diff options
Diffstat (limited to 'doc/manpage.d/ipsec_barf.8.html')
| -rw-r--r-- | doc/manpage.d/ipsec_barf.8.html | 150 |
1 files changed, 150 insertions, 0 deletions
diff --git a/doc/manpage.d/ipsec_barf.8.html b/doc/manpage.d/ipsec_barf.8.html new file mode 100644 index 000000000..e7b7200e0 --- /dev/null +++ b/doc/manpage.d/ipsec_barf.8.html @@ -0,0 +1,150 @@ +Content-type: text/html + +<HTML><HEAD><TITLE>Manpage of IPSEC_BARF</TITLE> +</HEAD><BODY> +<H1>IPSEC_BARF</H1> +Section: Maintenance Commands (8)<BR>Updated: 17 March 2002<BR><A HREF="#index">Index</A> +<A HREF="http://localhost/cgi-bin/man/man2html">Return to Main Contents</A><HR> + + +<A NAME="lbAB"> </A> +<H2>NAME</H2> + +ipsec barf - spew out collected IPsec debugging information +<A NAME="lbAC"> </A> +<H2>SYNOPSIS</H2> + +<B>ipsec</B> + +<B>barf</B> + +[ +<B>--short</B> + +] +<P> +<A NAME="lbAD"> </A> +<H2>DESCRIPTION</H2> + +<I>Barf</I> + +outputs (on standard output) a collection of debugging information +(contents of files, selections from logs, etc.) +related to the IPsec encryption/authentication system. +It is primarily a convenience for remote debugging, +a single command which packages up (and labels) all information +that might be relevant to diagnosing a problem in IPsec. +<P> + +<P> + +The +<B>--short</B> + +option limits the length of +the log portion of +<I>barf</I>'s + +output, which can otherwise be extremely voluminous +if debug logging is turned on. +<P> + +<I>Barf</I> + +censors its output, +replacing keys +and secrets with brief checksums to avoid revealing sensitive information. +<P> + +Beware that the output of both commands is aimed at humans, +not programs, +and the output format is subject to change without warning. +<P> + +<I>Barf</I> + +has to figure out which files in +<I>/var/log</I> + +contain the IPsec log messages. +It looks for KLIPS and general log messages first in +<I>messages</I> + +and +<I>syslog</I>, + +and for Pluto messages first in +<I>secure</I>, + +<I>auth.log</I>, + +and +<I>debug</I>. + +In both cases, +if it does not find what it is looking for in one of those ``likely'' places, +it will resort to a brute-force search of most (non-compressed) files in +<I>/var/log</I>. + +<A NAME="lbAE"> </A> +<H2>FILES</H2> + +<PRE> +/proc/net/* +/var/log/* +/etc/ipsec.conf +/etc/ipsec.secrets +</PRE> + +<A NAME="lbAF"> </A> +<H2>HISTORY</H2> + +Written for the Linux FreeS/WAN project +<<A HREF="http://www.freeswan.org">http://www.freeswan.org</A>> +by Henry Spencer. +<A NAME="lbAG"> </A> +<H2>BUGS</H2> + +<I>Barf</I> + +uses heuristics to try to pick relevant material out of the logs, +and relevant messages +which are not labelled with any of the tags that +<I>barf</I> + +looks for will be lost. +We think we've eliminated the last such case, but one never knows... +<P> + +Finding +<I>updown</I> + +scripts (so they can be included in output) is, in general, difficult. +<I>Barf</I> + +uses a very simple heuristic that is easily fooled. +<P> + +The brute-force search for the right log files can get expensive on +systems with a lot of clutter in +<I>/var/log</I>. + +<P> + +<HR> +<A NAME="index"> </A><H2>Index</H2> +<DL> +<DT><A HREF="#lbAB">NAME</A><DD> +<DT><A HREF="#lbAC">SYNOPSIS</A><DD> +<DT><A HREF="#lbAD">DESCRIPTION</A><DD> +<DT><A HREF="#lbAE">FILES</A><DD> +<DT><A HREF="#lbAF">HISTORY</A><DD> +<DT><A HREF="#lbAG">BUGS</A><DD> +</DL> +<HR> +This document was created by +<A HREF="http://localhost/cgi-bin/man/man2html">man2html</A>, +using the manual pages.<BR> +Time: 21:40:17 GMT, November 11, 2003 +</BODY> +</HTML> |