1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
|
.TH IPSEC_TNCFG 5 "27 Jun 2000"
.\"
.\" RCSID $Id: tncfg.5,v 1.1 2004/03/15 20:35:31 as Exp $
.\"
.SH NAME
ipsec_tncfg \- lists IPSEC virtual interfaces attached to real interfaces
.SH SYNOPSIS
.B ipsec
.B tncfg
.PP
.B cat
.B /proc/net/ipsec_tncfg
.SH DESCRIPTION
.I /proc/net/ipsec_tncfg
is a read-only file which lists which IPSEC virtual interfaces are
attached to which real interfaces, through which packets will be
forwarded once processed by IPSEC.
.PP
Each line lists one ipsec I/F.
A table entry consists of:
.IP + 3
an ipsec virtual I/F name
.IP +
a visual and machine parsable separator '->', separating the virtual I/F
and the physical I/F,
.IP +
a physical I/F name, to which the ipsec virtual I/F is attached or NULL
if it is not attached,
.IP +
the keyword
.BR mtu= ,
.IP +
the MTU of the ipsec virtual I/F,
.IP +
the automatically adjusted effective MTU for PMTU discovery, in brackets,
.IP +
a visual and machine parsable separator '->', separating the virtual I/F
MTU and the physical I/F MTU,
.IP +
the MTU of the attached physical I/F.
.BR
.SH EXAMPLES
.TP
.B ipsec2 -> eth3 mtu=16260(1443) -> 1500
.LP
shows that virtual device
.B ipsec2
with an MTU of
.B 16260
is connected to physical device
.B eth3
with an MTU of
.B 1500
and that the effective MTU as a result of PMTU discovery has been
automatically set to
.BR 1443.
.TP
.B ipsec0 \-> wvlan0 mtu=1400(16260) \-> 1500
.LP
shows that virtual device
.B ipsec0
with an MTU of
.B 1400
is connected to physical device
.B wvlan0
with an MTU of
.B 1500
and no PMTU packets have gotten far enough to bump down the effective MTU
from its default of 16260.
.TP
.B ipsec3 \-> NULL mtu=0(0) \-> 0
.LP
shows that virtual device
.B ipsec3
is not connected to any physical device.
.LP
.SH "FILES"
/proc/net/ipsec_tncfg, /usr/local/bin/ipsec
.SH "SEE ALSO"
ipsec(8), ipsec_manual(8), ipsec_eroute(5), ipsec_spi(5),
ipsec_spigrp(5), ipsec_klipsdebug(5), ipsec_tncfg(8), ipsec_version(5),
ipsec_pf_key(5)
.SH HISTORY
Written for the Linux FreeS/WAN project
<http://www.freeswan.org/>
by Richard Guy Briggs.
.\"
.\" $Log: tncfg.5,v $
.\" Revision 1.1 2004/03/15 20:35:31 as
.\" added files from freeswan-2.04-x509-1.5.3
.\"
.\" Revision 1.5 2002/04/24 07:35:41 mcr
.\" Moved from ./klips/utils/tncfg.5,v
.\"
.\" Revision 1.4 2001/05/29 05:15:53 rgb
.\" Added PMTU to output format.
.\"
.\" Revision 1.3 2000/06/30 18:21:55 rgb
.\" Update SEE ALSO sections to include ipsec_version(5) and ipsec_pf_key(5)
.\" and correct FILES sections to no longer refer to /dev/ipsec which has
.\" been removed since PF_KEY does not use it.
.\"
.\" Revision 1.2 2000/06/28 12:44:12 henry
.\" format touchup
.\"
.\" Revision 1.1 2000/06/28 05:43:01 rgb
.\" Added manpages for all 5 klips utils.
.\"
.\"
|