1 Content-type: text/html
3 <HTML><HEAD><TITLE>Manpage of IPSEC_SPIGRP</TITLE>
6 Section: File Formats (5)<BR>Updated: 27 Jun 2000<BR><A HREF="#index">Index</A>
7 <A HREF="http://localhost/cgi-bin/man/man2html">Return to Main Contents</A><HR>
12 <A NAME="lbAB"> </A>
15 ipsec_spigrp - list IPSEC Security Association groupings
16 <A NAME="lbAC"> </A>
27 <B>/proc/net/ipsec_spigrp</B>
31 <A NAME="lbAD"> </A>
34 <I>/proc/net/ipsec_spigrp</I>
36 is a read-only file that lists groups of IPSEC Security Associations
40 An entry in the IPSEC extended routing table can only point (via an
41 SAID) to one SA. If more than one transform must be applied to a given
42 type of packet, this can be accomplished by setting up several SAs with
43 the same destination address but potentially different SPIs and
44 protocols, and grouping them with
45 <I><A HREF="ipsec_spigrp.8.html">ipsec_spigrp</A>(8)</I>.
49 The SA groups are listed, one line per connection/group, as a sequence
50 of SAs to be applied (or that should have been applied, in the case of
51 an incoming packet) from inside to outside the packet. An SA is
52 identified by its SAID, which consists of protocol ("ah", "esp", "comp" or
53 "tun"), SPI (with '.' for IPv4 or ':' for IPv6 prefixed hexadecimal number ) and destination address
54 (IPv4 dotted quad or IPv6 coloned hex) prefixed by '@', in the format <proto><af><spi>@<dest>.
55 <A NAME="lbAE"> </A>
59 <DT><B><A HREF="mailto:tun.3d0@192.168.2.110">tun.3d0@192.168.2.110</A></B>
62 <B><A HREF="mailto:comp.3d0@192.168.2.110">comp.3d0@192.168.2.110</A></B>
64 <B><A HREF="mailto:esp.187a101b@192.168.2.110">esp.187a101b@192.168.2.110</A></B>
66 <B><A HREF="mailto:ah.187a101a@192.168.2.110">ah.187a101a@192.168.2.110</A> </B>
71 is a group of 3 SAs, destined for
74 with an IPv4-in-IPv4 tunnel SA applied first with an SPI of
77 in hexadecimal, followed by a Deflate compression header to compress
78 the packet with CPI of
81 in hexadecimal, followed by an Encapsulating Security Payload header to
82 encrypt the packet with SPI
85 in hexadecimal, followed by an Authentication Header to authenticate the
89 in hexadecimal, applied from inside to outside the packet. This could
90 be an incoming or outgoing group, depending on the address of the local
95 <DT><B>tun:<A HREF="mailto:3d0@3049">3d0@3049</A>:1::2</B>
98 <B>comp:<A HREF="mailto:3d0@3049">3d0@3049</A>:1::2</B>
100 <B>esp:<A HREF="mailto:187a101b@3049">187a101b@3049</A>:1::2</B>
102 <B>ah:<A HREF="mailto:187a101a@3049">187a101a@3049</A>:1::2 </B>
107 is a group of 3 SAs, destined for
110 with an IPv6-in-IPv6 tunnel SA applied first with an SPI of
113 in hexadecimal, followed by a Deflate compression header to compress
114 the packet with CPI of
117 in hexadecimal, followed by an Encapsulating Security Payload header to
118 encrypt the packet with SPI
121 in hexadecimal, followed by an Authentication Header to authenticate the
125 in hexadecimal, applied from inside to outside the packet. This could
126 be an incoming or outgoing group, depending on the address of the local
130 <A NAME="lbAF"> </A>
133 /proc/net/ipsec_spigrp, /usr/local/bin/ipsec
134 <A NAME="lbAG"> </A>
137 <A HREF="ipsec.8.html">ipsec</A>(8), <A HREF="ipsec_manual.8.html">ipsec_manual</A>(8), <A HREF="ipsec_tncfg.5.html">ipsec_tncfg</A>(5), <A HREF="ipsec_eroute.5.html">ipsec_eroute</A>(5),
138 <A HREF="ipsec_spi.5.html">ipsec_spi</A>(5), <A HREF="ipsec_klipsdebug.5.html">ipsec_klipsdebug</A>(5), <A HREF="ipsec_spigrp.8.html">ipsec_spigrp</A>(8), <A HREF="ipsec_version.5.html">ipsec_version</A>(5),
139 <A HREF="ipsec_pf_key.5.html">ipsec_pf_key</A>(5)
140 <A NAME="lbAH"> </A>
143 Written for the Linux FreeS/WAN project
144 <<A HREF="http://www.freeswan.org/">http://www.freeswan.org/</A>>
145 by Richard Guy Briggs.
146 <A NAME="lbAI"> </A>
173 <A NAME="index"> </A><H2>Index</H2>
175 <DT><A HREF="#lbAB">NAME</A><DD>
176 <DT><A HREF="#lbAC">SYNOPSIS</A><DD>
177 <DT><A HREF="#lbAD">DESCRIPTION</A><DD>
178 <DT><A HREF="#lbAE">EXAMPLES</A><DD>
179 <DT><A HREF="#lbAF">FILES</A><DD>
180 <DT><A HREF="#lbAG">SEE ALSO</A><DD>
181 <DT><A HREF="#lbAH">HISTORY</A><DD>
182 <DT><A HREF="#lbAI">BUGS</A><DD>
185 This document was created by
186 <A HREF="http://localhost/cgi-bin/man/man2html">man2html</A>,
187 using the manual pages.<BR>
188 Time: 05:09:33 GMT, June 19, 2001