1 Content-type: text/html
3 <HTML><HEAD><TITLE>Manpage of IPSEC_SETUP</TITLE>
6 Section: Maintenance Commands (8)<BR>Updated: 7 June 2001<BR><A HREF="#index">Index</A>
7 <A HREF="http://localhost/cgi-bin/man/man2html">Return to Main Contents</A><HR>
10 <A NAME="lbAB"> </A>
13 ipsec setup - control IPsec subsystem
14 <A NAME="lbAC"> </A>
22 <A NAME="lbAD"> </A>
27 controls the FreeS/WAN IPsec subsystem,
28 including both the Klips kernel code and the Pluto key-negotiation daemon.
29 (It is a synonym for the ``rc'' script for the subsystem;
30 the system runs the equivalent of
31 <B>ipsec setup start</B>
35 <B>ipsec setup stop</B>
37 at shutdown time, more or less.)
40 The action taken depends on the specific
43 and on the contents of the
49 IPsec configuration file (<I>/etc/ipsec.conf</I>,
52 <I><A HREF="ipsec.conf.5.html">ipsec.conf</A></I>(5)).
62 start Klips and Pluto,
63 including setting up Klips to do crypto operations on the
64 interface(s) specified in the configuration file,
65 and (if the configuration file so specifies)
66 setting up manually-keyed connections and/or
67 asking Pluto to negotiate automatically-keyed connections
68 to other security gateways
72 shut down Klips and Pluto,
73 including tearing down all existing crypto connections
86 report the status of the subsystem;
91 <B>pluto pid </B><I>nnn</I>,
96 and exits with status 0,
97 but will go into more detail (and exit with status 1)
98 if something strange is found.
105 operation tries to clean up properly even if assorted accidents
107 e.g. Pluto having died without removing its lock file.
111 discovers that the subsystem is (supposedly) not running,
113 but will do its cleanup anyway before exiting with status 1.
116 Although a number of configuration-file parameters influence
119 operations, the key one is the
122 parameter, which must be right or chaos will ensue.
123 <A NAME="lbAE"> </A>
128 /etc/rc.d/init.d/ipsec<TT> </TT>the script itself<BR>
131 /etc/init.d/ipsec<TT> </TT>alternate location for the script<BR>
134 /etc/ipsec.conf<TT> </TT>IPsec configuration file<BR>
137 /var/run/ipsec.info<TT> </TT>saved information<BR>
140 /proc/sys/net/ipv4/ip_forward<TT> </TT>forwarding control<BR>
141 <A NAME="lbAF"> </A>
144 <A HREF="ipsec.conf.5.html">ipsec.conf</A>(5), <A HREF="ipsec.8.html">ipsec</A>(8), <A HREF="ipsec_manual.8.html">ipsec_manual</A>(8), <A HREF="ipsec_auto.8.html">ipsec_auto</A>(8), <A HREF="route.8.html">route</A>(8)
145 <A NAME="lbAG"> </A>
148 All output from the commands
154 goes both to standard
156 <I><A HREF="syslogd.8.html">syslogd</A></I>(8),
159 <I><A HREF="logger.1.html">logger</A></I>(1).
161 Selected additional information is logged only to
162 <I><A HREF="syslogd.8.html">syslogd</A></I>(8).
164 <A NAME="lbAH"> </A>
167 Written for the FreeS/WAN project
168 <<A HREF="http://www.freeswan.org">http://www.freeswan.org</A>>
170 <A NAME="lbAI"> </A>
174 <I><A HREF="logger.1.html">logger</A></I>(1)
176 inject spurious extra newlines onto standard output.
180 <A NAME="index"> </A><H2>Index</H2>
182 <DT><A HREF="#lbAB">NAME</A><DD>
183 <DT><A HREF="#lbAC">SYNOPSIS</A><DD>
184 <DT><A HREF="#lbAD">DESCRIPTION</A><DD>
185 <DT><A HREF="#lbAE">FILES</A><DD>
186 <DT><A HREF="#lbAF">SEE ALSO</A><DD>
187 <DT><A HREF="#lbAG">DIAGNOSTICS</A><DD>
188 <DT><A HREF="#lbAH">HISTORY</A><DD>
189 <DT><A HREF="#lbAI">BUGS</A><DD>
192 This document was created by
193 <A HREF="http://localhost/cgi-bin/man/man2html">man2html</A>,
194 using the manual pages.<BR>
195 Time: 05:09:33 GMT, June 19, 2001