HostedDB - Dedicated UNIX Servers

Securing-Optimizing-RH-Linux-1_2_314
Comments and suggestions concerning this book should be mailed to gmourani@videotron.ca © Copyright 1999-2000 Gerhard Mourani and Open Network Architecture ® 314 192.168.1.0/24       192.168.1.0/24 |     | 192.168.1.1   192.168.1.2 A last note about testing the installation of FreeSWAN IPSEC, if you encounter a problem that you are incapable to resolve, you can use the following command to make an output of a collection of debugging information (contents of  files, selections from logs, etc.) related to the IPSEC encryption/authentication system that you should send to the Linux-IPSEC Mailing List (linux-ipsec@clinet.fi) to help you. · Use the following command to make an output of a collection of debugging information: [root@deep /]# ipsec barf > result This command is primarily a convenience for remote debugging, a single command which packages up (and labels) all information that might be relevant to diagnosing a problem in IPSEC. Further documentation For more details, there are several man pages you can read: $ man ipsec (8)   - invoke IPSEC utilities $ man ipsec atoaddr, addrtoa (3)   - convert Internet addresses to and from ASCII $ man ipsec atoasr (3)       - convert ASCII to Internet address, subnet, or range $ man ipsec atobytes, bytestoa (3)   - convert binary data bytes from and to ASCII formats $ man ipsec atodata, datatoa (3)   - convert binary data from and to ASCII formats $ man ipsec atosa, satoa (3)   - convert IPSEC Security Association IDs to and from ASCII $ man ipsec atosubnet, subnettoa (3)    - convert subnet/mask ASCII form to and from addresses  $ man ipsec atoul, ultoa (3)   - convert unsigned-long numbers to and from ASCII $ man ipsec auto (8)         - control automatically-keyed IPSEC connections $ man ipsec barf (8)         - spew out collected IPSEC debugging information $ man ipsec bitstomask (3)   - convert bit count to Internet subnet mask $ man ipsec eroute (8)       - manipulate IPSEC extended routing tables  $ man ipsec goodmask (3)     - is this Internet subnet mask a valid one? $ man ipsec hostof (3)       - given Internet address and subnet mask, return host part $ man ipsec klipsdebug (8)   - set Klips (kernel IPSEC support) debug features and level $ man ipsec look (8)         - show minimal debugging information $ man ipsec manual (8)       - take manually-keyed IPSEC connections up and down $ man ipsec masktobits (3)   - convert Internet subnet mask to bit count $ man ipsec optionsfrom (3)   - read additional ``command-line'' options from file $ man ipsec pluto (8)        - IPsec IKE keying daemon $ man ipsec ranbits (8)      - generate random bits in ASCII form  $ man ipsec rangetoa (3)     - convert Internet address range to ASCII $ man ipsec rsasigkey (8)    - generate RSA signature key $ man ipsec setup (8)        - control IPSEC subsystem  $ man ipsec spi (8)          - manage IPSEC Security Associations  $ man ipsec spigrp (8)       - group/ungroup IPSEC Security Associations  $ man ipsec subnetof (3)     - given Internet address and subnet mask, return subnet number $ man ipsec tncfg (8)        - associate IPSEC virtual interface with real interface $ man ipsec whack (8)        - control interface for IPSEC keying daemon $ man ipsec.conf (5)         - IPSEC configuration and connections  $ man ipsec.secrets (5)      - secrets for IKE/IPsec authentication $ man ipsec (8)              - invoke IPSEC utilities $ man ipsec atoaddr, addrtoa (3)   - convert Internet addresses to and from ASCII $ man ipsec atoasr (3)       - convert ASCII to Internet address, subnet, or range $ man ipsec atobytes, bytestoa (3)   - convert binary data bytes from and to ASCII formats $ man ipsec atodata, datatoa (3)   - convert binary data from and to ASCII formats $ man ipsec atosa, satoa (3)   - convert IPSEC Security Association IDs to and from ASCII $ man ipsec atosubnet, subnettoa (3)    - convert subnet/mask ASCII form to and from addresses  $ man ipsec atoul, ultoa (3)   - convert unsigned-long numbers to and from ASCII $ man ipsec auto (8)         - control automatically-keyed IPSEC connections