doc/roadmap.html

   1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">
   2 <HTML>
   3 <HEAD>
   4 <TITLE>Introduction to FreeS/WAN</TITLE>
   5 <META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1">
   6 <STYLE TYPE="text/css"><!--
   7 BODY { font-family: serif }
   8 H1 { font-family: sans-serif }
   9 H2 { font-family: sans-serif }
  10 H3 { font-family: sans-serif }
  11 H4 { font-family: sans-serif }
  12 H5 { font-family: sans-serif }
  13 H6 { font-family: sans-serif }
  14 SUB { font-size: smaller }
  15 SUP { font-size: smaller }
  16 PRE { font-family: monospace }
  17 --></STYLE>
  18 </HEAD>
  19 <BODY>
  20 <A HREF="toc.html">Contents</A>
  21 <A HREF="rfc.html">Previous</A>
  22 <A HREF="umltesting.html">Next</A>
  23 <HR>
  24 <H1><A name="roadmap">Distribution Roadmap: What's Where in Linux
  25  FreeS/WAN</A></H1>
  26 <P> This file is a guide to the locations of files within the FreeS/WAN
  27  distribution. Everything described here should be on your system once
  28  you download, gunzip, and untar the distribution.</P>
  29 <P>This distribution contains two major subsystems</P>
  30 <DL>
  31 <DT><A href="#klips.roadmap">KLIPS</A></DT>
  32 <DD>the kernel code</DD>
  33 <DT><A href="#pluto.roadmap">Pluto</A></DT>
  34 <DD>the user-level key-management daemon</DD>
  35 </DL>
  36 <P>plus assorted odds and ends.</P>
  37 <H2><A name="top">Top directory</A></H2>
  38 <P>The top directory has essential information in text files:</P>
  39 <DL>
  40 <DT>README</DT>
  41 <DD>introduction to the software</DD>
  42 <DT>INSTALL</DT>
  43 <DD>short experts-only installation procedures. More detalied procedures
  44  are in<A href="install.html"> installation</A> and<A href="config.html">
  45  configuration</A> HTML documents.</DD>
  46 <DT>BUGS</DT>
  47 <DD>major known bugs in the current release.</DD>
  48 <DT>CHANGES</DT>
  49 <DD>changes from previous releases</DD>
  50 <DT>CREDITS</DT>
  51 <DD>acknowledgement of contributors</DD>
  52 <DT>COPYING</DT>
  53 <DD>licensing and distribution information</DD>
  54 </DL>
  55 <H2><A name="doc">Documentation</A></H2>
  56 <P> The doc directory contains the bulk of the documentation, most of it
  57  in HTML format. See the<A href="index.html"> index file</A> for
  58  details.</P>
  59 <H2><A name="klips.roadmap">KLIPS: kernel IP security</A></H2>
  60 <P><A href="glossary.html#KLIPS"> KLIPS</A> is<STRONG> K</STRONG>erne<STRONG>
  61 L</STRONG><STRONG> IP</STRONG><STRONG> S</STRONG>ecurity. It lives in
  62  the klips directory, of course.</P>
  63 <DL>
  64 <DT>klips/doc</DT>
  65 <DD>documentation</DD>
  66 <DT>klips/patches</DT>
  67 <DD>patches for existing kernel files</DD>
  68 <DT>klips/test</DT>
  69 <DD>test stuff</DD>
  70 <DT>klips/utils</DT>
  71 <DD>low-level user utilities</DD>
  72 <DT>klips/net/ipsec</DT>
  73 <DD>actual klips kernel files</DD>
  74 <DT>klips/src</DT>
  75 <DD>symbolic link to klips/net/ipsec
  76 <P>The &quot;make insert&quot; step of installation installs the patches and makes
  77  a symbolic link from the kernel tree to klips/net/ipsec. The odd name
  78  of klips/net/ipsec is dictated by some annoying limitations of the
  79  scripts which build the Linux kernel. The symbolic-link business is a
  80  bit messy, but all the alternatives are worse.</P>
  81 <P></P>
  82 </DD>
  83 <DT>klips/utils</DT>
  84 <DD>Utility programs:
  85 <P></P>
  86 <DL>
  87 <DT>eroute</DT>
  88 <DD>manipulate IPsec extended routing tables</DD>
  89 <DT>klipsdebug</DT>
  90 <DD>set Klips (kernel IPsec support) debug features and level</DD>
  91 <DT>spi</DT>
  92 <DD>manage IPsec Security Associations</DD>
  93 <DT>spigrp</DT>
  94 <DD>group/ungroup IPsec Security Associations</DD>
  95 <DT>tncfg</DT>
  96 <DD>associate IPsec virtual interface with real interface</DD>
  97 </DL>
  98 <P>These are all normally invoked by ipsec(8) with commands such as</P>
  99 <PRE>        ipsec tncfg <VAR>arguments</VAR></PRE>
 100  There are section 8 man pages for all of these; the names have &quot;ipsec_&quot;
 101  as a prefix, so your man command should be something like:
 102 <PRE>        man 8 ipsec_tncfg</PRE>
 103 </DD>
 104 </DL>
 105 <H2><A name="pluto.roadmap">Pluto key and connection management daemon</A>
 106 </H2>
 107 <P><A href="glossary.html#Pluto"> Pluto</A> is our key management and
 108  negotiation daemon. It lives in the pluto directory, along with its
 109  low-level user utility, whack.</P>
 110 <P> There are no subdirectories. Documentation is a man page,<A href="manpage.d/ipsec_pluto.8.html">
 111  pluto.8</A>. This covers whack as well.</P>
 112 <H2><A name="utils">Utils</A></H2>
 113 <P> The utils directory contains a growing collection of higher-level
 114  user utilities, the commands that administer and control the software.
 115  Most of the things that you will actually have to run yourself are in
 116  there.</P>
 117 <DL>
 118 <DT>ipsec</DT>
 119 <DD>invoke IPsec utilities
 120 <P>ipsec(8) is normally the only program installed in a standard
 121  directory, /usr/local/sbin. It is used to invoke the others, both those
 122  listed below and the ones in klips/utils mentioned above.</P>
 123 <P></P>
 124 </DD>
 125 <DT>auto</DT>
 126 <DD>control automatically-keyed IPsec connections</DD>
 127 <DT>manual</DT>
 128 <DD>take manually-keyed IPsec connections up and down</DD>
 129 <DT>barf</DT>
 130 <DD>generate copious debugging output</DD>
 131 <DT>look</DT>
 132 <DD>generate moderate amounts of debugging output</DD>
 133 </DL>
 134 <P> There are .8 manual pages for these. look is covered in barf.8. The
 135  man pages have an &quot;ipsec_&quot; prefix so your man command should be
 136  something like:</P>
 137 <PRE>
 138         man 8 ipsec_auto
 139 </PRE>
 140 <P> Examples are in various files with names utils/*.eg</P>
 141 <H2><A name="lib">Libraries</A></H2>
 142 <H3><A name="fswanlib">FreeS/WAN Library</A></H3>
 143 <P> The lib directory is the FreeS/WAN library, also steadily growing,
 144  used by both user-level and kernel code.
 145 <BR /> It includes section 3<A href="manpages.html"> man pages</A> for
 146  the library routines.</P>
 147 <H3><A name="otherlib">Imported Libraries</A></H3>
 148 <H4>LibDES</H4>
 149  The libdes library, originally from SSLeay, is used by both Klips and
 150  Pluto for<A href="glossary.html#3DES"> Triple DES</A> encryption.
 151  Single DES is not used because<A href="politics.html#desnotsecure"> it
 152  is insecure</A>.
 153 <P> Note that this library has its own license, different from the<A href="glossary.html#GPL">
 154  GPL</A> used for other code in FreeS/WAN.</P>
 155 <P> The library includes its own documentation.</P>
 156 <H4>GMP</H4>
 157  The GMP (GNU multi-precision) library is used for multi-precision
 158  arithmetic in Pluto's key-exchange code and public key code.
 159 <P> Older versions (up to 1.7) of FreeS/WAN included a copy of this
 160  library in the FreeS/WAN distribution.</P>
 161 <P> Since 1.8, we have begun to rely on the system copy of GMP.</P>
 162 <HR>
 163 <A HREF="toc.html">Contents</A>
 164 <A HREF="rfc.html">Previous</A>
 165 <A HREF="umltesting.html">Next</A>
 166 </BODY>
 167 </HTML>