ipsec » History » Version 2

« Previous - Version 2/30 (diff) - Next » - Current version
Martin Willi, 29.09.2007 12:54
added all supported sub commands

= ipsec =

'''ipsec''' is actually an umbrella command comprising a collection of individual sub commands of the form

''ipsec <command> [<argument>] [<options>]''

that can be used to control and monitor IPsec connections as well as the IKE daemons.

Control Commands

'''ipsec start [ ''<starter options>'' ]'''

'''ipsec stop'''

'''ipsec restart [ ''<starter options>'' ]'''
is equivalent to '''ipsec stop''' followed by '''ipsec start [ ''<starter options>'' ]''' after a sleep period of 2 seconds.

'''ipsec update'''

'''ipsec reload'''

'''ipsec up ''<conn name>'' '''

'''ipsec down ''<conn name>'' '''

'''ipsec route ''<conn name>'' '''

'''ipsec unroute ''<conn name>'' '''

'''ipsec status [ ''<conn name>'' ] '''

'''ipsec statusall [ ''<conn name>'' ] '''

Info Commands

'''ipsec version'''

'''ipsec copyright'''

'''ipsec --versioncode'''

'''ipsec --directory'''

'''ipsec --confdir'''

List Commands

'''ipsec listaacerts [ --utc ]'''

'''ipsec listacerts [ --utc ]'''

'''ipsec listalgs'''
lists all registered IKE and ESP encryption and authentication algorithms as well as the supported Diffie-Hellman groups.
Supported by the IKEv1 pluto daemon only.

'''ipsec listcacerts [ --utc ]'''

'''ipsec listcainfos [ --utc ]'''

'''ipsec listcards [ --utc ]'''
lists all certificates found on attached smart cards.
Supported by the IKEv1 pluto daemon only.

'''ipsec listcrls [ --utc ]'''

'''ipsec listcerts [ --utc ]'''

'''ipsec listgroups [ --utc ]'''

'''ipsec listocsp [ --utc ]'''

'''ipsec listocspcerts [ --utc ]'''

'''ipsec listpubkeys [ --utc ]'''
lists the cached RSA public keys.
Supported by the IKEv1 pluto daemon only.

'''ipsec listall [ --utc ]'''

Reread Commands

'''ipsec rereadaacerts'''

'''ipsec rereadacerts'''

'''ipsec rereadcacerts'''

'''ipsec rereadcrls'''

'''ipsec rereadocspcerts'''

'''ipsec rereadsecrets'''

'''ipsec secrets'''
is equivalent to '''ipsec rereadsecrets'''.

'''ipsec rereadall'''

Purge Commands

'''ipsec purgeocsp'''

PKCS11 Proxy Commands

'''ipsec scencrypt'''

'''ipsec scdecrypt'''