3 More Discussions You Might Find Interesting
1. IP Networking
Hi
ihave three link of internet and iwant to put one linux front of a firewall that this three linux speard firewall such az load balance and fialover but dont close any port and protocol and only firewall have been internet what way can i use for it ?
are there any script and services do that... (0 Replies)
Discussion started by: mnnn
0 Replies
2. Solaris
Me again :)
I'm trying to find a page describing the L2, L3 und L4 modes of dladm.
It's nice to read "hashed by ip header", but how should I use that?
On the file-server it's ok to have the six interfaces serving six clients each on it's own. But an rsync connection via switch between two... (8 Replies)
Discussion started by: PatrickBaer
8 Replies
3. UNIX for Dummies Questions & Answers
Can someone advise what the UNIX command for checking active Fibre Channels is?
I have used lcdev and this gives me a nice list of cards available to our box. The particular Fibre Channel I'm interested in is fcs6. This is showing as Available...if that is the case does this also mean that it is... (1 Reply)
Discussion started by: DavoH
1 Replies
LEARN ABOUT OSX
racoonctl
RACOONCTL(8) BSD System Manager's Manual RACOONCTL(8)
NAME
racoonctl -- racoon administrative control tool
SYNOPSIS
racoonctl reload-config
racoonctl show-schedule
racoonctl [-l [-l]] show-sa [isakmp|esp|ah|ipsec]
racoonctl flush-sa [isakmp|esp|ah|ipsec]
racoonctl delete-sa saopts
racoonctl establish-sa [-u identity] saopts
racoonctl vpn-connect [-u -identity] vpn_gateway
racoonctl vpn-disconnect vpn_gateway
racoonctl show-event [-l]
racoonctl logout-user login
DESCRIPTION
racoonctl is used to control racoon(8) operation, if ipsec-tools was configured with adminport support. Communication between racoonctl and
racoon(8) is done through a UNIX socket. By changing the default mode and ownership of the socket, you can allow non-root users to alter
racoon(8) behavior, so do that with caution.
The following commands are available:
reload-config
This should cause racoon(8) to reload its configuration file.
show-schedule
Unknown command.
show-sa [isakmp|esp|ah|ipsec]
Dump the SA: All the SAs if no SA class is provided, or either ISAKMP SAs, IPsec ESP SAs, IPsec AH SAs, or all IPsec SAs. Use -l to
increase verbosity.
flush-sa [isakmp|esp|ah|ipsec]
is used to flush all SAs if no SA class is provided, or a class of SAs, either ISAKMP SAs, IPsec ESP SAs, IPsec AH SAs, or all IPsec
SAs.
establish-sa [-u username] saopts
Establish an SA, either an ISAKMP SA, IPsec ESP SA, or IPsec AH SA. The optional -u username can be used when establishing an ISAKMP
SA while hybrid auth is in use. racoonctl will prompt you for the password associated with username and these credentials will be
used in the Xauth exchange.
saopts has the following format:
isakmp {inet|inet6} src dst
{esp|ah} {inet|inet6} src/prefixlen/port dst/prefixlen/port
{icmp|tcp|udp|any}
vpn-connect [-u username] vpn_gateway
This is a particular case of the previous command. It will establish an ISAKMP SA with vpn_gateway.
delete-sa saopts
Delete an SA, either an ISAKMP SA, IPsec ESP SA, or IPsec AH SA.
vpn-disconnect vpn_gateway
This is a particular case of the previous command. It will kill all SAs associated with vpn_gateway.
show-event [-l]
Dump all events reported by racoon(8), then quit. The -l flag causes racoonctl to not stop once all the events have been read, but
rather to loop awaiting and reporting new events.
logout-user login
Delete all SA established on behalf of the Xauth user login.
Command shortcuts are available:
rc reload-config
ss show-sa
sc show-schedule
fs flush-sa
ds delete-sa
es establish-sa
vc vpn-connect
vd vpn-disconnect
se show-event
lu logout-user
RETURN VALUES
The command should exit with 0 on success, and non-zero on errors.
FILES
/var/racoon/racoon.sock or
/var/run/racoon.sock racoon(8) control socket.
SEE ALSO
ipsec(4), racoon(8)
HISTORY
Once was kmpstat in the KAME project. It turned into racoonctl but remained undocumented for a while. Emmanuel Dreyfus <manu@NetBSD.org>
wrote this man page.
BSD
November 16, 2004 BSD