[thirdparty/strongswan.git] / doc / src / roadmap.html

<html>
<head>
<title>FreeS/WAN roadmap</title>
<meta name="keywords" content="Linux, IPsec, VPN, security, FreeSWAN">

<!--

Written by Sandy Harris for the Linux FreeS/WAN project
Freely distributable under the GNU General Public License

More information at www.freeswan.org
Feedback to users@lists.freeswan.org

CVS information:
RCS ID:          $Id: roadmap.html,v 1.1 2004/03/15 20:35:24 as Exp $
Last changed:    $Date: 2004/03/15 20:35:24 $
Revision number: $Revision: 1.1 $

CVS revision numbers do not correspond to FreeS/WAN release numbers.
-->
</head>

<body>
<h1><a name="roadmap">Distribution Roadmap: What's Where in Linux FreeS/WAN</a></h1>

<p>
This file is a guide to the locations of files within the FreeS/WAN
distribution. Everything described here should be on your system once you
download, gunzip, and untar the distribution.</p>

<p>This distribution contains two major subsystems
</p>
<dl>
  <dt><a href="#klips.roadmap">KLIPS</a></dt>
    <dd>the kernel code</dd>
  <dt><a href="#pluto.roadmap">Pluto</a></dt>
    <dd>the user-level key-management daemon</dd>
</dl>

<p>plus assorted odds and ends.
</p>
<h2><a name="top">Top directory</a></h2>

<p>The top directory has essential information in text files:</p>

<dl>
  <dt>README</dt>
    <dd>introduction to the software</dd>
  <dt>INSTALL</dt>
    <dd>short experts-only installation procedures. More detalied procedures are in
      <a href="install.html">installation</a> and
	<a href="config.html">configuration</a> HTML documents.</dd>
  <dt>BUGS</dt>
    <dd>major known bugs in the current release.</dd>
  <dt>CHANGES</dt>
    <dd>changes from previous releases</dd>
  <dt>CREDITS</dt>
    <dd>acknowledgement of contributors</dd>
  <dt>COPYING</dt>
    <dd>licensing and distribution information</dd>
</dl>

<h2><a name="doc">Documentation</a></h2>

<p>
The doc directory contains the bulk of the documentation, most of it in
HTML format. See the <a href="index.html">index file</a> for details.
</p>

<h2><a name="klips.roadmap">KLIPS: kernel IP security</a></h2>
</a>
<p>
<a href="glossary.html#KLIPS">KLIPS</a> is <strong>K</strong>erne<strong>L</strong>
<strong>IP</strong> <strong>S</strong>ecurity. It lives in the klips
directory, of course.
</p>
<dl>
  <dt>klips/doc</dt>
    <dd>documentation</dd>
  <dt>klips/patches</dt>
    <dd>patches for existing kernel files</dd>
  <dt>klips/test</dt>
    <dd>test stuff</dd>
  <dt>klips/utils</dt>
    <dd>low-level user utilities</dd>
  <dt>klips/net/ipsec</dt>
    <dd>actual klips kernel files</dd>
  <dt>klips/src</dt>
    <dd>symbolic link to klips/net/ipsec
      <p>The "make insert" step of installation installs the patches and makes
      a symbolic link from the kernel tree to klips/net/ipsec. The odd name of
      klips/net/ipsec is dictated by some annoying limitations of the scripts
      which build the Linux kernel.  The symbolic-link business is a bit
      messy, but all the alternatives are worse.</p>
      <p></p>
    </dd>
  <dt>klips/utils</dt>
    <dd>Utility programs:
      <p></p>
      <dl>
        <dt>eroute</dt>
          <dd>manipulate IPsec extended routing tables</dd>
        <dt>klipsdebug</dt>
          <dd>set Klips (kernel IPsec support) debug features and level</dd>
        <dt>spi</dt>
          <dd>manage IPsec Security Associations</dd>
        <dt>spigrp</dt>
          <dd>group/ungroup IPsec Security Associations</dd>
        <dt>tncfg</dt>
          <dd>associate IPsec virtual interface with real interface</dd>
      </dl>
      <p>These are all normally invoked by ipsec(8) with commands such as</p>
      <pre>        ipsec tncfg <var>arguments</var></pre>
      There are section 8 man pages for all of these; the names have "ipsec_"
      as a prefix, so your man command should be something like:
      <pre>        man 8 ipsec_tncfg</pre>
    </dd>
</dl>

<h2><a name="pluto.roadmap">Pluto key and connection management daemon</a></h2>

<p>
<a href="glossary.html#Pluto">Pluto</a> is our key management and negotiation daemon. It
lives in the pluto directory, along with its low-level user utility,
whack.
</p>
<p>
There are no subdirectories. Documentation is a man page,
<a href="manpage.d/ipsec_pluto.8.html">pluto.8</a>. This covers whack as well.
</p>

<h2><a name="utils">Utils</a></h2>

<p>
The utils directory contains a growing collection of higher-level user
utilities, the commands that administer and control the software.  Most of the
things that you will actually have to run yourself are in there.
</p>
<dl>
  <dt>ipsec</dt>
    <dd>invoke IPsec utilities
      <p>ipsec(8) is normally the only program installed in a standard
      directory, /usr/local/sbin. It is used to invoke the others, both those
      listed below and the ones in klips/utils mentioned above.</p>
      <p></p>
    </dd>
  <dt>auto</dt>
    <dd>control automatically-keyed IPsec connections</dd>
  <dt>manual</dt>
    <dd>take manually-keyed IPsec connections up and down</dd>
  <dt>barf</dt>
    <dd>generate copious debugging output</dd>
  <dt>look</dt>
    <dd>generate moderate amounts of debugging output</dd>
</dl>
<p>
There are .8 manual pages for these. look is covered in barf.8. The man pages
have an "ipsec_" prefix so your man command should be something like:
<pre>
        man 8 ipsec_auto
</pre>
<p>
Examples are in various files with names utils/*.eg</p>

<h2><a name="lib">Libraries</a></h2>

<h3><a name="fswanlib">FreeS/WAN Library</a></h3>

<p>
The lib directory is the FreeS/WAN library, also steadily growing, used by
both user-level and kernel code.<br />
It includes section 3 <a href="manpages.html">man pages</a> for the library routines.
</p>
<h3><a name="otherlib">Imported Libraries</a></h3>

<h4>LibDES</h4>

The libdes library, originally from SSLeay, is used by both Klips and Pluto
for <a href="glossary.html#3DES">Triple DES</a> encryption. Single DES is not
used because <a href="politics.html#desnotsecure">it is
insecure</a>.
<p>
Note that this library has its own license, different from the
<a href="glossary.html#GPL">GPL</a> used for other code in FreeS/WAN.
 </p>
<p>
The library includes its own documentation.


<h4>GMP</h4>

The GMP (GNU multi-precision) library is used for multi-precision arithmetic
in Pluto's key-exchange code and public key code.
<p>
Older versions (up to 1.7) of FreeS/WAN included a copy of this library in
the FreeS/WAN distribution.
<p>
Since 1.8, we have begun to rely on the system copy of GMP.
</p>

</body>
</html>
Commit	Line	Data
997358a6 MW	1	<html>
	2	<head>
	3	<title>FreeS/WAN roadmap</title>
	4	<meta name="keywords" content="Linux, IPsec, VPN, security, FreeSWAN">
	5
	6	<!--
	7
	8	Written by Sandy Harris for the Linux FreeS/WAN project
	9	Freely distributable under the GNU General Public License
	10
	11	More information at www.freeswan.org
	12	Feedback to users@lists.freeswan.org
	13
	14	CVS information:
	15	RCS ID: $Id: roadmap.html,v 1.1 2004/03/15 20:35:24 as Exp $
	16	Last changed: $Date: 2004/03/15 20:35:24 $
	17	Revision number: $Revision: 1.1 $
	18
	19	CVS revision numbers do not correspond to FreeS/WAN release numbers.
	20	-->
	21	</head>
	22
	23	<body>
	24	<h1><a name="roadmap">Distribution Roadmap: What's Where in Linux FreeS/WAN</a></h1>
	25
	26	<p>
	27	This file is a guide to the locations of files within the FreeS/WAN
	28	distribution. Everything described here should be on your system once you
	29	download, gunzip, and untar the distribution.</p>
	30
	31	<p>This distribution contains two major subsystems
	32	</p>
	33	<dl>
	34	<dt><a href="#klips.roadmap">KLIPS</a></dt>
	35	<dd>the kernel code</dd>
	36	<dt><a href="#pluto.roadmap">Pluto</a></dt>
	37	<dd>the user-level key-management daemon</dd>
	38	</dl>
	39
	40	<p>plus assorted odds and ends.
	41	</p>
	42	<h2><a name="top">Top directory</a></h2>
	43
	44	<p>The top directory has essential information in text files:</p>
	45
	46	<dl>
	47	<dt>README</dt>
	48	<dd>introduction to the software</dd>
	49	<dt>INSTALL</dt>
	50	<dd>short experts-only installation procedures. More detalied procedures are in
	51	<a href="install.html">installation</a> and
	52	<a href="config.html">configuration</a> HTML documents.</dd>
	53	<dt>BUGS</dt>
	54	<dd>major known bugs in the current release.</dd>
	55	<dt>CHANGES</dt>
	56	<dd>changes from previous releases</dd>
	57	<dt>CREDITS</dt>
	58	<dd>acknowledgement of contributors</dd>
	59	<dt>COPYING</dt>
	60	<dd>licensing and distribution information</dd>
	61	</dl>
	62
	63	<h2><a name="doc">Documentation</a></h2>
	64
65	<p>
66	The doc directory contains the bulk of the documentation, most of it in
67	HTML format. See the <a href="index.html">index file</a> for details.
68	</p>
69
70	<h2><a name="klips.roadmap">KLIPS: kernel IP security</a></h2>
71	</a>
72	<p>
73	<a href="glossary.html#KLIPS">KLIPS</a> is <strong>K</strong>erne<strong>L</strong>
74	<strong>IP</strong> <strong>S</strong>ecurity. It lives in the klips
75	directory, of course.
76	</p>
77	<dl>
78	<dt>klips/doc</dt>
79	<dd>documentation</dd>
80	<dt>klips/patches</dt>
81	<dd>patches for existing kernel files</dd>
82	<dt>klips/test</dt>
83	<dd>test stuff</dd>
84	<dt>klips/utils</dt>
85	<dd>low-level user utilities</dd>
86	<dt>klips/net/ipsec</dt>
87	<dd>actual klips kernel files</dd>
88	<dt>klips/src</dt>
89	<dd>symbolic link to klips/net/ipsec
90	<p>The "make insert" step of installation installs the patches and makes
91	a symbolic link from the kernel tree to klips/net/ipsec. The odd name of
92	klips/net/ipsec is dictated by some annoying limitations of the scripts
93	which build the Linux kernel. The symbolic-link business is a bit
94	messy, but all the alternatives are worse.</p>
95	<p></p>
96	</dd>
97	<dt>klips/utils</dt>
98	<dd>Utility programs:
99	<p></p>
100	<dl>
101	<dt>eroute</dt>
102	<dd>manipulate IPsec extended routing tables</dd>
103	<dt>klipsdebug</dt>
104	<dd>set Klips (kernel IPsec support) debug features and level</dd>
105	<dt>spi</dt>
106	<dd>manage IPsec Security Associations</dd>
107	<dt>spigrp</dt>
108	<dd>group/ungroup IPsec Security Associations</dd>
109	<dt>tncfg</dt>
110	<dd>associate IPsec virtual interface with real interface</dd>
111	</dl>
112	<p>These are all normally invoked by ipsec(8) with commands such as</p>
113	<pre> ipsec tncfg <var>arguments</var></pre>
114	There are section 8 man pages for all of these; the names have "ipsec_"
115	as a prefix, so your man command should be something like:
116	<pre> man 8 ipsec_tncfg</pre>
117	</dd>
118	</dl>
119
120	<h2><a name="pluto.roadmap">Pluto key and connection management daemon</a></h2>
121
122	<p>
123	<a href="glossary.html#Pluto">Pluto</a> is our key management and negotiation daemon. It
124	lives in the pluto directory, along with its low-level user utility,
125	whack.
126	</p>
127	<p>
128	There are no subdirectories. Documentation is a man page,
129	<a href="manpage.d/ipsec_pluto.8.html">pluto.8</a>. This covers whack as well.
130	</p>
131
132	<h2><a name="utils">Utils</a></h2>
133
134	<p>
135	The utils directory contains a growing collection of higher-level user
136	utilities, the commands that administer and control the software. Most of the
137	things that you will actually have to run yourself are in there.
138	</p>
139	<dl>
140	<dt>ipsec</dt>
141	<dd>invoke IPsec utilities
142	<p>ipsec(8) is normally the only program installed in a standard
143	directory, /usr/local/sbin. It is used to invoke the others, both those
144	listed below and the ones in klips/utils mentioned above.</p>
145	<p></p>
146	</dd>
147	<dt>auto</dt>
148	<dd>control automatically-keyed IPsec connections</dd>
149	<dt>manual</dt>
150	<dd>take manually-keyed IPsec connections up and down</dd>
151	<dt>barf</dt>
152	<dd>generate copious debugging output</dd>
153	<dt>look</dt>
154	<dd>generate moderate amounts of debugging output</dd>
155	</dl>
156	<p>
157	There are .8 manual pages for these. look is covered in barf.8. The man pages
158	have an "ipsec_" prefix so your man command should be something like:
159	<pre>
160	man 8 ipsec_auto
161	</pre>
162	<p>
163	Examples are in various files with names utils/*.eg</p>
164
165	<h2><a name="lib">Libraries</a></h2>
166
167	<h3><a name="fswanlib">FreeS/WAN Library</a></h3>
168
169	<p>
170	The lib directory is the FreeS/WAN library, also steadily growing, used by
171	both user-level and kernel code.<br />
172	It includes section 3 <a href="manpages.html">man pages</a> for the library routines.
173	</p>
174	<h3><a name="otherlib">Imported Libraries</a></h3>
175
176	<h4>LibDES</h4>
177
178	The libdes library, originally from SSLeay, is used by both Klips and Pluto
179	for <a href="glossary.html#3DES">Triple DES</a> encryption. Single DES is not
180	used because <a href="politics.html#desnotsecure">it is
181	insecure</a>.
182	<p>
183	Note that this library has its own license, different from the
184	<a href="glossary.html#GPL">GPL</a> used for other code in FreeS/WAN.
185	</p>
186	<p>
187	The library includes its own documentation.
188
189
190	<h4>GMP</h4>
191
192	The GMP (GNU multi-precision) library is used for multi-precision arithmetic
193	in Pluto's key-exchange code and public key code.
194	<p>
195	Older versions (up to 1.7) of FreeS/WAN included a copy of this library in
196	the FreeS/WAN distribution.
197	<p>
198	Since 1.8, we have begun to rely on the system copy of GMP.
199	</p>
200
201	</body>
202	</html>
203