2013.10.24

[uclinux-h8/uClinux-dist.git] / freeswan / klips / README

*
* RCSID $Id: README,v 1.8 2000/11/06 05:42:58 rgb Exp $
*

               ****************************************
               * IPSEC for Linux, Preliminary Release *
               ****************************************



1. Files

The contents of net/ipsec/ (see below) join the linux kernel source tree.
as provided for higher up.

The utils/ directory contains the user-level utilities which you need
to run IPSEC.  See the top-level top/INSTALL to compile and install them.

The test/ directory contains test scripts.

The doc/ directory contains -- what else -- documentation.  Not a lot
of it, yet.


1.1. Kernel files

The following are found in net/ipsec/:

Makefile                        The Makefile
Config.in                       The configuration script for make menuconfig
defconfig                       Configuration defaults for first time.

radij.c                         General-purpose radix-tree operations

ipcomp.c                        IPCOMP interface code.

pfkey_v2.c                      PF_KEYv2 socket interface code.
pfkey_v2_parser.c               PF_KEYv2 message parsing and processing code.

ipsec_init.c                    Initialization code, /proc interface.
ipsec_radij.c                   Interface with the radix tree code.
ipsec_netlink.c                 Interface with the netlink code.
ipsec_xform.c                   Routines and structures common to transforms.
ipsec_tunnel.c                  The outgoing packet processing code.
ipsec_rcv.c                     The incoming packet processing code.
ipsec_md5c.c                    Somewhat modified RSADSI MD5 C code.
ipsec_sha1.c                    Somewhat modified Steve Reid SHA-1 C code.

sysctl_net_ipsec.c              /proc/sys/net/ipsec/* variable definitions.

version.c                       symbolic link to project version.

radij.h                         Headers for radij.c

ipcomp.h                        Headers used by IPCOMP code.

ipsec_radij.h                   Interface with the radix tree code.
ipsec_netlink.h                 Headers used by the netlink interface.
ipsec_encap.h                   Headers defining encapsulation structures.
ipsec_xform.h                   Transform headers.
ipsec_tunnel.h                  Headers used by tunneling code.
ipsec_ipe4.h                    Headers for the IP-in-IP code.
ipsec_ah.h                      Headers common to AH transforms.
ipsec_md5h.h                    RSADSI MD5 headers.
ipsec_sha1.h                    SHA-1 headers.
ipsec_esp.h                     Headers common to ESP transfroms.
ipsec_rcv.h                     Headers for incoming packet processing code.

1.2. User-level files.

The following are found in utils/:

eroute.c        Create an "extended route" source code
spi.c           Set up Security Associations source code
spigrp.c        Link SPIs together source code.
tncfg.c         Configure the tunneling features of the virtual interface
                source code
klipsdebug.c    Set/reset klips debugging features source code.
version.c       symbolic link to project version.

eroute.8        Create an "extended route" manual page
spi.8           Set up Security Associations manual page
spigrp.8        Link SPIs together manual page
tncfg.8         Configure the tunneling features of the virtual interface
                manual page
klipsdebug.8    Set/reset klips debugging features manual page

eroute.5        /proc/net/ipsec_eroute format manual page
spi.5           /proc/net/ipsec_spi format manual page
spigrp.5        /proc/net/ipsec_spigrp format manual page
tncfg.5         /proc/net/ipsec_tncfg format manual page
klipsdebug.5    /proc/net/ipsec_klipsdebug format manual page
version.5       /proc/net/ipsec_version format manual page
pf_key.5        /proc/net/pf_key format manual page

Makefile        Utilities makefile.

*.8             Manpages for the respective utils.


1.3. Test files

The test scripts are somewhat specific to site at the moment, but they will
be changed to be more general and generic soon.

The following are found in test/:

100     Sub-directory of scripts to be run on one ipsec-capable machine (.100)
103     Sub-directory of scripts to be run on one ipsec-capable machine (.103)
110     Sub-directory of scripts to be run on one ipsec-capable machine (.110)
ji      Sub-directory of scripts from JI's setup.
west    Sub-directory of scripts to be run on one ipsec-capable machine (west)
snoop110-100    Script for starting a modified tcpdump to monitor traffic
                between two machines.  MAC's must be changed for your setup.
snoop110-105    Script for starting a modified tcpdump to monitor traffic
                between two machines.  MAC's must be changed for your setup.


The following are found in test/100:

103     Script to setup IPSEC connections with (192.168.2.) 103.
110     Script to setup IPSEC connections with (192.168.2.) 110.
west    Script to setup IPSEC connections with west.


The following are found in test/103:

100     Script to setup IPSEC connections with (192.168.2.) 100.
110     Script to setup IPSEC connections with (192.168.2.) 110.


The following are found in test/110:

100     Script to setup IPSEC connections with (192.168.2.) 100.
103     Script to setup IPSEC connections with (192.168.2.) 103.
105     Script to setup IPSEC connections with (192.168.2.) 105.


The scripts found in test/ji were undocumented and are out of date.


The following are found in test/west:

magellan        Script to setup IPSEC connections with magellan (100).


1.4. Documentation files

The following are found in doc/:

COPYING-2.0     GNU General Public License concerning this software.
CREDITS         People and organisations that creditted for contributions.
TODO            Klips list of things to do.
DONE            Klips list of things completed.
func_tree.txt   Shows the calling tree of the klips module.
ji_setup.txt    JI's sample setup (obsolete).
rgb_setup.txt   RGB's sample setup.


2. Please see doc/TODO for a list of some of the known bugs and problems.

*
* $Log: README,v $
* Revision 1.8  2000/11/06 05:42:58  rgb
* Updated file list (had not been done in 2 years?).
*
* Revision 1.7  2000/08/21 17:30:09  rgb
* Remove any references to src/.
*
* Revision 1.6  1999/04/06 04:54:22  rgb
* Fix/Add RCSID Id: and Log: bits to make PHMDs happy.  This includes
* patch shell fixes.
*
* Revision 1.5  1998/11/25 04:54:34  rgb
* Updated files section to include newer transforms and other files.
*
* Revision 1.4  1998/05/01 03:47:17  rgb
* Minor cleanup of utils filenames overlooked in major overhaul.
*
* Revision 1.3  1998/05/01 03:40:31  rgb
* Major overhaul.
* Removed install/initialise section with pointers to top-level INSTALL.txt.
* Updated filelists and providing descriptions of all files.
* Removed usage example and moved it to doc/*_setup.txt.
*
* Revision 1.2  1998/04/09 03:01:13  henry
* INSTALL.txt moves up, loses its installation instructions, and turns
* into the klips README.
*
* Revision 1.1.1.1  1998/04/08 05:35:13  henry
* RGB's ipsec-0.8pre2.tar.gz ipsec-0.8
*
*
* Revision 0.7  rgb
* Cleaned up several transmission bugs.
*
* Revision 0.6  1997/09?  ak
* Hooked in esp des-md5-96.
* Added copyrights.
* 
* Revision 0.5  1997/06/03 04:28:46  ji
* Added transport mode.
* Added esp 3des-md5-96.
*
* Revision 0.4  1997/01/14 21:35:31  ji
* Added new transforms.
* Cleaned up the user-level programs.
*
* Revision 0.3  1996/11/20 11:59:33  ji
* *** empty log message ***
*
*
* New in this release (0.3; works with the 2.0.24 kernel)
*
*   > Cleaned up a fair amount of crud.
*   > Fixed truncated names of /proc/net entries.
*   > Made RCS versioning visible to the external release.
*   > Rationalized debugging facilities.
*   > Rationalized untar directory structure.
*   > Fixed non-incrementing IV in DES-CBC
*   > Cleaned up this file a bit and provided additional examples