ipsec − invoke IPsec utilities |
ipsec command [ argument ...] ipsec −−help |
Ipsec invokes any of several utilities involved in controlling the IPsec encryption/authentication system, running the specified command with the specified arguments as if it had been invoked directly. This largely eliminates possible name collisions with other software, and also permits some centralized services. In particular, ipsec supplies the invoked command with a suitable PATH environment variable, and also provides IPSEC_DIR, IPSEC_CONFS, and IPSEC_VERSION environment variables, containing respectively the full pathname of the directory where the IPsec utilities are stored, the full pathname of the directory where the configuration files live, and the IPsec version number. ipsec −−help lists the available commands. Most have their own manual pages, e.g. ipsec_auto(8) for auto. ipsec −−version outputs version information about Linux FreeS/WAN. A version code of the form ‘‘Uxxx/Kyyy’’ indicates that the user-level utilities are version xxx but the kernel portion appears to be version yyy (this form is used only if the two disagree). ipsec −−versioncode outputs just the version code, with none of −−version’s supporting information, for use by scripts. ipsec −−copyright supplies boring copyright details. ipsec −−directory reports where ipsec thinks the IPsec utilities are stored. ipsec −−confdir reports where ipsec thinks the IPsec configuration files are stored. |
/usr/lib/ipsec |
usual utilities directory |
The following environment variables control where FreeS/WAN finds its components. The ipsec command sets them if they are not already set. |
IPSEC_EXECDIR |
directory containing published commands |
|||
IPSEC_LIBDIR |
directory containing internal executables |
|||
IPSEC_SBINDIR |
directory containing ipsec command |
|||
IPSEC_CONFS |
directory containing configuration files |
ipsec.conf(5), ipsec.secrets(5), ipsec_auto(8), ipsec_barf(8), ipsec_setup(8), ipsec_showdefaults(8), ipsec_showhostkey(8) HTML documentation shipped with the release, starting with doc/index.html. <http://www.freeswan.org/doc.html> may also be of use. |
Written for Linux FreeS/WAN <http://www.freeswan.org> by Henry Spencer. |
The provision of centralized services, while convenient, does compromise the original concept of making the utilities invocable directly as well as via ipsec. |