP_DST_IPADDR [SA_SRC_IP_ADDR SA_DST_IPADDR]
: Request spmd to add IPsec Security Policy to in-kernel IPsec Security Policy DataBase(SPD).
: SELECTOR_INDEX is a selector index string which described in racoon2 configuration file.
: LIFETIME is the lifetime duration(sec) for this IPsec Security Policy.
: transport|tunnel transport means this IPsec Security Policy is transport mode. tunnel means tunnel mode.
: SP_SRC_IPADDR is the source IP address for this IPsec Security Policy.
: SP_DST_IPADDR is the destination IP address for this IPsec Security Policy.
: SA_SRC_IPADDR is the IPsec SA source IP address associated with this IPsec Security Policy. This is only required in tunnel mode.
: SA_DST_IPADDR is the IPsec SA destination IP address associated with this IPsec Security Policy. This is only required in tunnel mode.
policy delete SELECTOR_INDEX
: Request spmd to delete IPsec Security Policy to in-kernel IPsec Security DataBase(SPD).
: SELECTOR_INDEX is a selector index string which described in racoon2 configuration file.
policy show
: Dump IPsec Security Policies. If 'selector=' field is empty in a displayed IPsec Security Policy entry, this Policy is out of racoon2 management.
interactive: Connect to spmd and just login. You can talk to spmd directly. This command is available when you compiled spmdctl with DEBUG_SPMD.
status: Show spmd statistics.

FILES

racoon2.conf

AUTHORS

WIDE Project, racoon2 project <http://www.racoon2.wide.ad.jp/>

BUGS

policy add command currently doesn't support tunnel mode.