1 .TH IPSEC_BARF 8 "17 March 2002"
2 .\" RCSID $Id: barf.8,v 1.20 2002/03/18 00:29:51 henry Exp $
4 ipsec barf \- spew out collected IPsec debugging information
6 ipsec look \- show minimal debugging information
18 outputs (on standard output) a collection of debugging information
19 (contents of files, selections from logs, etc.)
20 related to the IPsec encryption/authentication system.
21 It is primarily a convenience for remote debugging,
22 a single command which packages up (and labels) all information
23 that might be relevant to diagnosing a problem in IPsec.
26 outputs a minimal subset of this,
27 intended as a quick look at current connections and related information,
28 in a somewhat less self-explanatory format optimized for terseness.
32 option limits the length of
35 output, which can otherwise be extremely voluminous
36 if debug logging is turned on.
41 and secrets with brief checksums to avoid revealing sensitive information.
43 output does not contain such information.
45 Beware that the output of both commands is aimed at humans,
47 and the output format is subject to change without warning.
50 has to figure out which files in
52 contain the IPsec log messages.
53 It looks for KLIPS and general log messages first in
57 and for Pluto messages first in
63 if it does not find what it is looking for in one of those ``likely'' places,
64 it will resort to a brute-force search of most (non-compressed) files in
74 Written for the Linux FreeS/WAN project
75 <http://www.freeswan.org>
79 uses heuristics to try to pick relevant material out of the logs,
81 which are not labelled with any of the tags that
83 looks for will be lost.
84 We think we've eliminated the last such case, but one never knows...
88 scripts (so they can be included in output) is, in general, difficult.
90 uses a very simple heuristic that is easily fooled.
92 The brute-force search for the right log files can get expensive on
93 systems with a lot of clutter in