DragonFly On-Line Manual Pages

Search: Section:  

spmdctl(8)                                                          spmdctl(8)


NAME

       spmdctl - Control spmd


SYNOPSIS

       spmdctl [option] COMMAND


DESCRIPTION

       spmdctl connects to the spmd interface which is specified in racoon2
       configuration file, and requests operation to spmd.
       Available operations are:

              set, get, and delete DNS server address(es) for spmd DNS proxy
              function.

              add IPsec Policy.

              get spmd statistics.

       The following options are available:

       -d     Display all messages which exchanged with spmd.

       -f FILE
              Specify racoon2 configuration file name FILE.

       The following COMMANDs are available:

       ns add ADDRESS

              Add DNS server address ADDRESS to spmd DNS server list.

       ns delete ADDRESS

              Delete DNS server address ADDRESS from spmd DNS server list.

       ns list

              Show DNS server address(es) in spmd DNS Server list.  Top line
              is currently used.

       policy add SELECTOR_INDEX LIFETIME {transport|tunnel| SP_SRC_IPADDR
       SP_DST_IPADDR [SA_SRC_IP_ADDR SA_DST_IPADDR]

              Request spmd to add IPsec Security Policy to in-kernel IPsec
              Security Policy DataBase(SPD).

              SELECTOR_INDEX is a selector index string which described in
              racoon2 configuration file.

              LIFETIME is the lifetime duration(sec) for this IPsec Security
              Policy.

              transport|tunnel transport means this IPsec Security Policy is
              transport mode.  tunnel means tunnel mode.

              SP_SRC_IPADDR is the source IP address for this IPsec Security
              Policy.

              SP_DST_IPADDR is the destination IP address for this IPsec
              Security Policy.

              SA_SRC_IPADDR is the IPsec SA source IP address associated with
              this IPsec Security Policy. This is only required in tunnel
              mode.

              SA_DST_IPADDR is the IPsec SA destination IP address associated
              with this IPsec Security Policy. This is only required in tunnel
              mode.

       policy delete SELECTOR_INDEX

              Request spmd to delete IPsec Security Policy to in-kernel IPsec
              Security DataBase(SPD).

              SELECTOR_INDEX is a selector index string which described in
              racoon2 configuration file.

       policy show

              Dump IPsec Security Policies.  If 'selector=' field is empty in
              a displayed IPsec Security Policy entry, this Policy is out of
              racoon2 management.

       interactive
              Connect to spmd and just login. You can talk to spmd directly.
              This command is available when you compiled spmdctl with
              DEBUG_SPMD.

       status Show spmd statistics.


FILES

       racoon2.conf


AUTHORS

       WIDE Project, racoon2 project <http://www.racoon2.wide.ad.jp/>


BUGS

       policy add command currently doesn't support tunnel mode.


SEE ALSO

       spmd(8) racoon2.conf(5) racoon2(7).

                                   20050624                         spmdctl(8)

Search: Section: