xref: /freebsd/sbin/setkey/setkey.8 (revision 5521ff5a4d1929056e7ffc982fac3341ca54df7c) 
1.\"	$KAME: setkey.8,v 1.49 2001/05/18 05:49:51 sakane Exp $
2.\"	$FreeBSD$
3.\"
4.\" Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
5.\" All rights reserved.
6.\"
7.\" Redistribution and use in source and binary forms, with or without
8.\" modification, are permitted provided that the following conditions
9.\" are met:
10.\" 1. Redistributions of source code must retain the above copyright
11.\"    notice, this list of conditions and the following disclaimer.
12.\" 2. Redistributions in binary form must reproduce the above copyright
13.\"    notice, this list of conditions and the following disclaimer in the
14.\"    documentation and/or other materials provided with the distribution.
15.\" 3. Neither the name of the project nor the names of its contributors
16.\"    may be used to endorse or promote products derived from this software
17.\"    without specific prior written permission.
18.\"
19.\" THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
20.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
23.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29.\" SUCH DAMAGE.
30.\"
31.Dd November 20, 2000
32.Dt SETKEY 8
33.Os
34.\"
35.Sh NAME
36.Nm setkey
37.Nd "manually manipulate the IPsec SA/SP database"
38.\"
39.Sh SYNOPSIS
40.Nm
41.Op Fl dv
42.Fl c
43.Nm
44.Op Fl dv
45.Fl f Ar filename
46.Nm
47.Op Fl adPlv
48.Fl D
49.Nm
50.Op Fl dPv
51.Fl F
52.Nm
53.Op Fl h
54.Fl x
55.\"
56.Sh DESCRIPTION
57.Nm
58adds, updates, dumps, or flushes
59Security Association Database (SAD) entries
60as well as Security Policy Database (SPD) entries in the kernel.
61.Pp
62.Nm
63takes a series of operations from the standard input
64.Po
65if invoked with
66.Fl c
67.Pc
68or the file named
69.Ar filename
70.Po
71if invoked with
72.Fl f Ar filename
73.Pc .
74.Bl -tag -width Ds
75.It Fl D
76Dump the SAD entries.
77If with
78.Fl P ,
79the SPD entries are dumped.
80.It Fl F
81Flush the SAD entries.
82If with
83.Fl P ,
84the SPD entries are flushed.
85.It Fl a
86.Nm
87usually does not display dead SAD entries with
88.Fl D .
89If with
90.Fl a ,
91the dead SAD entries will be displayed as well.
92A dead SAD entry means that
93it has been expired but remains
94because it is referenced by SPD entries.
95.It Fl d
96Enable to print debugging messages for command parser,
97without talking to kernel.
98It is not used usually.
99.It Fl x
100Loop forever and dump all the messages transmitted to
101.Dv PF_KEY
102socket.
103.Fl xx
104makes each timestamps unformatted.
105.It Fl h
106Add hexadecimal dump on
107.Fl x
108mode.
109.It Fl l
110Loop forever with short output on
111.Fl D .
112.It Fl v
113Be verbose.
114The program will dump messages exchanged on
115.Dv PF_KEY
116socket, including messages sent from other processes to the kernel.
117.El
118.Pp
119Operations have the following grammar.
120Note that lines starting with
121hashmarks ('#') are treated as comment lines.
122.Bl -tag -width Ds
123.It Xo
124.Li add
125.Ar src Ar dst Ar protocol Ar spi
126.Op Ar extensions
127.Ar algorithm...
128.Li ;
129.Xc
130Add an SAD entry.
131.\"
132.It Xo
133.Li get
134.Ar src Ar dst Ar protocol Ar spi
135.Li ;
136.Xc
137Show an SAD entry.
138.\"
139.It Xo
140.Li delete
141.Ar src Ar dst Ar protocol Ar spi
142.Li ;
143.Xc
144Remove an SAD entry.
145.\"
146.It Xo
147.Li deleteall
148.Ar src Ar dst Ar protocol
149.Li ;
150.Xc
151Remove all SAD entries that match the specification.
152.\"
153.It Xo
154.Li flush
155.Op Ar protocol
156.Li ;
157.Xc
158Clear all SAD entries matched by the options.
159.\"
160.It Xo
161.Li dump
162.Op Ar protocol
163.Li ;
164.Xc
165Dumps all SAD entries matched by the options.
166.\"
167.It Xo
168.Li spdadd
169.Ar src_range Ar dst_range Ar upperspec Ar policy
170.Li ;
171.Xc
172Add an SPD entry.
173.\"
174.It Xo
175.Li spddelete
176.Ar src_range Ar dst_range Ar upperspec Fl P Ar direction
177.Li ;
178.Xc
179Delete an SPD entry.
180.\"
181.It Xo
182.Li spdflush
183.Li ;
184.Xc
185Clear all SPD entries.
186.\"
187.It Xo
188.Li spddump
189.Li ;
190.Xc
191Dumps all SPD entries.
192.El
193.\"
194.Pp
195Meta-arguments are as follows:
196.Pp
197.Bl -tag -compact -width Ds
198.It Ar src
199.It Ar dst
200Source/destination of the secure communication is specified as
201IPv4/v6 address.
202.Nm
203does not consult hostname-to-address for arguments
204.Ar src
205and
206.Ar dst .
207They must be in numeric form.
208.\"
209.Pp
210.It Ar protocol
211.Ar protocol
212is one of following:
213.Bl -tag -width Fl -compact
214.It Li esp
215ESP based on rfc2405
216.It Li esp-old
217ESP based on rfc1827
218.It Li ah
219AH based on rfc2402
220.It Li ah-old
221AH based on rfc1826
222.It Li ipcomp
223IPCOMP
224.El
225.\"
226.Pp
227.It Ar spi
228Security Parameter Index (SPI) for the SAD and the SPD.
229It must be decimal number or hexadecimal number
230You can not use the set of SPI values in the range 0 through 255.
231.Po
232with
233.Li 0x
234attached
235.Pc .
236.\"
237.Pp
238.It Ar extensions
239takes some of the following:
240.Bl -tag -width Fl -compact
241.\"
242.It Fl m Ar mode
243Specify a security protocol mode for use.
244.Ar mode
245is one of following:
246.Li transport , tunnel
247or
248.Li any .
249The default value is
250.Li any .
251.\"
252.It Fl r Ar size
253Specify window size of bytes for replay prevention.
254.Ar size
255must be decimal number in 32-bit word.
256If
257.Ar size
258is zero or not specified, replay check don't take place.
259.\"
260.It Fl u Ar id
261Specify the identifier of the policy entry in SPD.
262See
263.Ar policy .
264.\"
265.It Fl f Ar pad_option
266defines the content of the ESP padding.
267.Ar pad_option
268is one of following:
269.Bl -tag -width random-pad -compact
270.It Li zero-pad
271All of the padding are zero.
272.It Li random-pad
273A series of randomized values are set.
274.It Li seq-pad
275A series of sequential increasing numbers started from 1 are set.
276.El
277.\"
278.It Fl f Li nocyclic-seq
279Don't allow cyclic sequence number.
280.\"
281.It Fl lh Ar time
282.It Fl ls Ar time
283Specify hard/soft life time duration of the SA.
284.El
285.\"
286.Pp
287.It Ar algorithm
288.Bl -tag -width Fl -compact
289.It Fl E Ar ealgo Ar key
290Specify a encryption algorithm.
291.It Fl A Ar aalgo Ar key
292Specify a authentication algorithm.
293If
294.Fl A
295is used with
296.Ar protocol Li esp ,
297it will be treated as ESP payload authentication algorithm.
298.It Fl C Ar calgo Op Fl R
299Specify compression algorithm.
300If
301.Fl R
302is not specified with
303.Li ipcomp
304line, the kernel will use well-known IPComp CPI
305.Pq compression parameter index
306on IPComp CPI field on packets, and
307.Ar spi
308field will be ignored.
309.Ar spi
310field is only for kernel internal use in this case.
311.\"Therefore, compression protocol number will appear on IPComp CPI field.
312If
313.Fl R
314is used,
315the value on
316.Ar spi
317field will appear on IPComp CPI field on outgoing packets.
318.Ar spi
319field needs to be smaller than
320.Li 0x10000
321in this case.
322.El
323.Pp
324.Ar protocol Li esp
325accepts
326.Fl E
327and
328.Fl A .
329.Ar protocol Li esp-old
330accepts
331.Fl E
332only.
333.Ar protocol Li ah
334and
335.Li ah-old
336accept
337.Fl A
338only.
339.Ar protocol Li ipcomp
340accepts
341.Fl C
342only.
343.Pp
344.Ar key
345must be double-quoted character string or series of hexadecimal digits.
346.Pp
347Possible values for
348.Ar ealgo ,
349.Ar aalgo
350and
351.Ar calgo
352are specified in separate section.
353.\"
354.Pp
355.It Ar src_range
356.It Ar dst_range
357These are selections of the secure communication specified as
358IPv4/v6 address or IPv4/v6 address range, and it may accompany
359TCP/UDP port specification.
360This takes the following form:
361.Bd -literal -offset
362.Ar address
363.Ar address/prefixlen
364.Ar address[port]
365.Ar address/prefixlen[port]
366.Ed
367.Pp
368.Ar prefixlen
369and
370.Ar port
371must be decimal number.
372The square bracket around
373.Ar port
374is really necessary.
375They are not manpage metacharacters.
376.Pp
377.Nm
378does not consult hostname-to-address for arguments
379.Ar src
380and
381.Ar dst .
382They must be in numeric form.
383.\"
384.Pp
385.It Ar upperspec
386Upper-layer protocol to be used.
387You can use one of words in
388.Pa /etc/protocols
389as
390.Ar upperspec .
391Or
392.Li icmp6 ,
393.Li ip4 ,
394and
395.Li any
396can be specified.
397.Li any
398stands for
399.Dq any protocol .
400Also you can use the protocol number.
401.Pp
402NOTE:
403.Ar upperspec
404does not work against forwarding case at this moment,
405as it requires extra reassembly at forwarding node
406.Pq not implemented at this moment .
407We have many protocols in
408.Pa /etc/protocols ,
409but protocols except of TCP, UDP and ICMP may not be suitable to use with IPSec.
410You have to consider and be careful to use them.
411.Li icmp
412.Li tcp
413.Li udp
414all protocols
415.\"
416.Pp
417.It Ar policy
418.Ar policy
419is the one of following:
420.Bd -literal -offset
421.Xo
422.Fl P
423.Ar direction
424.Li discard
425.Xc
426.Xo
427.Fl P
428.Ar direction
429.Li none
430.Xc
431.Xo
432.Fl P
433.Ar direction
434.Li ipsec
435.Ar protocol/mode/src-dst/level
436.Xc
437.Ed
438.Pp
439You must specify the direction of its policy as
440.Ar direction .
441Either
442.Li out
443or
444.Li in
445are used.
446.Li discard
447means the packet matching indexes will be discarded.
448.Li none
449means that IPsec operation will not take place onto the packet.
450.Li ipsec
451means that IPsec operation will take place onto the packet.
452Either
453.Li ah ,
454.Li esp
455or
456.Li ipcomp
457is to be set as
458.Ar protocol .
459.Ar mode
460is either
461.Li transport
462or
463.Li tunnel .
464If
465.Ar mode
466is
467.Li tunnel ,
468you must specify the end-points addresses of the SA as
469.Ar src
470and
471.Ar dst
472with
473.Sq -
474between these addresses which is used to specify the SA to use.
475If
476.Ar mode
477is
478.Li transport ,
479both
480.Ar src
481and
482.Ar dst
483can be omited.
484.Ar level
485is to be one of the following:
486.Li default , use , require
487or
488.Li unique .
489If the SA is not available in every level, the kernel will request
490getting SA to the key exchange daemon.
491.Li default
492means the kernel consults to the system wide default against protocol you
493specified, e.g.
494.Li esp_trans_deflev
495sysctl variable, when the kernel processes the packet.
496.Li use
497means that the kernel use a SA if it's available,
498otherwise the kernel keeps normal operation.
499.Li require
500means SA is required whenever the kernel sends a packet matched
501with the policy.
502.Li unique
503is the same to require.
504In addition, it allows the policy to bind with the unique out-bound SA.
505If you use the SA by manual keying,
506you can put the decimal number as the policy identifier after
507.Li unique
508separated by colon
509.Sq \:
510like the following;
511.Li unique:number .
512.Li number
513must be between 1 and 32767.
514It corresponds to
515.Ar extensions Fl u .
516.Pp
517Note that
518.Dq Li discard
519and
520.Dq Li none
521are not in the syntax described in
522.Xr ipsec_set_policy 3 .
523There are little differences in the syntax.
524See
525.Xr ipsec_set_policy 3
526for detail.
527.Pp
528.El
529.Pp
530.\"
531.Sh ALGORITHMS
532The following list shows the supported algorithms.
533.Sy protocol
534and
535.Sy algorithm
536are almost orthogonal.
537Followings are the list of authentication algorithms that can be used as
538.Ar aalgo
539in
540.Fl A Ar aalgo
541of
542.Ar protocol
543parameter:
544.Pp
545.Bd -literal -offset indent
546algorithm	keylen (bits)	comment
547hmac-md5	128		ah: rfc2403
548		128		ah-old: rfc2085
549hmac-sha1	160		ah: rfc2404
550		160		ah-old: 128bit ICV (no document)
551keyed-md5	128		ah: 96bit ICV (no document)
552		128		ah-old: rfc1828
553keyed-sha1	160		ah: 96bit ICV (no document)
554		160		ah-old: 128bit ICV (no document)
555null		0 to 2048	for debugging
556hmac-sha2-256	256		ah: 96bit ICV (no document)
557		256		ah-old: 128bit ICV (no document)
558hmac-sha2-384	384		ah: 96bit ICV (no document)
559		384		ah-old: 128bit ICV (no document)
560hmac-sha2-512	512		ah: 96bit ICV (no document)
561		512		ah-old: 128bit ICV (no document)
562.Ed
563.Pp
564Followings are the list of encryption algorithms that can be used as
565.Ar ealgo
566in
567.Fl E Ar ealgo
568of
569.Ar protocol
570parameter:
571.Pp
572.Bd -literal -offset indent
573algorithm	keylen (bits)	comment
574des-cbc		64		esp-old: rfc1829, esp: rfc2405
5753des-cbc	192		rfc2451
576simple		0 to 2048	rfc2410
577blowfish-cbc	40 to 448	rfc2451
578cast128-cbc	40 to 128	rfc2451
579des-deriv	64		ipsec-ciph-des-derived-01 (expired)
5803des-deriv	192		no document
581rijndael-cbc	128/192/256	draft-ietf-ipsec-ciph-aes-cbc-00
582.Ed
583.Pp
584Followings are the list of compression algorithms that can be used as
585.Ar calgo
586in
587.Fl C Ar calgo
588of
589.Ar protocol
590parameter:
591.Pp
592.Bd -literal -offset indent
593algorithm	comment
594deflate		rfc2394
595lzs		rfc2395
596.Ed
597.\"
598.Sh EXAMPLES
599.Bd -literal -offset
600add	3ffe:501:4819::1 3ffe:501:481d::1 esp 123457
601		-E des-cbc "ESP SA!!" ;
602
603add	3ffe:501:4819::1 3ffe:501:481d::1 ah 123456
604		-A hmac-sha1 "AH SA configuration!" ;
605
606add	10.0.11.41 10.0.11.33 esp 0x10001
607		-E des-cbc "ESP with"
608		-A hmac-md5 "authentication!!" ;
609
610get	3ffe:501:4819::1 3ffe:501:481d::1 ah 123456 ;
611
612flush ;
613
614dump esp ;
615
616spdadd	10.0.11.41/32[21] 10.0.11.33/32[any] any
617		-P out ipsec esp/tunnel/192.168.0.1-192.168.1.2/require ;
618
619.Ed
620.\"
621.Sh RETURN VALUES
622The command exits with 0 on success, and non-zero on errors.
623.\"
624.Sh SEE ALSO
625.Xr ipsec_set_policy 3 ,
626.Xr racoon 8 ,
627.Xr sysctl 8
628.\"
629.Sh HISTORY
630The
631.Nm
632command first appeared in WIDE Hydrangea IPv6 protocol stack kit.
633The command was completely re-designed in June 1998.
634.\"
635.\" .Sh BUGS
636