1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
|
Content-type: text/html
<HTML><HEAD><TITLE>Manpage of IPSEC_VERIFY</TITLE>
</HEAD><BODY>
<H1>IPSEC_VERIFY</H1>
Section: Maintenance Commands (8)<BR>Updated: 8 June 2002<BR><A HREF="#index">Index</A>
<A HREF="http://localhost/cgi-bin/man/man2html">Return to Main Contents</A><HR>
<A NAME="lbAB"> </A>
<H2>NAME</H2>
ipsec verify - see if FreeSWAN has been installed correctly
<A NAME="lbAC"> </A>
<H2>SYNOPSIS</H2>
<B>ipsec</B>
<B>verify</B>
[
<B>--host</B>
name ]
<A NAME="lbAD"> </A>
<H2>DESCRIPTION</H2>
<P>
Invoked without argument,
<I>verify </I>
examines the local system for a number of common system faults:
IPsec not in path, no secrets file generated,
pluto not running, and IPsec support not present in kernel
(or IPsec module not loaded).
If two or more interfaces are found, it performs checks relevant on an
IPsec gateway: whether IP forwarding is allowed, and if so,
whether MASQ or NAT rules are in play.
<P>
In addition,
<I>verify </I>
performs checks relevant to Opportunistic Encryption.
It looks in forward DNS for a TXT record for the system's hostname, and
in reverse DNS for a TXT record for the system's IP addresses.
It checks whether the system has a public IP.
<P>
The
<B>--host</B>
option causes
<B>verify</B>
to look for a TXT record for
<I>name</I>
in forward and reverse DNS.
<A NAME="lbAE"> </A>
<H2>FILES</H2>
<PRE>
/proc/net/ipsec_eroute
/etc/ipsec.secrets
</PRE>
<A NAME="lbAF"> </A>
<H2>HISTORY</H2>
Written for the Linux FreeS/WAN project
<<A HREF="http://www.freeswan.org">http://www.freeswan.org</A>>
by Michael Richardson.
<A NAME="lbAG"> </A>
<H2>BUGS</H2>
<I>Verify </I>
does not check for
<B>ipchains</B>
masquerading.
<P>
<I>Verify</I>
does not look for TXT records for Opportunistic clients behind the system.
<P>
<HR>
<A NAME="index"> </A><H2>Index</H2>
<DL>
<DT><A HREF="#lbAB">NAME</A><DD>
<DT><A HREF="#lbAC">SYNOPSIS</A><DD>
<DT><A HREF="#lbAD">DESCRIPTION</A><DD>
<DT><A HREF="#lbAE">FILES</A><DD>
<DT><A HREF="#lbAF">HISTORY</A><DD>
<DT><A HREF="#lbAG">BUGS</A><DD>
</DL>
<HR>
This document was created by
<A HREF="http://localhost/cgi-bin/man/man2html">man2html</A>,
using the manual pages.<BR>
Time: 21:40:18 GMT, November 11, 2003
</BODY>
</HTML>
|
