diff options
Diffstat (limited to 'doc/src/roadmap.html')
| -rw-r--r-- | doc/src/roadmap.html | 203 |
1 files changed, 203 insertions, 0 deletions
diff --git a/doc/src/roadmap.html b/doc/src/roadmap.html new file mode 100644 index 000000000..c9d85047c --- /dev/null +++ b/doc/src/roadmap.html @@ -0,0 +1,203 @@ +<html> +<head> +<title>FreeS/WAN roadmap</title> +<meta name="keywords" content="Linux, IPsec, VPN, security, FreeSWAN"> + +<!-- + +Written by Sandy Harris for the Linux FreeS/WAN project +Freely distributable under the GNU General Public License + +More information at www.freeswan.org +Feedback to users@lists.freeswan.org + +CVS information: +RCS ID: $Id: roadmap.html,v 1.1 2004/03/15 20:35:24 as Exp $ +Last changed: $Date: 2004/03/15 20:35:24 $ +Revision number: $Revision: 1.1 $ + +CVS revision numbers do not correspond to FreeS/WAN release numbers. +--> +</head> + +<body> +<h1><a name="roadmap">Distribution Roadmap: What's Where in Linux FreeS/WAN</a></h1> + +<p> +This file is a guide to the locations of files within the FreeS/WAN +distribution. Everything described here should be on your system once you +download, gunzip, and untar the distribution.</p> + +<p>This distribution contains two major subsystems +</p> +<dl> + <dt><a href="#klips.roadmap">KLIPS</a></dt> + <dd>the kernel code</dd> + <dt><a href="#pluto.roadmap">Pluto</a></dt> + <dd>the user-level key-management daemon</dd> +</dl> + +<p>plus assorted odds and ends. +</p> +<h2><a name="top">Top directory</a></h2> + +<p>The top directory has essential information in text files:</p> + +<dl> + <dt>README</dt> + <dd>introduction to the software</dd> + <dt>INSTALL</dt> + <dd>short experts-only installation procedures. More detalied procedures are in + <a href="install.html">installation</a> and + <a href="config.html">configuration</a> HTML documents.</dd> + <dt>BUGS</dt> + <dd>major known bugs in the current release.</dd> + <dt>CHANGES</dt> + <dd>changes from previous releases</dd> + <dt>CREDITS</dt> + <dd>acknowledgement of contributors</dd> + <dt>COPYING</dt> + <dd>licensing and distribution information</dd> +</dl> + +<h2><a name="doc">Documentation</a></h2> + +<p> +The doc directory contains the bulk of the documentation, most of it in +HTML format. See the <a href="index.html">index file</a> for details. +</p> + +<h2><a name="klips.roadmap">KLIPS: kernel IP security</a></h2> +</a> +<p> +<a href="glossary.html#KLIPS">KLIPS</a> is <strong>K</strong>erne<strong>L</strong> +<strong>IP</strong> <strong>S</strong>ecurity. It lives in the klips +directory, of course. +</p> +<dl> + <dt>klips/doc</dt> + <dd>documentation</dd> + <dt>klips/patches</dt> + <dd>patches for existing kernel files</dd> + <dt>klips/test</dt> + <dd>test stuff</dd> + <dt>klips/utils</dt> + <dd>low-level user utilities</dd> + <dt>klips/net/ipsec</dt> + <dd>actual klips kernel files</dd> + <dt>klips/src</dt> + <dd>symbolic link to klips/net/ipsec + <p>The "make insert" step of installation installs the patches and makes + a symbolic link from the kernel tree to klips/net/ipsec. The odd name of + klips/net/ipsec is dictated by some annoying limitations of the scripts + which build the Linux kernel. The symbolic-link business is a bit + messy, but all the alternatives are worse.</p> + <p></p> + </dd> + <dt>klips/utils</dt> + <dd>Utility programs: + <p></p> + <dl> + <dt>eroute</dt> + <dd>manipulate IPsec extended routing tables</dd> + <dt>klipsdebug</dt> + <dd>set Klips (kernel IPsec support) debug features and level</dd> + <dt>spi</dt> + <dd>manage IPsec Security Associations</dd> + <dt>spigrp</dt> + <dd>group/ungroup IPsec Security Associations</dd> + <dt>tncfg</dt> + <dd>associate IPsec virtual interface with real interface</dd> + </dl> + <p>These are all normally invoked by ipsec(8) with commands such as</p> + <pre> ipsec tncfg <var>arguments</var></pre> + There are section 8 man pages for all of these; the names have "ipsec_" + as a prefix, so your man command should be something like: + <pre> man 8 ipsec_tncfg</pre> + </dd> +</dl> + +<h2><a name="pluto.roadmap">Pluto key and connection management daemon</a></h2> + +<p> +<a href="glossary.html#Pluto">Pluto</a> is our key management and negotiation daemon. It +lives in the pluto directory, along with its low-level user utility, +whack. +</p> +<p> +There are no subdirectories. Documentation is a man page, +<a href="manpage.d/ipsec_pluto.8.html">pluto.8</a>. This covers whack as well. +</p> + +<h2><a name="utils">Utils</a></h2> + +<p> +The utils directory contains a growing collection of higher-level user +utilities, the commands that administer and control the software. Most of the +things that you will actually have to run yourself are in there. +</p> +<dl> + <dt>ipsec</dt> + <dd>invoke IPsec utilities + <p>ipsec(8) is normally the only program installed in a standard + directory, /usr/local/sbin. It is used to invoke the others, both those + listed below and the ones in klips/utils mentioned above.</p> + <p></p> + </dd> + <dt>auto</dt> + <dd>control automatically-keyed IPsec connections</dd> + <dt>manual</dt> + <dd>take manually-keyed IPsec connections up and down</dd> + <dt>barf</dt> + <dd>generate copious debugging output</dd> + <dt>look</dt> + <dd>generate moderate amounts of debugging output</dd> +</dl> +<p> +There are .8 manual pages for these. look is covered in barf.8. The man pages +have an "ipsec_" prefix so your man command should be something like: +<pre> + man 8 ipsec_auto +</pre> +<p> +Examples are in various files with names utils/*.eg</p> + +<h2><a name="lib">Libraries</a></h2> + +<h3><a name="fswanlib">FreeS/WAN Library</a></h3> + +<p> +The lib directory is the FreeS/WAN library, also steadily growing, used by +both user-level and kernel code.<br /> +It includes section 3 <a href="manpages.html">man pages</a> for the library routines. +</p> +<h3><a name="otherlib">Imported Libraries</a></h3> + +<h4>LibDES</h4> + +The libdes library, originally from SSLeay, is used by both Klips and Pluto +for <a href="glossary.html#3DES">Triple DES</a> encryption. Single DES is not +used because <a href="politics.html#desnotsecure">it is +insecure</a>. +<p> +Note that this library has its own license, different from the +<a href="glossary.html#GPL">GPL</a> used for other code in FreeS/WAN. + </p> +<p> +The library includes its own documentation. + + +<h4>GMP</h4> + +The GMP (GNU multi-precision) library is used for multi-precision arithmetic +in Pluto's key-exchange code and public key code. +<p> +Older versions (up to 1.7) of FreeS/WAN included a copy of this library in +the FreeS/WAN distribution. +<p> +Since 1.8, we have begun to rely on the system copy of GMP. +</p> + +</body> +</html> + |