setkey.8 - OpenGrok cross reference for /freebsd/sbin/setkey/setkey.8

Deleted Added

sdiffudifftextold (31ccd489..)new (29e758c2..)

setkey.8 (31ccd48942f0df842d9a31fe8e862c197ff296b9)	setkey.8 (29e758c263ef2cb593a58a69f98bcb3f22bf5dc1)
1.\" $KAME: setkey.8,v 1.89 2003/09/07 22:17:41 itojun Exp $ 2.\" 3.\" Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. 4.\" All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: --- 428 unchanged lines hidden (view full) --- 437.Pa /etc/protocols , 438protocols other than TCP, UDP and ICMP may not be suitable to use with IPsec. 439.\" 440.Pp 441.It Ar policy 442.Ar policy 443is expressed in one of the following three formats: 444.Pp	1.\" $KAME: setkey.8,v 1.89 2003/09/07 22:17:41 itojun Exp $ 2.\" 3.\" Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. 4.\" All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: --- 428 unchanged lines hidden (view full) --- 437.Pa /etc/protocols , 438protocols other than TCP, UDP and ICMP may not be suitable to use with IPsec. 439.\" 440.Pp 441.It Ar policy 442.Ar policy 443is expressed in one of the following three formats: 444.Pp
445.Bl -tag -compact	445.Bl -tag -width 2n -compact
446.It Fl P Ar direction Li discard 447.It Fl P Ar direction Li none 448.It Xo Fl P Ar direction Li ipsec 449.Ar protocol/mode/src-dst/level Op ... 450.Xc 451.El 452.Pp 453The direction of a policy must be specified as --- 94 unchanged lines hidden (view full) --- 548.Ar extensions Fl u 549of manual SA configuration. 550.Pp 551When you want to use an SA bundle, you can define multiple rules. 552For 553example, if an IP header was followed by an AH header followed by an 554ESP header followed by an upper layer protocol header, the rule would 555be:	446.It Fl P Ar direction Li discard 447.It Fl P Ar direction Li none 448.It Xo Fl P Ar direction Li ipsec 449.Ar protocol/mode/src-dst/level Op ... 450.Xc 451.El 452.Pp 453The direction of a policy must be specified as --- 94 unchanged lines hidden (view full) --- 548.Ar extensions Fl u 549of manual SA configuration. 550.Pp 551When you want to use an SA bundle, you can define multiple rules. 552For 553example, if an IP header was followed by an AH header followed by an 554ESP header followed by an upper layer protocol header, the rule would 555be:
	556.Pp
556.Dl esp/transport//require ah/transport//require ;	557.Dl esp/transport//require ah/transport//require ;
	558.Pp
557The rule order is very important. 558.Pp 559Note that 560.Dq Li discard 561and 562.Dq Li none 563are not in the syntax described in 564.Xr ipsec_set_policy 3 . --- 164 unchanged lines hidden ---	559The rule order is very important. 560.Pp 561Note that 562.Dq Li discard 563and 564.Dq Li none 565are not in the syntax described in 566.Xr ipsec_set_policy 3 . --- 164 unchanged lines hidden ---