1
<?xml version="1.0" encoding="ISO-8859-1"?>
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
3
"http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
4
<!-- lifted from troff+man by doclifter -->
7
<refentrytitle>IPSEC_KLIPSDEBUG</refentrytitle>
8
<manvolnum>5</manvolnum>
9
<refmiscinfo class='date'>26 Jun 2000</refmiscinfo>
11
<refnamediv id='name'>
12
<refname>ipsec_klipsdebug</refname>
13
<refpurpose>list KLIPS (kernel IPSEC support) debug features and level</refpurpose>
15
<!-- body begins here -->
16
<refsynopsisdiv id='synopsis'>
18
<command>ipsec</command>
19
<arg choice='plain'><replaceable>klipsdebug</replaceable></arg>
21
<arg choice='plain'><replaceable>cat/proc/net/ipsec_klipsdebug</replaceable></arg>
26
<refsect1 id='description'><title>DESCRIPTION</title>
27
<para><filename>/proc/net/ipsec_klipsdebug</filename>
28
lists flags that control various parts of the debugging output of Klips
29
(the kernel portion of FreeS/WAN IPSEC).
30
At this point it is a read-only file.</para>
32
<para>A table entry consists of:</para>
33
<variablelist remap='IP'>
37
<para>a KLIPS debug variable</para>
43
<para>a '=' separator for visual and automated parsing between the variable
44
name and its current value</para>
50
<para>hexadecimal bitmap of variable's flags.</para>
55
<para>The variable names roughly describe the scope of the debugging variable.
56
Currently, no flags are documented or individually accessible yet except
60
<para>The variable names are:</para>
61
<variablelist remap='TP'>
63
<term><emphasis remap='B'>tunnel</emphasis></term>
65
<para>tunnelling code</para>
69
<term><emphasis remap='B'>netlink</emphasis></term>
71
<para>userspace communication code (obsolete)</para>
75
<term><emphasis remap='B'>xform</emphasis></term>
77
<para>transform selection and manipulation code</para>
81
<term><emphasis remap='B'>eroute</emphasis></term>
83
<para>eroute table manipulation code</para>
87
<term><emphasis remap='B'>spi</emphasis></term>
89
<para>SA table manipulation code</para>
93
<term><emphasis remap='B'>radij</emphasis></term>
95
<para>radij tree manipulation code</para>
99
<term><emphasis remap='B'>esp</emphasis></term>
101
<para>encryptions transforms code</para>
105
<term><emphasis remap='B'>ah</emphasis></term>
107
<para>authentication transforms code</para>
111
<term><emphasis remap='B'>rcv</emphasis></term>
113
<para>receive code</para>
117
<term><emphasis remap='B'>ipcomp</emphasis></term>
119
<para>ip compression transforms code</para>
123
<term><emphasis remap='B'>verbose</emphasis></term>
125
<para>give even more information, beware this will probably trample the 4k kernel printk buffer giving inaccurate output</para>
130
<para>All KLIPS debug output appears as
131
<emphasis remap='B'>kernel.info</emphasis>
133
<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
134
Most systems are set up
135
to log these messages to
136
<filename>/var/log/messages</filename>.</para>
140
<refsect1 id='examples'><title>EXAMPLES</title>
141
<para><emphasis remap='B'>debug_tunnel=00000010.</emphasis>
143
<emphasis remap='B'>debug_netlink=00000000.</emphasis>
145
<emphasis remap='B'>debug_xform=00000000.</emphasis>
147
<emphasis remap='B'>debug_eroute=00000000.</emphasis>
149
<emphasis remap='B'>debug_spi=00000000.</emphasis>
151
<emphasis remap='B'>debug_radij=00000000.</emphasis>
153
<emphasis remap='B'>debug_esp=00000000.</emphasis>
155
<emphasis remap='B'>debug_ah=00000000.</emphasis>
157
<emphasis remap='B'>debug_rcv=00000000.</emphasis>
159
<emphasis remap='B'>debug_pfkey=ffffffff.</emphasis></para>
162
<emphasis remap='B'>tunnel</emphasis>
163
flag has been set (tunnel-xmit),
165
<emphasis remap='B'>pfkey</emphasis>
166
sockets debugging has been set and everything else is not set.</para>
170
<refsect1 id='files'><title>FILES</title>
171
<para>/proc/net/ipsec_klipsdebug, /usr/local/bin/ipsec</para>
174
<refsect1 id='see_also'><title>SEE ALSO</title>
175
<para>ipsec(8), ipsec_manual(8), ipsec_tncfg(8), ipsec_eroute(8),
176
ipsec_spi(8), ipsec_spigrp(8), ipsec_klipsdebug(5), ipsec_version(5),
177
ipsec_pf_key(5)</para>
180
<refsect1 id='history'><title>HISTORY</title>
181
<para>Written for the Linux FreeS/WAN project
182
<<ulink url='http://www.freeswan.org/'>http://www.freeswan.org/</ulink>>
183
by Richard Guy Briggs.</para>
185
<!-- $Log: klipsdebug.5.xml,v $
186
<!-- Revision 1.1 2004/05/26 17:49:15 ken
187
<!-- Import XML version
189
<!-- Revision 1.5 2002/04/24 07:35:38 mcr -->
190
<!-- Moved from ./klips/utils/klipsdebug.5,v -->
192
<!-- Revision 1.4 2000/10/10 20:10:19 rgb -->
193
<!-- Added support for debug_ipcomp and debug_verbose to klipsdebug. -->
195
<!-- Revision 1.3 2000/06/30 18:21:55 rgb -->
196
<!-- Update SEE ALSO sections to include <citerefentry><refentrytitle>ipsec_version</refentrytitle><manvolnum>5</manvolnum></citerefentry> and <citerefentry><refentrytitle>ipsec_pf_key</refentrytitle><manvolnum>5</manvolnum></citerefentry> -->
197
<!-- and correct FILES sections to no longer refer to /dev/ipsec which has -->
198
<!-- been removed since PF_KEY does not use it. -->
200
<!-- Revision 1.2 2000/06/28 12:44:12 henry -->
201
<!-- format touchup -->
203
<!-- Revision 1.1 2000/06/28 05:43:00 rgb -->
204
<!-- Added manpages for all 5 klips utils. -->