ipsec.4 - OpenGrok cross reference for /freebsd/share/man/man4/ipsec.4

Lines Matching full:ipsec
1 .\"	$KAME: ipsec.4,v 1.17 2001/06/27 15:25:10 itojun Exp $
34 .Nm ipsec
37 .Cd "options IPSEC"
92 .It "net.inet.ipsec.filtertunnel	0	1"
123 interface and allows the programmer to define IPsec policies
139 IPsec policies can be managed in one of two ways, either by
147 you can define IPsec policies against packets using rules similar to packet
156 A properly-formed IPsec policy specification structure can be
170 system's IPsec behavior.
177 there is not then the packets are not processed by IPsec.
188 .It "net.inet.ipsec.esp_trans_deflev	integer	yes"
189 .It "net.inet.ipsec.esp_net_deflev	integer	yes"
190 .It "net.inet.ipsec.ah_trans_deflev	integer	yes"
191 .It "net.inet.ipsec.ah_net_deflev	integer	yes"
213 .It "net.inet.ipsec.def_policy	integer	yes"
232 for tweaking the kernel's IPsec behavior:
235 .It "net.inet.ipsec.ah_cleartos	integer	yes"
236 .It "net.inet.ipsec.ah_offsetmask	integer	yes"
237 .It "net.inet.ipsec.dfbit	integer	yes"
238 .It "net.inet.ipsec.ecn	integer	yes"
239 .It "net.inet.ipsec.debug	integer	yes"
240 .It "net.inet.ipsec.natt_cksum_policy	integer	yes"
241 .It "net.inet.ipsec.check_policy_history	integer	yes"
242 .It "net.inet.ipsec.random_id		integer	yes"
249 .It Li ipsec.ah_cleartos
257 .It Li ipsec.ah_offsetmask
267 .It Li ipsec.dfbit
268 This variable configures the kernel behavior on IPv4 IPsec tunnel encapsulation.
274 .It Li ipsec.ecn
275 If set to non-zero, IPv4 IPsec tunnel encapsulation/decapsulation behavior will
279 .Li draft-ietf-ipsec-ecn-02.txt .
282 .It Li ipsec.debug
285 .It Li ipsec.natt_cksum_policy
287 encapsulation is used for IPsec transport mode.
295 .It Li ipsec.check_policy_history
297 By default, inbound security policies check that packets handled by IPsec
299 If this variable is set to a non-zero value, each packet handled by IPsec
300 is checked against the history of IPsec security associations.
301 The IPsec security protocol, mode, and SA addresses must match.
302 .It Li ipsec.random_id
373 .%N "draft-mcdonald-simple-ipsec-api-03.txt"
379 implementation appeared in the WIDE/KAME IPv6/IPsec stack.
383 a fully locked IPsec implementation called fast_ipsec was brought in.
387 .Tn IPsec
393 .Tn IPsec
405 After this the old KAME IPsec implementation was dropped and fast_ipsec
417 policy with an AH tunnel or any IPsec encapsulating policy with AH
In current file

In project "undefined"

On Google
