]> git.ipfire.org Git - people/ms/strongswan.git/blob - doc/manpages.html
projects / people / ms / strongswan.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
- import of strongswan-2.7.0
[people/ms/strongswan.git] / doc / manpages.html
1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">
2 <HTML>
3 <HEAD>
4 <TITLE>Introduction to FreeS/WAN</TITLE>
5 <META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1">
6 <STYLE TYPE="text/css"><!--
7 BODY { font-family: serif }
8 H1 { font-family: sans-serif }
9 H2 { font-family: sans-serif }
10 H3 { font-family: sans-serif }
11 H4 { font-family: sans-serif }
12 H5 { font-family: sans-serif }
13 H6 { font-family: sans-serif }
14 SUB { font-size: smaller }
15 SUP { font-size: smaller }
16 PRE { font-family: monospace }
17 --></STYLE>
18 </HEAD>
19 <BODY>
20 <A HREF="toc.html">Contents</A>
21 <A HREF="faq.html">Previous</A>
22 <A HREF="firewall.html">Next</A>
23 <HR>
24 <H1><A name="manpages">FreeS/WAN manual pages</A></H1>
25 <P>The various components of Linux FreeS/WAN are of course documented in
26 standard Unix manual pages, accessible via the man(1) command.</P>
27 <P>Links here take you to an HTML version of the man pages.</P>
28 <H2><A name="man.file">Files</A></H2>
29 <DL>
30 <DT><A href="manpage.d/ipsec.conf.5.html">ipsec.conf(5)</A></DT>
31 <DD>IPsec configuration and connections</DD>
32 <DT><A href="manpage.d/ipsec.secrets.5.html">ipsec.secrets(5)</A></DT>
33 <DD>secrets for IKE authentication, either pre-shared keys or RSA
34 private keys</DD>
35 </DL>
36 <P>These files are also discussed in the<A href="config.html">
37 configuration</A> section.</P>
38 <H2><A name="man.command">Commands</A></H2>
39 <P>Many users will never give most of the FreeS/WAN commands directly.
40 Configure the files listed above correctly and everything should be
41 automatic.</P>
42 <P>The exceptions are commands for mainpulating the<A href="glossary.html#RSA">
43 RSA</A> keys used in Pluto authentication:</P>
44 <DL>
45 <DT><A href="manpage.d/ipsec_rsasigkey.8.html">ipsec_rsasigkey(8)</A></DT>
46 <DD>generate keys</DD>
47 <DT><A href="manpage.d/ipsec_newhostkey.8.html">ipsec_newhostkey(8)</A></DT>
48 <DD>generate keys in a convenient format</DD>
49 <DT><A href="manpage.d/ipsec_showhostkey.8.html">ipsec_showhostkey(8)</A>
50 </DT>
51 <DD>extract<A href="glossary.html#RSA"> RSA</A> keys from<A href="manpage.d/ipsec.secrets.5.html">
52 ipsec.secrets(5)</A> (or optionally, another file) and format them for
53 insertion in<A href="manpage.d/ipsec.conf.5.html"> ipsec.conf(5)</A> or
54 in DNS records</DD>
55 </DL>
56 <P>Note that:</P>
57 <UL>
58 <LI>These keys are for<STRONG> authentication only</STRONG>. They are<STRONG>
59 not secure for encryption</STRONG>.</LI>
60 <LI>The utility uses random(4) as a source of<A href="glossary.html#random">
61 random numbers</A>. This may block for some time if there is not enough
62 activity on the machine to provide the required entropy. You may want
63 to give it some bogus activity such as random mouse movements or some
64 command such as<NOBR> <TT>du /usr &gt; /dev/null &amp;</TT>.</LI>
65 </UL>
66 <P>The following commands are fairly likely to be used, if only for
67 testing and status checks:</P>
68 <DL>
69 <DT><A href="manpage.d/ipsec.8.html">ipsec(8)</A></DT>
70 <DD>invoke IPsec utilities</DD>
71 <DT><A href="manpage.d/ipsec_setup.8.html">ipsec_setup(8)</A></DT>
72 <DD>control IPsec subsystem</DD>
73 <DT><A href="manpage.d/ipsec_auto.8.html">ipsec_auto(8)</A></DT>
74 <DD>control automatically-keyed IPsec connections</DD>
75 <DT><A href="manpage.d/ipsec_manual.8.html">ipsec_manual(8)</A></DT>
76 <DD>take manually-keyed IPsec connections up and down</DD>
77 <DT><A href="manpage.d/ipsec_ranbits.8.html">ipsec_ranbits(8)</A></DT>
78 <DD>generate random bits in ASCII form</DD>
79 <DT><A href="manpage.d/ipsec_look.8.html">ipsec_look(8)</A></DT>
80 <DD>show minimal debugging information</DD>
81 <DT><A href="manpage.d/ipsec_barf.8.html">ipsec_barf(8)</A></DT>
82 <DD>spew out collected IPsec debugging information</DD>
83 </DL>
84 <P>The lower-level utilities listed below are normally invoked via
85 scripts listed above, but they can also be used directly when required.</P>
86 <DL>
87 <DT><A href="manpage.d/ipsec_eroute.8.html">ipsec_eroute(8)</A></DT>
88 <DD>manipulate IPsec extended routing tables</DD>
89 <DT><A href="manpage.d/ipsec_klipsdebug.8.html">ipsec_klipsdebug(8)</A></DT>
90 <DD>set Klips (kernel IPsec support) debug features and level</DD>
91 <DT><A href="manpage.d/ipsec_pluto.8.html">ipsec_pluto(8)</A></DT>
92 <DD>IPsec IKE keying daemon</DD>
93 <DT><A href="manpage.d/ipsec_spi.8.html">ipsec_spi(8)</A></DT>
94 <DD>manage IPsec Security Associations</DD>
95 <DT><A href="manpage.d/ipsec_spigrp.8.html">ipsec_spigrp(8)</A></DT>
96 <DD>group/ungroup IPsec Security Associations</DD>
97 <DT><A href="manpage.d/ipsec_tncfg.8.html">ipsec_tncfg(8)</A></DT>
98 <DD>associate IPsec virtual interface with real interface</DD>
99 <DT><A href="manpage.d/ipsec_whack.8.html">ipsec_whack(8)</A></DT>
100 <DD>control interface for IPsec keying daemon</DD>
101 </DL>
102 <H2><A name="man.lib">Library routines</A></H2>
103 <DL>
104 <DT><A href="manpage.d/ipsec_atoaddr.3.html">ipsec_atoaddr(3)</A></DT>
105 <DT><A href="manpage.d/ipsec_addrtoa.3.html">ipsec_addrtoa(3)</A></DT>
106 <DD>convert Internet addresses to and from ASCII</DD>
107 <DT><A href="manpage.d/ipsec_atosubnet.3.html">ipsec_atosubnet(3)</A></DT>
108 <DT><A href="manpage.d/ipsec_subnettoa.3.html">ipsec_subnettoa(3)</A></DT>
109 <DD>convert subnet/mask ASCII form to and from addresses</DD>
110 <DT><A href="manpage.d/ipsec_atoasr.3.html">ipsec_atoasr(3)</A></DT>
111 <DD>convert ASCII to Internet address, subnet, or range</DD>
112 <DT><A href="manpage.d/ipsec_rangetoa.3.html">ipsec_rangetoa(3)</A></DT>
113 <DD>convert Internet address range to ASCII</DD>
114 <DT>ipsec_atodata(3)</DT>
115 <DT><A href="manpage.d/ipsec_datatoa.3.html">ipsec_datatoa(3)</A></DT>
116 <DD>convert binary data from and to ASCII formats</DD>
117 <DT><A href="manpage.d/ipsec_atosa.3.html">ipsec_atosa(3)</A></DT>
118 <DT><A href="manpage.d/ipsec_satoa.3.html">ipsec_satoa(3)</A></DT>
119 <DD>convert IPsec Security Association IDs to and from ASCII</DD>
120 <DT><A href="manpage.d/ipsec_atoul.3.html">ipsec_atoul(3)</A></DT>
121 <DT><A href="manpage.d/ipsec_ultoa.3.html">ipsec_ultoa(3)</A></DT>
122 <DD>convert unsigned-long numbers to and from ASCII</DD>
123 <DT><A href="manpage.d/ipsec_goodmask.3.html">ipsec_goodmask(3)</A></DT>
124 <DD>is this Internet subnet mask a valid one?</DD>
125 <DT><A href="manpage.d/ipsec_masktobits.3.html">ipsec_masktobits(3)</A></DT>
126 <DD>convert Internet subnet mask to bit count</DD>
127 <DT><A href="manpage.d/ipsec_bitstomask.3.html">ipsec_bitstomask(3)</A></DT>
128 <DD>convert bit count to Internet subnet mask</DD>
129 <DT><A href="manpage.d/ipsec_optionsfrom.3.html">ipsec_optionsfrom(3)</A>
130 </DT>
131 <DD>read additional ``command-line'' options from file</DD>
132 <DT><A href="manpage.d/ipsec_subnetof.3.html">ipsec_subnetof(3)</A></DT>
133 <DD>given Internet address and subnet mask, return subnet number</DD>
134 <DT><A href="manpage.d/ipsec_hostof.3.html">ipsec_hostof(3)</A></DT>
135 <DD>given Internet address and subnet mask, return host part</DD>
136 <DT><A href="manpage.d/ipsec_broadcastof.3.html">ipsec_broadcastof(3)</A>
137 </DT>
138 <DD>given Internet address and subnet mask, return broadcast address</DD>
139 </DL>
140 <HR>
141 <A HREF="toc.html">Contents</A>
142 <A HREF="faq.html">Previous</A>
143 <A HREF="firewall.html">Next</A>
144 </BODY>
145 </HTML>
Michael's strongswan development tree