|
Packit Service |
3880ab |
.TH IP\-XFRM 8 "20 Dec 2011" "iproute2" "Linux"
|
|
Packit Service |
3880ab |
.SH "NAME"
|
|
Packit Service |
3880ab |
ip-xfrm \- transform configuration
|
|
Packit Service |
3880ab |
.SH "SYNOPSIS"
|
|
Packit Service |
3880ab |
.sp
|
|
Packit Service |
3880ab |
.ad l
|
|
Packit Service |
3880ab |
.in +8
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.B ip
|
|
Packit Service |
3880ab |
.RI "[ " OPTIONS " ]"
|
|
Packit Service |
3880ab |
.B xfrm
|
|
Packit Service |
3880ab |
.RI " { " COMMAND " | "
|
|
Packit Service |
3880ab |
.BR help " }"
|
|
Packit Service |
3880ab |
.sp
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.B "ip xfrm"
|
|
Packit Service |
3880ab |
.IR XFRM-OBJECT " { " COMMAND " | "
|
|
Packit Service |
3880ab |
.BR help " }"
|
|
Packit Service |
3880ab |
.sp
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR XFRM-OBJECT " :="
|
|
Packit Service |
3880ab |
.BR state " | " policy " | " monitor
|
|
Packit Service |
3880ab |
.sp
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.BR "ip xfrm state" " { " add " | " update " } "
|
|
Packit Service |
3880ab |
.IR ID " [ " ALGO-LIST " ]"
|
|
Packit Service |
3880ab |
.RB "[ " mode
|
|
Packit Service |
3880ab |
.IR MODE " ]"
|
|
Packit Service |
3880ab |
.RB "[ " mark
|
|
Packit Service |
3880ab |
.I MARK
|
|
Packit Service |
3880ab |
.RB "[ " mask
|
|
Packit Service |
3880ab |
.IR MASK " ] ]"
|
|
Packit Service |
3880ab |
.RB "[ " reqid
|
|
Packit Service |
3880ab |
.IR REQID " ]"
|
|
Packit Service |
3880ab |
.RB "[ " seq
|
|
Packit Service |
3880ab |
.IR SEQ " ]"
|
|
Packit Service |
3880ab |
.RB "[ " replay-window
|
|
Packit Service |
3880ab |
.IR SIZE " ]"
|
|
Packit Service |
3880ab |
.RB "[ " replay-seq
|
|
Packit Service |
3880ab |
.IR SEQ " ]"
|
|
Packit Service |
3880ab |
.RB "[ " replay-oseq
|
|
Packit Service |
3880ab |
.IR SEQ " ]"
|
|
Packit Service |
3880ab |
.RB "[ " replay-seq-hi
|
|
Packit Service |
3880ab |
.IR SEQ " ]"
|
|
Packit Service |
3880ab |
.RB "[ " replay-oseq-hi
|
|
Packit Service |
3880ab |
.IR SEQ " ]"
|
|
Packit Service |
3880ab |
.RB "[ " flag
|
|
Packit Service |
3880ab |
.IR FLAG-LIST " ]"
|
|
Packit Service |
3880ab |
.RB "[ " sel
|
|
Packit Service |
3880ab |
.IR SELECTOR " ] [ " LIMIT-LIST " ]"
|
|
Packit Service |
3880ab |
.RB "[ " encap
|
|
Packit Service |
3880ab |
.IR ENCAP " ]"
|
|
Packit Service |
3880ab |
.RB "[ " coa
|
|
Packit Service |
3880ab |
.IR ADDR "[/" PLEN "] ]"
|
|
Packit Service |
3880ab |
.RB "[ " ctx
|
|
Packit Service |
3880ab |
.IR CTX " ]"
|
|
Packit Service |
3880ab |
.RB "[ " extra-flag
|
|
Packit Service |
3880ab |
.IR EXTRA-FLAG-LIST " ]"
|
|
Packit Service |
3880ab |
.RB "[ " output-mark
|
|
Packit Service |
3880ab |
.IR OUTPUT-MARK " ]"
|
|
Packit Service |
3880ab |
.RB "[ " if_id
|
|
Packit Service |
3880ab |
.IR IF-ID " ]"
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.B "ip xfrm state allocspi"
|
|
Packit Service |
3880ab |
.I ID
|
|
Packit Service |
3880ab |
.RB "[ " mode
|
|
Packit Service |
3880ab |
.IR MODE " ]"
|
|
Packit Service |
3880ab |
.RB "[ " mark
|
|
Packit Service |
3880ab |
.I MARK
|
|
Packit Service |
3880ab |
.RB "[ " mask
|
|
Packit Service |
3880ab |
.IR MASK " ] ]"
|
|
Packit Service |
3880ab |
.RB "[ " reqid
|
|
Packit Service |
3880ab |
.IR REQID " ]"
|
|
Packit Service |
3880ab |
.RB "[ " seq
|
|
Packit Service |
3880ab |
.IR SEQ " ]"
|
|
Packit Service |
3880ab |
.RB "[ " min
|
|
Packit Service |
3880ab |
.I SPI
|
|
Packit Service |
3880ab |
.B max
|
|
Packit Service |
3880ab |
.IR SPI " ]"
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.BR "ip xfrm state" " { " delete " | " get " } "
|
|
Packit Service |
3880ab |
.I ID
|
|
Packit Service |
3880ab |
.RB "[ " mark
|
|
Packit Service |
3880ab |
.I MARK
|
|
Packit Service |
3880ab |
.RB "[ " mask
|
|
Packit Service |
3880ab |
.IR MASK " ] ]"
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.BR ip " [ " -4 " | " -6 " ] " "xfrm state deleteall" " ["
|
|
Packit Service |
3880ab |
.IR ID " ]"
|
|
Packit Service |
3880ab |
.RB "[ " mode
|
|
Packit Service |
3880ab |
.IR MODE " ]"
|
|
Packit Service |
3880ab |
.RB "[ " reqid
|
|
Packit Service |
3880ab |
.IR REQID " ]"
|
|
Packit Service |
3880ab |
.RB "[ " flag
|
|
Packit Service |
3880ab |
.IR FLAG-LIST " ]"
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.BR ip " [ " -4 " | " -6 " ] " "xfrm state list" " ["
|
|
Packit Service |
3880ab |
.IR ID " ]"
|
|
Packit Service |
3880ab |
.RB "[ " nokeys " ]"
|
|
Packit Service |
3880ab |
.RB "[ " mode
|
|
Packit Service |
3880ab |
.IR MODE " ]"
|
|
Packit Service |
3880ab |
.RB "[ " reqid
|
|
Packit Service |
3880ab |
.IR REQID " ]"
|
|
Packit Service |
3880ab |
.RB "[ " flag
|
|
Packit Service |
3880ab |
.IR FLAG-LIST " ]"
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.BR "ip xfrm state flush" " [ " proto
|
|
Packit Service |
3880ab |
.IR XFRM-PROTO " ]"
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.BR "ip xfrm state count"
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR ID " :="
|
|
Packit Service |
3880ab |
.RB "[ " src
|
|
Packit Service |
3880ab |
.IR ADDR " ]"
|
|
Packit Service |
3880ab |
.RB "[ " dst
|
|
Packit Service |
3880ab |
.IR ADDR " ]"
|
|
Packit Service |
3880ab |
.RB "[ " proto
|
|
Packit Service |
3880ab |
.IR XFRM-PROTO " ]"
|
|
Packit Service |
3880ab |
.RB "[ " spi
|
|
Packit Service |
3880ab |
.IR SPI " ]"
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR XFRM-PROTO " :="
|
|
Packit Service |
3880ab |
.BR esp " | " ah " | " comp " | " route2 " | " hao
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR ALGO-LIST " := [ " ALGO-LIST " ] " ALGO
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR ALGO " :="
|
|
Packit Service |
3880ab |
.RB "{ " enc " | " auth " } "
|
|
Packit Service |
3880ab |
.IR ALGO-NAME " " ALGO-KEYMAT " |"
|
|
Packit Service |
3880ab |
.br
|
|
Packit Service |
3880ab |
.B auth-trunc
|
|
Packit Service |
3880ab |
.IR ALGO-NAME " " ALGO-KEYMAT " " ALGO-TRUNC-LEN " |"
|
|
Packit Service |
3880ab |
.br
|
|
Packit Service |
3880ab |
.B aead
|
|
Packit Service |
3880ab |
.IR ALGO-NAME " " ALGO-KEYMAT " " ALGO-ICV-LEN " |"
|
|
Packit Service |
3880ab |
.br
|
|
Packit Service |
3880ab |
.B comp
|
|
Packit Service |
3880ab |
.IR ALGO-NAME
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR MODE " := "
|
|
Packit Service |
3880ab |
.BR transport " | " tunnel " | " beet " | " ro " | " in_trigger
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR FLAG-LIST " := [ " FLAG-LIST " ] " FLAG
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR FLAG " :="
|
|
Packit Service |
3880ab |
.BR noecn " | " decap-dscp " | " nopmtudisc " | " wildrecv " | " icmp " | "
|
|
Packit Service |
3880ab |
.BR af-unspec " | " align4 " | " esn
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR SELECTOR " :="
|
|
Packit Service |
3880ab |
.RB "[ " src
|
|
Packit Service |
3880ab |
.IR ADDR "[/" PLEN "] ]"
|
|
Packit Service |
3880ab |
.RB "[ " dst
|
|
Packit Service |
3880ab |
.IR ADDR "[/" PLEN "] ]"
|
|
Packit Service |
3880ab |
.RB "[ " dev
|
|
Packit Service |
3880ab |
.IR DEV " ]"
|
|
Packit Service |
3880ab |
.br
|
|
Packit Service |
3880ab |
.RI "[ " UPSPEC " ]"
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR UPSPEC " := "
|
|
Packit Service |
3880ab |
.BR proto " {"
|
|
Packit Service |
3880ab |
.IR PROTO " |"
|
|
Packit Service |
3880ab |
.br
|
|
Packit Service |
3880ab |
.RB "{ " tcp " | " udp " | " sctp " | " dccp " } [ " sport
|
|
Packit Service |
3880ab |
.IR PORT " ]"
|
|
Packit Service |
3880ab |
.RB "[ " dport
|
|
Packit Service |
3880ab |
.IR PORT " ] |"
|
|
Packit Service |
3880ab |
.br
|
|
Packit Service |
3880ab |
.RB "{ " icmp " | " ipv6-icmp " | " mobility-header " } [ " type
|
|
Packit Service |
3880ab |
.IR NUMBER " ]"
|
|
Packit Service |
3880ab |
.RB "[ " code
|
|
Packit Service |
3880ab |
.IR NUMBER " ] |"
|
|
Packit Service |
3880ab |
.br
|
|
Packit Service |
3880ab |
.BR gre " [ " key
|
|
Packit Service |
3880ab |
.RI "{ " DOTTED-QUAD " | " NUMBER " } ] }"
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR LIMIT-LIST " := [ " LIMIT-LIST " ]"
|
|
Packit Service |
3880ab |
.B limit
|
|
Packit Service |
3880ab |
.I LIMIT
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR LIMIT " :="
|
|
Packit Service |
3880ab |
.RB "{ " time-soft " | " time-hard " | " time-use-soft " | " time-use-hard " }"
|
|
Packit Service |
3880ab |
.IR "SECONDS" " |"
|
|
Packit Service |
3880ab |
.br
|
|
Packit Service |
3880ab |
.RB "{ " byte-soft " | " byte-hard " }"
|
|
Packit Service |
3880ab |
.IR SIZE " |"
|
|
Packit Service |
3880ab |
.br
|
|
Packit Service |
3880ab |
.RB "{ " packet-soft " | " packet-hard " }"
|
|
Packit Service |
3880ab |
.I COUNT
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR ENCAP " :="
|
|
Packit Service |
3880ab |
.RB "{ " espinudp " | " espinudp-nonike " | " espintcp " }"
|
|
Packit Service |
3880ab |
.IR SPORT " " DPORT " " OADDR
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR EXTRA-FLAG-LIST " := [ " EXTRA-FLAG-LIST " ] " EXTRA-FLAG
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR EXTRA-FLAG " := "
|
|
Packit Service |
3880ab |
.BR dont-encap-dscp " | " oseq-may-wrap
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.BR "ip xfrm policy" " { " add " | " update " }"
|
|
Packit Service |
3880ab |
.I SELECTOR
|
|
Packit Service |
3880ab |
.B dir
|
|
Packit Service |
3880ab |
.I DIR
|
|
Packit Service |
3880ab |
.RB "[ " ctx
|
|
Packit Service |
3880ab |
.IR CTX " ]"
|
|
Packit Service |
3880ab |
.RB "[ " mark
|
|
Packit Service |
3880ab |
.I MARK
|
|
Packit Service |
3880ab |
.RB "[ " mask
|
|
Packit Service |
3880ab |
.IR MASK " ] ]"
|
|
Packit Service |
3880ab |
.RB "[ " index
|
|
Packit Service |
3880ab |
.IR INDEX " ]"
|
|
Packit Service |
3880ab |
.RB "[ " ptype
|
|
Packit Service |
3880ab |
.IR PTYPE " ]"
|
|
Packit Service |
3880ab |
.RB "[ " action
|
|
Packit Service |
3880ab |
.IR ACTION " ]"
|
|
Packit Service |
3880ab |
.RB "[ " priority
|
|
Packit Service |
3880ab |
.IR PRIORITY " ]"
|
|
Packit Service |
3880ab |
.RB "[ " flag
|
|
Packit Service |
3880ab |
.IR FLAG-LIST " ]"
|
|
Packit Service |
3880ab |
.RB "[ " if_id
|
|
Packit Service |
3880ab |
.IR IF-ID " ]"
|
|
Packit Service |
3880ab |
.RI "[ " LIMIT-LIST " ] [ " TMPL-LIST " ]"
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.BR "ip xfrm policy" " { " delete " | " get " }"
|
|
Packit Service |
3880ab |
.RI "{ " SELECTOR " | "
|
|
Packit Service |
3880ab |
.B index
|
|
Packit Service |
3880ab |
.IR INDEX " }"
|
|
Packit Service |
3880ab |
.B dir
|
|
Packit Service |
3880ab |
.I DIR
|
|
Packit Service |
3880ab |
.RB "[ " ctx
|
|
Packit Service |
3880ab |
.IR CTX " ]"
|
|
Packit Service |
3880ab |
.RB "[ " mark
|
|
Packit Service |
3880ab |
.I MARK
|
|
Packit Service |
3880ab |
.RB "[ " mask
|
|
Packit Service |
3880ab |
.IR MASK " ] ]"
|
|
Packit Service |
3880ab |
.RB "[ " ptype
|
|
Packit Service |
3880ab |
.IR PTYPE " ]"
|
|
Packit Service |
3880ab |
.RB "[ " if_id
|
|
Packit Service |
3880ab |
.IR IF-ID " ]"
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.BR ip " [ " -4 " | " -6 " ] " "xfrm policy" " { " deleteall " | " list " }"
|
|
Packit Service |
3880ab |
.RB "[ " nosock " ]"
|
|
Packit Service |
3880ab |
.RI "[ " SELECTOR " ]"
|
|
Packit Service |
3880ab |
.RB "[ " dir
|
|
Packit Service |
3880ab |
.IR DIR " ]"
|
|
Packit Service |
3880ab |
.RB "[ " index
|
|
Packit Service |
3880ab |
.IR INDEX " ]"
|
|
Packit Service |
3880ab |
.RB "[ " ptype
|
|
Packit Service |
3880ab |
.IR PTYPE " ]"
|
|
Packit Service |
3880ab |
.RB "[ " action
|
|
Packit Service |
3880ab |
.IR ACTION " ]"
|
|
Packit Service |
3880ab |
.RB "[ " priority
|
|
Packit Service |
3880ab |
.IR PRIORITY " ]"
|
|
Packit Service |
3880ab |
.RB "[ " flag
|
|
Packit Service |
3880ab |
.IR FLAG-LIST "]"
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.B "ip xfrm policy flush"
|
|
Packit Service |
3880ab |
.RB "[ " ptype
|
|
Packit Service |
3880ab |
.IR PTYPE " ]"
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.B "ip xfrm policy count"
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.B "ip xfrm policy set"
|
|
Packit Service |
3880ab |
.RB "[ " hthresh4
|
|
Packit Service |
3880ab |
.IR LBITS " " RBITS " ]"
|
|
Packit Service |
3880ab |
.RB "[ " hthresh6
|
|
Packit Service |
3880ab |
.IR LBITS " " RBITS " ]"
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR SELECTOR " :="
|
|
Packit Service |
3880ab |
.RB "[ " src
|
|
Packit Service |
3880ab |
.IR ADDR "[/" PLEN "] ]"
|
|
Packit Service |
3880ab |
.RB "[ " dst
|
|
Packit Service |
3880ab |
.IR ADDR "[/" PLEN "] ]"
|
|
Packit Service |
3880ab |
.RB "[ " dev
|
|
Packit Service |
3880ab |
.IR DEV " ]"
|
|
Packit Service |
3880ab |
.RI "[ " UPSPEC " ]"
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR UPSPEC " := "
|
|
Packit Service |
3880ab |
.BR proto " {"
|
|
Packit Service |
3880ab |
.IR PROTO " |"
|
|
Packit Service |
3880ab |
.br
|
|
Packit Service |
3880ab |
.RB "{ " tcp " | " udp " | " sctp " | " dccp " } [ " sport
|
|
Packit Service |
3880ab |
.IR PORT " ]"
|
|
Packit Service |
3880ab |
.RB "[ " dport
|
|
Packit Service |
3880ab |
.IR PORT " ] |"
|
|
Packit Service |
3880ab |
.br
|
|
Packit Service |
3880ab |
.RB "{ " icmp " | " ipv6-icmp " | " mobility-header " } [ " type
|
|
Packit Service |
3880ab |
.IR NUMBER " ]"
|
|
Packit Service |
3880ab |
.RB "[ " code
|
|
Packit Service |
3880ab |
.IR NUMBER " ] |"
|
|
Packit Service |
3880ab |
.br
|
|
Packit Service |
3880ab |
.BR gre " [ " key
|
|
Packit Service |
3880ab |
.RI "{ " DOTTED-QUAD " | " NUMBER " } ] }"
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR DIR " := "
|
|
Packit Service |
3880ab |
.BR in " | " out " | " fwd
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR PTYPE " := "
|
|
Packit Service |
3880ab |
.BR main " | " sub
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR ACTION " := "
|
|
Packit Service |
3880ab |
.BR allow " | " block
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR FLAG-LIST " := [ " FLAG-LIST " ] " FLAG
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR FLAG " :="
|
|
Packit Service |
3880ab |
.BR localok " | " icmp
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR LIMIT-LIST " := [ " LIMIT-LIST " ]"
|
|
Packit Service |
3880ab |
.B limit
|
|
Packit Service |
3880ab |
.I LIMIT
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR LIMIT " :="
|
|
Packit Service |
3880ab |
.RB "{ " time-soft " | " time-hard " | " time-use-soft " | " time-use-hard " }"
|
|
Packit Service |
3880ab |
.IR "SECONDS" " |"
|
|
Packit Service |
3880ab |
.br
|
|
Packit Service |
3880ab |
.RB "{ " byte-soft " | " byte-hard " }"
|
|
Packit Service |
3880ab |
.IR SIZE " |"
|
|
Packit Service |
3880ab |
.br
|
|
Packit Service |
3880ab |
.RB "{ " packet-soft " | " packet-hard " }"
|
|
Packit Service |
3880ab |
.I COUNT
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR TMPL-LIST " := [ " TMPL-LIST " ]"
|
|
Packit Service |
3880ab |
.B tmpl
|
|
Packit Service |
3880ab |
.I TMPL
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR TMPL " := " ID
|
|
Packit Service |
3880ab |
.RB "[ " mode
|
|
Packit Service |
3880ab |
.IR MODE " ]"
|
|
Packit Service |
3880ab |
.RB "[ " reqid
|
|
Packit Service |
3880ab |
.IR REQID " ]"
|
|
Packit Service |
3880ab |
.RB "[ " level
|
|
Packit Service |
3880ab |
.IR LEVEL " ]"
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR ID " :="
|
|
Packit Service |
3880ab |
.RB "[ " src
|
|
Packit Service |
3880ab |
.IR ADDR " ]"
|
|
Packit Service |
3880ab |
.RB "[ " dst
|
|
Packit Service |
3880ab |
.IR ADDR " ]"
|
|
Packit Service |
3880ab |
.RB "[ " proto
|
|
Packit Service |
3880ab |
.IR XFRM-PROTO " ]"
|
|
Packit Service |
3880ab |
.RB "[ " spi
|
|
Packit Service |
3880ab |
.IR SPI " ]"
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR XFRM-PROTO " :="
|
|
Packit Service |
3880ab |
.BR esp " | " ah " | " comp " | " route2 " | " hao
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR MODE " := "
|
|
Packit Service |
3880ab |
.BR transport " | " tunnel " | " beet " | " ro " | " in_trigger
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR LEVEL " :="
|
|
Packit Service |
3880ab |
.BR required " | " use
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.BR "ip xfrm monitor" " ["
|
|
Packit Service |
3880ab |
.BI all-nsid
|
|
Packit Service |
3880ab |
] [
|
|
Packit Service |
3880ab |
.BI nokeys
|
|
Packit Service |
3880ab |
] [
|
|
Packit Service |
3880ab |
.BI all
|
|
Packit Service |
3880ab |
|
|
|
Packit Service |
3880ab |
.IR LISTofXFRM-OBJECTS " ]"
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR LISTofXFRM-OBJECTS " := [ " LISTofXFRM-OBJECTS " ] " XFRM-OBJECT
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.ti -8
|
|
Packit Service |
3880ab |
.IR XFRM-OBJECT " := "
|
|
Packit Service |
3880ab |
.BR acquire " | " expire " | " SA " | " policy " | " aevent " | " report
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.in -8
|
|
Packit Service |
3880ab |
.ad b
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.SH DESCRIPTION
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
xfrm is an IP framework for transforming packets (such as encrypting
|
|
Packit Service |
3880ab |
their payloads). This framework is used to implement the IPsec protocol
|
|
Packit Service |
3880ab |
suite (with the
|
|
Packit Service |
3880ab |
.B state
|
|
Packit Service |
3880ab |
object operating on the Security Association Database, and the
|
|
Packit Service |
3880ab |
.B policy
|
|
Packit Service |
3880ab |
object operating on the Security Policy Database). It is also used for
|
|
Packit Service |
3880ab |
the IP Payload Compression Protocol and features of Mobile IPv6.
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TS
|
|
Packit Service |
3880ab |
l l.
|
|
Packit Service |
3880ab |
ip xfrm state add add new state into xfrm
|
|
Packit Service |
3880ab |
ip xfrm state update update existing state in xfrm
|
|
Packit Service |
3880ab |
ip xfrm state allocspi allocate an SPI value
|
|
Packit Service |
3880ab |
ip xfrm state delete delete existing state in xfrm
|
|
Packit Service |
3880ab |
ip xfrm state get get existing state in xfrm
|
|
Packit Service |
3880ab |
ip xfrm state deleteall delete all existing state in xfrm
|
|
Packit Service |
3880ab |
ip xfrm state list print out the list of existing state in xfrm
|
|
Packit Service |
3880ab |
ip xfrm state flush flush all state in xfrm
|
|
Packit Service |
3880ab |
ip xfrm state count count all existing state in xfrm
|
|
Packit Service |
3880ab |
.TE
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.IR ID
|
|
Packit Service |
3880ab |
is specified by a source address, destination address,
|
|
Packit Service |
3880ab |
.RI "transform protocol " XFRM-PROTO ","
|
|
Packit Service |
3880ab |
and/or Security Parameter Index
|
|
Packit Service |
3880ab |
.IR SPI "."
|
|
Packit Service |
3880ab |
(For IP Payload Compression, the Compression Parameter Index or CPI is used for
|
|
Packit Service |
3880ab |
.IR SPI ".)"
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.I XFRM-PROTO
|
|
Packit Service |
3880ab |
specifies a transform protocol:
|
|
Packit Service |
3880ab |
.RB "IPsec Encapsulating Security Payload (" esp "),"
|
|
Packit Service |
3880ab |
.RB "IPsec Authentication Header (" ah "),"
|
|
Packit Service |
3880ab |
.RB "IP Payload Compression (" comp "),"
|
|
Packit Service |
3880ab |
.RB "Mobile IPv6 Type 2 Routing Header (" route2 "), or"
|
|
Packit Service |
3880ab |
.RB "Mobile IPv6 Home Address Option (" hao ")."
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.I ALGO-LIST
|
|
Packit Service |
3880ab |
contains one or more algorithms to use. Each algorithm
|
|
Packit Service |
3880ab |
.I ALGO
|
|
Packit Service |
3880ab |
is specified by:
|
|
Packit Service |
3880ab |
.RS
|
|
Packit Service |
3880ab |
.IP \[bu]
|
|
Packit Service |
3880ab |
the algorithm type:
|
|
Packit Service |
3880ab |
.RB "encryption (" enc "),"
|
|
Packit Service |
3880ab |
.RB "authentication (" auth " or " auth-trunc "),"
|
|
Packit Service |
3880ab |
.RB "authenticated encryption with associated data (" aead "), or"
|
|
Packit Service |
3880ab |
.RB "compression (" comp ")"
|
|
Packit Service |
3880ab |
.IP \[bu]
|
|
Packit Service |
3880ab |
the algorithm name
|
|
Packit Service |
3880ab |
.IR ALGO-NAME
|
|
Packit Service |
3880ab |
(see below)
|
|
Packit Service |
3880ab |
.IP \[bu]
|
|
Packit Service |
3880ab |
.RB "(for all except " comp ")"
|
|
Packit Service |
3880ab |
the keying material
|
|
Packit Service |
3880ab |
.IR ALGO-KEYMAT ","
|
|
Packit Service |
3880ab |
which may include both a key and a salt or nonce value; refer to the
|
|
Packit Service |
3880ab |
corresponding RFC
|
|
Packit Service |
3880ab |
.IP \[bu]
|
|
Packit Service |
3880ab |
.RB "(for " auth-trunc " only)"
|
|
Packit Service |
3880ab |
the truncation length
|
|
Packit Service |
3880ab |
.I ALGO-TRUNC-LEN
|
|
Packit Service |
3880ab |
in bits
|
|
Packit Service |
3880ab |
.IP \[bu]
|
|
Packit Service |
3880ab |
.RB "(for " aead " only)"
|
|
Packit Service |
3880ab |
the Integrity Check Value length
|
|
Packit Service |
3880ab |
.I ALGO-ICV-LEN
|
|
Packit Service |
3880ab |
in bits
|
|
Packit Service |
3880ab |
.RE
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.nh
|
|
Packit Service |
3880ab |
.RS
|
|
Packit Service |
3880ab |
Encryption algorithms include
|
|
Packit Service |
3880ab |
.BR ecb(cipher_null) ", " cbc(des) ", " cbc(des3_ede) ", " cbc(cast5) ","
|
|
Packit Service |
3880ab |
.BR cbc(blowfish) ", " cbc(aes) ", " cbc(serpent) ", " cbc(camellia) ","
|
|
Packit Service |
3880ab |
.BR cbc(twofish) ", and " rfc3686(ctr(aes)) "."
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
Authentication algorithms include
|
|
Packit Service |
3880ab |
.BR digest_null ", " hmac(md5) ", " hmac(sha1) ", " hmac(sha256) ","
|
|
Packit Service |
3880ab |
.BR hmac(sha384) ", " hmac(sha512) ", " hmac(rmd160) ", and " xcbc(aes) "."
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
Authenticated encryption with associated data (AEAD) algorithms include
|
|
Packit Service |
3880ab |
.BR rfc4106(gcm(aes)) ", " rfc4309(ccm(aes)) ", and " rfc4543(gcm(aes)) "."
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
Compression algorithms include
|
|
Packit Service |
3880ab |
.BR deflate ", " lzs ", and " lzjh "."
|
|
Packit Service |
3880ab |
.RE
|
|
Packit Service |
3880ab |
.hy
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.I MODE
|
|
Packit Service |
3880ab |
specifies a mode of operation for the transform protocol. IPsec and IP Payload
|
|
Packit Service |
3880ab |
Compression modes are
|
|
Packit Service |
3880ab |
.BR transport ", " tunnel ","
|
|
Packit Service |
3880ab |
and (for IPsec ESP only) Bound End-to-End Tunnel
|
|
Packit Service |
3880ab |
.RB "(" beet ")."
|
|
Packit Service |
3880ab |
Mobile IPv6 modes are route optimization
|
|
Packit Service |
3880ab |
.RB "(" ro ")"
|
|
Packit Service |
3880ab |
and inbound trigger
|
|
Packit Service |
3880ab |
.RB "(" in_trigger ")."
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.I FLAG-LIST
|
|
Packit Service |
3880ab |
contains one or more of the following optional flags:
|
|
Packit Service |
3880ab |
.BR noecn ", " decap-dscp ", " nopmtudisc ", " wildrecv ", " icmp ", "
|
|
Packit Service |
3880ab |
.BR af-unspec ", " align4 ", or " esn "."
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.IR SELECTOR
|
|
Packit Service |
3880ab |
selects the traffic that will be controlled by the policy, based on the source
|
|
Packit Service |
3880ab |
address, the destination address, the network device, and/or
|
|
Packit Service |
3880ab |
.IR UPSPEC "."
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.IR UPSPEC
|
|
Packit Service |
3880ab |
selects traffic by protocol. For the
|
|
Packit Service |
3880ab |
.BR tcp ", " udp ", " sctp ", or " dccp
|
|
Packit Service |
3880ab |
protocols, the source and destination port can optionally be specified.
|
|
Packit Service |
3880ab |
For the
|
|
Packit Service |
3880ab |
.BR icmp ", " ipv6-icmp ", or " mobility-header
|
|
Packit Service |
3880ab |
protocols, the type and code numbers can optionally be specified.
|
|
Packit Service |
3880ab |
For the
|
|
Packit Service |
3880ab |
.B gre
|
|
Packit Service |
3880ab |
protocol, the key can optionally be specified as a dotted-quad or number.
|
|
Packit Service |
3880ab |
Other protocols can be selected by name or number
|
|
Packit Service |
3880ab |
.IR PROTO "."
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.I LIMIT-LIST
|
|
Packit Service |
3880ab |
sets limits in seconds, bytes, or numbers of packets.
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.I ENCAP
|
|
Packit Service |
3880ab |
encapsulates packets with protocol
|
|
Packit Service |
3880ab |
.BR espinudp ", " espinudp-nonike ", or " espintcp ","
|
|
Packit Service |
3880ab |
.RI "using source port " SPORT ", destination port " DPORT
|
|
Packit Service |
3880ab |
.RI ", and original address " OADDR "."
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.I MARK
|
|
Packit Service |
3880ab |
used to match xfrm policies and states
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.I OUTPUT-MARK
|
|
Packit Service |
3880ab |
used to set the output mark to influence the routing
|
|
Packit Service |
3880ab |
of the packets emitted by the state
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.I IF-ID
|
|
Packit Service |
3880ab |
xfrm interface identifier used to in both xfrm policies and states
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.sp
|
|
Packit Service |
3880ab |
.PP
|
|
Packit Service |
3880ab |
.TS
|
|
Packit Service |
3880ab |
l l.
|
|
Packit Service |
3880ab |
ip xfrm policy add add a new policy
|
|
Packit Service |
3880ab |
ip xfrm policy update update an existing policy
|
|
Packit Service |
3880ab |
ip xfrm policy delete delete an existing policy
|
|
Packit Service |
3880ab |
ip xfrm policy get get an existing policy
|
|
Packit Service |
3880ab |
ip xfrm policy deleteall delete all existing xfrm policies
|
|
Packit Service |
3880ab |
ip xfrm policy list print out the list of xfrm policies
|
|
Packit Service |
3880ab |
ip xfrm policy flush flush policies
|
|
Packit Service |
3880ab |
.TE
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.BR nosock
|
|
Packit Service |
3880ab |
filter (remove) all socket policies from the output.
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.IR SELECTOR
|
|
Packit Service |
3880ab |
selects the traffic that will be controlled by the policy, based on the source
|
|
Packit Service |
3880ab |
address, the destination address, the network device, and/or
|
|
Packit Service |
3880ab |
.IR UPSPEC "."
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.IR UPSPEC
|
|
Packit Service |
3880ab |
selects traffic by protocol. For the
|
|
Packit Service |
3880ab |
.BR tcp ", " udp ", " sctp ", or " dccp
|
|
Packit Service |
3880ab |
protocols, the source and destination port can optionally be specified.
|
|
Packit Service |
3880ab |
For the
|
|
Packit Service |
3880ab |
.BR icmp ", " ipv6-icmp ", or " mobility-header
|
|
Packit Service |
3880ab |
protocols, the type and code numbers can optionally be specified.
|
|
Packit Service |
3880ab |
For the
|
|
Packit Service |
3880ab |
.B gre
|
|
Packit Service |
3880ab |
protocol, the key can optionally be specified as a dotted-quad or number.
|
|
Packit Service |
3880ab |
Other protocols can be selected by name or number
|
|
Packit Service |
3880ab |
.IR PROTO "."
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.I DIR
|
|
Packit Service |
3880ab |
selects the policy direction as
|
|
Packit Service |
3880ab |
.BR in ", " out ", or " fwd "."
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.I CTX
|
|
Packit Service |
3880ab |
sets the security context.
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.I PTYPE
|
|
Packit Service |
3880ab |
can be
|
|
Packit Service |
3880ab |
.BR main " (default) or " sub "."
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.I ACTION
|
|
Packit Service |
3880ab |
can be
|
|
Packit Service |
3880ab |
.BR allow " (default) or " block "."
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.I PRIORITY
|
|
Packit Service |
3880ab |
is a number that defaults to zero.
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.I FLAG-LIST
|
|
Packit Service |
3880ab |
contains one or both of the following optional flags:
|
|
Packit Service |
3880ab |
.BR local " or " icmp "."
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.I LIMIT-LIST
|
|
Packit Service |
3880ab |
sets limits in seconds, bytes, or numbers of packets.
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.I TMPL-LIST
|
|
Packit Service |
3880ab |
is a template list specified using
|
|
Packit Service |
3880ab |
.IR ID ", " MODE ", " REQID ", and/or " LEVEL ". "
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.IR ID
|
|
Packit Service |
3880ab |
is specified by a source address, destination address,
|
|
Packit Service |
3880ab |
.RI "transform protocol " XFRM-PROTO ","
|
|
Packit Service |
3880ab |
and/or Security Parameter Index
|
|
Packit Service |
3880ab |
.IR SPI "."
|
|
Packit Service |
3880ab |
(For IP Payload Compression, the Compression Parameter Index or CPI is used for
|
|
Packit Service |
3880ab |
.IR SPI ".)"
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.I XFRM-PROTO
|
|
Packit Service |
3880ab |
specifies a transform protocol:
|
|
Packit Service |
3880ab |
.RB "IPsec Encapsulating Security Payload (" esp "),"
|
|
Packit Service |
3880ab |
.RB "IPsec Authentication Header (" ah "),"
|
|
Packit Service |
3880ab |
.RB "IP Payload Compression (" comp "),"
|
|
Packit Service |
3880ab |
.RB "Mobile IPv6 Type 2 Routing Header (" route2 "), or"
|
|
Packit Service |
3880ab |
.RB "Mobile IPv6 Home Address Option (" hao ")."
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.I MODE
|
|
Packit Service |
3880ab |
specifies a mode of operation for the transform protocol. IPsec and IP Payload
|
|
Packit Service |
3880ab |
Compression modes are
|
|
Packit Service |
3880ab |
.BR transport ", " tunnel ","
|
|
Packit Service |
3880ab |
and (for IPsec ESP only) Bound End-to-End Tunnel
|
|
Packit Service |
3880ab |
.RB "(" beet ")."
|
|
Packit Service |
3880ab |
Mobile IPv6 modes are route optimization
|
|
Packit Service |
3880ab |
.RB "(" ro ")"
|
|
Packit Service |
3880ab |
and inbound trigger
|
|
Packit Service |
3880ab |
.RB "(" in_trigger ")."
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.I LEVEL
|
|
Packit Service |
3880ab |
can be
|
|
Packit Service |
3880ab |
.BR required " (default) or " use "."
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.sp
|
|
Packit Service |
3880ab |
.PP
|
|
Packit Service |
3880ab |
.TS
|
|
Packit Service |
3880ab |
l l.
|
|
Packit Service |
3880ab |
ip xfrm policy count count existing policies
|
|
Packit Service |
3880ab |
.TE
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.PP
|
|
Packit Service |
3880ab |
Use one or more -s options to display more details, including policy hash table
|
|
Packit Service |
3880ab |
information.
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.sp
|
|
Packit Service |
3880ab |
.PP
|
|
Packit Service |
3880ab |
.TS
|
|
Packit Service |
3880ab |
l l.
|
|
Packit Service |
3880ab |
ip xfrm policy set configure the policy hash table
|
|
Packit Service |
3880ab |
.TE
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.PP
|
|
Packit Service |
3880ab |
Security policies whose address prefix lengths are greater than or equal
|
|
Packit Service |
3880ab |
policy hash table thresholds are hashed. Others are stored in the
|
|
Packit Service |
3880ab |
policy_inexact chained list.
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.I LBITS
|
|
Packit Service |
3880ab |
specifies the minimum local address prefix length of policies that are
|
|
Packit Service |
3880ab |
stored in the Security Policy Database hash table.
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.TP
|
|
Packit Service |
3880ab |
.I RBITS
|
|
Packit Service |
3880ab |
specifies the minimum remote address prefix length of policies that are
|
|
Packit Service |
3880ab |
stored in the Security Policy Database hash table.
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.sp
|
|
Packit Service |
3880ab |
.PP
|
|
Packit Service |
3880ab |
.TS
|
|
Packit Service |
3880ab |
l l.
|
|
Packit Service |
3880ab |
ip xfrm monitor state monitoring for xfrm objects
|
|
Packit Service |
3880ab |
.TE
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.PP
|
|
Packit Service |
3880ab |
The xfrm objects to monitor can be optionally specified.
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.P
|
|
Packit Service |
3880ab |
If the
|
|
Packit Service |
3880ab |
.BI all-nsid
|
|
Packit Service |
3880ab |
option is set, the program listens to all network namespaces that have a
|
|
Packit Service |
3880ab |
nsid assigned into the network namespace were the program is running.
|
|
Packit Service |
3880ab |
A prefix is displayed to show the network namespace where the message
|
|
Packit Service |
3880ab |
originates. Example:
|
|
Packit Service |
3880ab |
.sp
|
|
Packit Service |
3880ab |
.in +2
|
|
Packit Service |
3880ab |
[nsid 1]Flushed state proto 0
|
|
Packit Service |
3880ab |
.in -2
|
|
Packit Service |
3880ab |
.sp
|
|
Packit Service |
3880ab |
|
|
Packit Service |
3880ab |
.SH AUTHOR
|
|
Packit Service |
3880ab |
Manpage revised by David Ward <david.ward@ll.mit.edu>
|
|
Packit Service |
3880ab |
.br
|
|
Packit Service |
3880ab |
Manpage revised by Christophe Gouault <christophe.gouault@6wind.com>
|
|
Packit Service |
3880ab |
.br
|
|
Packit Service |
3880ab |
Manpage revised by Nicolas Dichtel <nicolas.dichtel@6wind.com>
|