]>
Commit | Line | Data |
---|---|---|
997358a6 MW |
1 | <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> |
2 | <HTML> | |
3 | <HEAD> | |
4 | <TITLE>Introduction to FreeS/WAN</TITLE> | |
5 | <META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> | |
6 | <STYLE TYPE="text/css"><!-- | |
7 | BODY { font-family: serif } | |
8 | H1 { font-family: sans-serif } | |
9 | H2 { font-family: sans-serif } | |
10 | H3 { font-family: sans-serif } | |
11 | H4 { font-family: sans-serif } | |
12 | H5 { font-family: sans-serif } | |
13 | H6 { font-family: sans-serif } | |
14 | SUB { font-size: smaller } | |
15 | SUP { font-size: smaller } | |
16 | PRE { font-family: monospace } | |
17 | --></STYLE> | |
18 | </HEAD> | |
19 | <BODY> | |
20 | <A HREF="toc.html">Contents</A> | |
21 | <A HREF="faq.html">Previous</A> | |
22 | <A HREF="firewall.html">Next</A> | |
23 | <HR> | |
24 | <H1><A name="manpages">FreeS/WAN manual pages</A></H1> | |
25 | <P>The various components of Linux FreeS/WAN are of course documented in | |
26 | standard Unix manual pages, accessible via the man(1) command.</P> | |
27 | <P>Links here take you to an HTML version of the man pages.</P> | |
28 | <H2><A name="man.file">Files</A></H2> | |
29 | <DL> | |
30 | <DT><A href="manpage.d/ipsec.conf.5.html">ipsec.conf(5)</A></DT> | |
31 | <DD>IPsec configuration and connections</DD> | |
32 | <DT><A href="manpage.d/ipsec.secrets.5.html">ipsec.secrets(5)</A></DT> | |
33 | <DD>secrets for IKE authentication, either pre-shared keys or RSA | |
34 | private keys</DD> | |
35 | </DL> | |
36 | <P>These files are also discussed in the<A href="config.html"> | |
37 | configuration</A> section.</P> | |
38 | <H2><A name="man.command">Commands</A></H2> | |
39 | <P>Many users will never give most of the FreeS/WAN commands directly. | |
40 | Configure the files listed above correctly and everything should be | |
41 | automatic.</P> | |
42 | <P>The exceptions are commands for mainpulating the<A href="glossary.html#RSA"> | |
43 | RSA</A> keys used in Pluto authentication:</P> | |
44 | <DL> | |
45 | <DT><A href="manpage.d/ipsec_rsasigkey.8.html">ipsec_rsasigkey(8)</A></DT> | |
46 | <DD>generate keys</DD> | |
47 | <DT><A href="manpage.d/ipsec_newhostkey.8.html">ipsec_newhostkey(8)</A></DT> | |
48 | <DD>generate keys in a convenient format</DD> | |
49 | <DT><A href="manpage.d/ipsec_showhostkey.8.html">ipsec_showhostkey(8)</A> | |
50 | </DT> | |
51 | <DD>extract<A href="glossary.html#RSA"> RSA</A> keys from<A href="manpage.d/ipsec.secrets.5.html"> | |
52 | ipsec.secrets(5)</A> (or optionally, another file) and format them for | |
53 | insertion in<A href="manpage.d/ipsec.conf.5.html"> ipsec.conf(5)</A> or | |
54 | in DNS records</DD> | |
55 | </DL> | |
56 | <P>Note that:</P> | |
57 | <UL> | |
58 | <LI>These keys are for<STRONG> authentication only</STRONG>. They are<STRONG> | |
59 | not secure for encryption</STRONG>.</LI> | |
60 | <LI>The utility uses random(4) as a source of<A href="glossary.html#random"> | |
61 | random numbers</A>. This may block for some time if there is not enough | |
62 | activity on the machine to provide the required entropy. You may want | |
63 | to give it some bogus activity such as random mouse movements or some | |
64 | command such as<NOBR> <TT>du /usr > /dev/null &</TT>.</LI> | |
65 | </UL> | |
66 | <P>The following commands are fairly likely to be used, if only for | |
67 | testing and status checks:</P> | |
68 | <DL> | |
69 | <DT><A href="manpage.d/ipsec.8.html">ipsec(8)</A></DT> | |
70 | <DD>invoke IPsec utilities</DD> | |
71 | <DT><A href="manpage.d/ipsec_setup.8.html">ipsec_setup(8)</A></DT> | |
72 | <DD>control IPsec subsystem</DD> | |
73 | <DT><A href="manpage.d/ipsec_auto.8.html">ipsec_auto(8)</A></DT> | |
74 | <DD>control automatically-keyed IPsec connections</DD> | |
75 | <DT><A href="manpage.d/ipsec_manual.8.html">ipsec_manual(8)</A></DT> | |
76 | <DD>take manually-keyed IPsec connections up and down</DD> | |
77 | <DT><A href="manpage.d/ipsec_ranbits.8.html">ipsec_ranbits(8)</A></DT> | |
78 | <DD>generate random bits in ASCII form</DD> | |
79 | <DT><A href="manpage.d/ipsec_look.8.html">ipsec_look(8)</A></DT> | |
80 | <DD>show minimal debugging information</DD> | |
81 | <DT><A href="manpage.d/ipsec_barf.8.html">ipsec_barf(8)</A></DT> | |
82 | <DD>spew out collected IPsec debugging information</DD> | |
83 | </DL> | |
84 | <P>The lower-level utilities listed below are normally invoked via | |
85 | scripts listed above, but they can also be used directly when required.</P> | |
86 | <DL> | |
87 | <DT><A href="manpage.d/ipsec_eroute.8.html">ipsec_eroute(8)</A></DT> | |
88 | <DD>manipulate IPsec extended routing tables</DD> | |
89 | <DT><A href="manpage.d/ipsec_klipsdebug.8.html">ipsec_klipsdebug(8)</A></DT> | |
90 | <DD>set Klips (kernel IPsec support) debug features and level</DD> | |
91 | <DT><A href="manpage.d/ipsec_pluto.8.html">ipsec_pluto(8)</A></DT> | |
92 | <DD>IPsec IKE keying daemon</DD> | |
93 | <DT><A href="manpage.d/ipsec_spi.8.html">ipsec_spi(8)</A></DT> | |
94 | <DD>manage IPsec Security Associations</DD> | |
95 | <DT><A href="manpage.d/ipsec_spigrp.8.html">ipsec_spigrp(8)</A></DT> | |
96 | <DD>group/ungroup IPsec Security Associations</DD> | |
97 | <DT><A href="manpage.d/ipsec_tncfg.8.html">ipsec_tncfg(8)</A></DT> | |
98 | <DD>associate IPsec virtual interface with real interface</DD> | |
99 | <DT><A href="manpage.d/ipsec_whack.8.html">ipsec_whack(8)</A></DT> | |
100 | <DD>control interface for IPsec keying daemon</DD> | |
101 | </DL> | |
102 | <H2><A name="man.lib">Library routines</A></H2> | |
103 | <DL> | |
104 | <DT><A href="manpage.d/ipsec_atoaddr.3.html">ipsec_atoaddr(3)</A></DT> | |
105 | <DT><A href="manpage.d/ipsec_addrtoa.3.html">ipsec_addrtoa(3)</A></DT> | |
106 | <DD>convert Internet addresses to and from ASCII</DD> | |
107 | <DT><A href="manpage.d/ipsec_atosubnet.3.html">ipsec_atosubnet(3)</A></DT> | |
108 | <DT><A href="manpage.d/ipsec_subnettoa.3.html">ipsec_subnettoa(3)</A></DT> | |
109 | <DD>convert subnet/mask ASCII form to and from addresses</DD> | |
110 | <DT><A href="manpage.d/ipsec_atoasr.3.html">ipsec_atoasr(3)</A></DT> | |
111 | <DD>convert ASCII to Internet address, subnet, or range</DD> | |
112 | <DT><A href="manpage.d/ipsec_rangetoa.3.html">ipsec_rangetoa(3)</A></DT> | |
113 | <DD>convert Internet address range to ASCII</DD> | |
114 | <DT>ipsec_atodata(3)</DT> | |
115 | <DT><A href="manpage.d/ipsec_datatoa.3.html">ipsec_datatoa(3)</A></DT> | |
116 | <DD>convert binary data from and to ASCII formats</DD> | |
117 | <DT><A href="manpage.d/ipsec_atosa.3.html">ipsec_atosa(3)</A></DT> | |
118 | <DT><A href="manpage.d/ipsec_satoa.3.html">ipsec_satoa(3)</A></DT> | |
119 | <DD>convert IPsec Security Association IDs to and from ASCII</DD> | |
120 | <DT><A href="manpage.d/ipsec_atoul.3.html">ipsec_atoul(3)</A></DT> | |
121 | <DT><A href="manpage.d/ipsec_ultoa.3.html">ipsec_ultoa(3)</A></DT> | |
122 | <DD>convert unsigned-long numbers to and from ASCII</DD> | |
123 | <DT><A href="manpage.d/ipsec_goodmask.3.html">ipsec_goodmask(3)</A></DT> | |
124 | <DD>is this Internet subnet mask a valid one?</DD> | |
125 | <DT><A href="manpage.d/ipsec_masktobits.3.html">ipsec_masktobits(3)</A></DT> | |
126 | <DD>convert Internet subnet mask to bit count</DD> | |
127 | <DT><A href="manpage.d/ipsec_bitstomask.3.html">ipsec_bitstomask(3)</A></DT> | |
128 | <DD>convert bit count to Internet subnet mask</DD> | |
129 | <DT><A href="manpage.d/ipsec_optionsfrom.3.html">ipsec_optionsfrom(3)</A> | |
130 | </DT> | |
131 | <DD>read additional ``command-line'' options from file</DD> | |
132 | <DT><A href="manpage.d/ipsec_subnetof.3.html">ipsec_subnetof(3)</A></DT> | |
133 | <DD>given Internet address and subnet mask, return subnet number</DD> | |
134 | <DT><A href="manpage.d/ipsec_hostof.3.html">ipsec_hostof(3)</A></DT> | |
135 | <DD>given Internet address and subnet mask, return host part</DD> | |
136 | <DT><A href="manpage.d/ipsec_broadcastof.3.html">ipsec_broadcastof(3)</A> | |
137 | </DT> | |
138 | <DD>given Internet address and subnet mask, return broadcast address</DD> | |
139 | </DL> | |
140 | <HR> | |
141 | <A HREF="toc.html">Contents</A> | |
142 | <A HREF="faq.html">Previous</A> | |
143 | <A HREF="firewall.html">Next</A> | |
144 | </BODY> | |
145 | </HTML> |