Content-type: text/html Manpage of IPSEC_BARF

IPSEC_BARF

Section: Maintenance Commands (8)
Updated: 31 May 2001
Index Return to Main Contents
 

NAME

ipsec barf - spew out collected IPsec debugging information
ipsec look - show minimal debugging information  

SYNOPSIS

ipsec barf [ --short ]

ipsec look  

DESCRIPTION

Barf outputs (on standard output) a collection of debugging information (contents of files, selections from logs, etc.) related to the IPsec encryption/authentication system. It is primarily a convenience for remote debugging, a single command which packages up (and labels) all information that might be relevant to diagnosing a problem in IPsec.

Look outputs a minimal subset of this, intended as a quick look at current connections and related information, in a somewhat less self-explanatory format optimized for terseness.

The --short option limits the length of the log portion of barf's output, which can otherwise be extremely voluminous if debug logging is turned on.

Barf censors its output, replacing keys and secrets with brief checksums to avoid revealing sensitive information. Look output does not contain such information.

Beware that the output of both commands is aimed at humans, not programs, and the output format is subject to change without warning.  

FILES

/proc/net/*
/var/log/*
/etc/ipsec.conf
/etc/ipsec.secrets
 

HISTORY

Written for the Linux FreeS/WAN project <http://www.freeswan.org> by Henry Spencer.  

BUGS

Barf uses heuristics to try to pick relevant material out of the logs, and relevant messages which are not labelled with any of the tags that barf looks for will be lost. We think we've eliminated the last such case, but one never knows...

Finding updown scripts (so they can be included in output) is, in general, difficult. Barf uses a very simple heuristic that is easily fooled.


 

Index

NAME
SYNOPSIS
DESCRIPTION
FILES
HISTORY
BUGS

This document was created by man2html, using the manual pages.
Time: 05:09:31 GMT, June 19, 2001