aboutsummaryrefslogtreecommitdiffstats
path: root/programs/pf_key/pf_key.8
blob: dd42bf54179bc58f1e0508e346f4bfdf2118bb34 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
.TH IPSEC_PF_KEY 8 "17 Oct 2001"
.\"
.\" RCSID $Id: pf_key.8,v 1.2 2005/07/07 19:07:43 as Exp $
.\"
.SH NAME
pf_key \- shows pfkey messages emitted by the kernel
.SH SYNOPSIS
.B pf_key
.B \-\-ah
.B \-\-esp
.B \-\-ipip
.B \-\-ipcomp
.B \-\-daemon 
.I file
.BR hmac-md5-96 | hmac-sha1-96
.SH DESCRIPTION
.B pf_key
is a program to open a PF_KEY socket and print all messages that are received
from it. With no options, it will register itself to receive key requests for
AH, ESP, IPIP and IPCOMP security associations. If given more specific
options, then it will listen only to those protocols which are listed.
.PP
If the messages are recognized, the messages will be decoded.
.PP
If the option 
.B \-\-daemon
is provided, then after doing the registrations, the program will fork
into the background. The provided file will be opened and the process ID of
the background process will be written to it. This option is present to
present race conditions in regression testing.
.SH EXAMPLES
.TP
.\".B "pfkey v.2 msg. type 3 seq=20 len=2 errno=22 satype=3"
.SH "FILES"
/proc/net/pf_key
.SH "SEE ALSO"
pf_key(5), ipsec(8), ipsec_manual(8), ipsec_eroute(5), ipsec_spi(5),
ipsec_spigrp(5), ipsec_klipsdebug(5), ipsec_tncfg(8), ipsec_version(5)
.SH HISTORY
Written for the Linux FreeS/WAN project
<http://www.freeswan.org/>
by Michael Richardson <mcr@freeswan.org>
.\"
.\" $Log: pf_key.8,v $
.\" Revision 1.2  2005/07/07 19:07:43  as
.\" fixed man page type
.\"
.\" Revision 1.1  2004/03/15 20:35:28  as
.\" added files from freeswan-2.04-x509-1.5.3
.\"
.\" Revision 1.4  2002/07/16 02:53:42  mcr
.\" 	added --daemon <pidfile> to "ipsec pf_key" command.
.\" 	this is used in *-trap-* tests to avoid race conditions between
.\" 	registration of PF_KEY listeners and arrival of first test packet.
.\"
.\" Revision 1.3  2002/04/24 07:35:39  mcr
.\" Moved from ./klips/utils/pf_key.8,v
.\"
.\" Revision 1.2  2001/11/23 07:23:14  mcr
.\" 	pulled up klips2 Makefile and pf_key code.
.\"
.\" Revision 1.1.2.1  2001/10/23 18:49:12  mcr
.\" 	renamed man page to section 8.
.\" 	added --ah, --esp, --ipcomp and --ipip to control which
.\" 	protocols are printed.
.\" 	incomplete messages which include at least an sadb header are printed.
.\"
.\" Revision 1.1.2.1  2001/10/17 23:25:37  mcr
.\" 	added "pk_key" program to dump raw kernel pf messages.
.\" 	(program is still skeletal)
.\"
.\"
.\"