ipsec » History » Version 2
Version 1 (Martin Willi, 29.09.2007 09:42) → Version 2/32 (Martin Willi, 29.09.2007 12:54)
= ipsec =
'''ipsec''' is actually an umbrella command comprising a collection of individual sub commands of the form
''ipsec <command> [<argument>] [<options>]''
that can be used to control and monitor IPsec connections as well as the IKE daemons.
== Control Commands ==
'''ipsec start [ ''<starter options>'' ]'''
'''ipsec stop'''
'''ipsec restart [ ''<starter options>'' ]'''
is equivalent to '''ipsec stop''' followed by '''ipsec start [ ''<starter options>'' ]''' after a sleep period of 2 seconds.
'''ipsec update'''
'''ipsec reload'''
'''ipsec up ''<conn name>'' '''
'''ipsec down ''<conn name>'' '''
'''ipsec route ''<conn name>'' '''
'''ipsec unroute ''<conn name>'' '''
'''ipsec status [ ''<conn name>'' ] '''
'''ipsec statusall [ ''<conn name>'' ] '''
== Info Commands ==
'''ipsec version'''
'''ipsec copyright'''
'''ipsec --versioncode'''
'''ipsec --directory'''
'''ipsec --confdir'''
== List Commands ==
'''ipsec listaacerts [ --utc ]'''
'''ipsec listacerts [ --utc ]'''
'''ipsec listalgs'''
lists all registered IKE and ESP encryption and authentication algorithms as well as the supported Diffie-Hellman groups.
Supported by the IKEv1 pluto daemon only.
'''ipsec listcacerts [ --utc ]'''
'''ipsec listcainfos [ --utc ]'''
'''ipsec listcards [ --utc ]'''
lists all certificates found on attached smart cards.
Supported by the IKEv1 pluto daemon only.
'''ipsec listcrls [ --utc ]'''
'''ipsec listcerts [ --utc ]'''
'''ipsec listgroups [ --utc ]'''
'''ipsec listocsp [ --utc ]'''
'''ipsec listocspcerts [ --utc ]'''
'''ipsec listpubkeys [ --utc ]'''
lists the cached RSA public keys.
Supported by the IKEv1 pluto daemon only.
'''ipsec listall [ --utc ]'''
== Reread Commands ==
'''ipsec rereadaacerts'''
'''ipsec rereadacerts'''
'''ipsec rereadcacerts'''
'''ipsec rereadcrls'''
'''ipsec rereadocspcerts'''
'''ipsec rereadsecrets'''
'''ipsec secrets'''
is equivalent to '''ipsec rereadsecrets'''.
'''ipsec rereadall'''
== Purge Commands ==
'''ipsec purgeocsp'''
== PKCS11 Proxy Commands ==
'''ipsec scencrypt'''
'''ipsec scdecrypt'''
'''ipsec''' is actually an umbrella command comprising a collection of individual sub commands of the form
''ipsec <command> [<argument>] [<options>]''
that can be used to control and monitor IPsec connections as well as the IKE daemons.
== Control Commands ==
'''ipsec start [ ''<starter options>'' ]'''
'''ipsec stop'''
'''ipsec restart [ ''<starter options>'' ]'''
is equivalent to '''ipsec stop''' followed by '''ipsec start [ ''<starter options>'' ]''' after a sleep period of 2 seconds.
'''ipsec update'''
'''ipsec reload'''
'''ipsec up ''<conn name>'' '''
'''ipsec down ''<conn name>'' '''
'''ipsec route ''<conn name>'' '''
'''ipsec unroute ''<conn name>'' '''
'''ipsec status [ ''<conn name>'' ] '''
'''ipsec statusall [ ''<conn name>'' ] '''
== Info Commands ==
'''ipsec version'''
'''ipsec copyright'''
'''ipsec --versioncode'''
'''ipsec --directory'''
'''ipsec --confdir'''
== List Commands ==
'''ipsec listaacerts [ --utc ]'''
'''ipsec listacerts [ --utc ]'''
'''ipsec listalgs'''
lists all registered IKE and ESP encryption and authentication algorithms as well as the supported Diffie-Hellman groups.
Supported by the IKEv1 pluto daemon only.
'''ipsec listcacerts [ --utc ]'''
'''ipsec listcainfos [ --utc ]'''
'''ipsec listcards [ --utc ]'''
lists all certificates found on attached smart cards.
Supported by the IKEv1 pluto daemon only.
'''ipsec listcrls [ --utc ]'''
'''ipsec listcerts [ --utc ]'''
'''ipsec listgroups [ --utc ]'''
'''ipsec listocsp [ --utc ]'''
'''ipsec listocspcerts [ --utc ]'''
'''ipsec listpubkeys [ --utc ]'''
lists the cached RSA public keys.
Supported by the IKEv1 pluto daemon only.
'''ipsec listall [ --utc ]'''
== Reread Commands ==
'''ipsec rereadaacerts'''
'''ipsec rereadacerts'''
'''ipsec rereadcacerts'''
'''ipsec rereadcrls'''
'''ipsec rereadocspcerts'''
'''ipsec rereadsecrets'''
'''ipsec secrets'''
is equivalent to '''ipsec rereadsecrets'''.
'''ipsec rereadall'''
== Purge Commands ==
'''ipsec purgeocsp'''
== PKCS11 Proxy Commands ==
'''ipsec scencrypt'''
'''ipsec scdecrypt'''