Provided by: openswan_2.4.4-3ubuntu1_i386
ipsec starter - start up the IPsec keying daemon (pluto) and load
ipsec starter [--debug --auto_reload seconds --parsedebug --verbose
Openswan Starter is aimed to replace all the scripts which are used to
start and stop Openswan, and to do that in a quicker and a smarter way.
It can also reload the configuration file if given a HUP signal, and
apply the changes.
What it will do:
Load and unload KLIPS, or NETKEY (ipsec kernel module)
Launch and monitor pluto.
Add, initiate, route and delete connections
Attach and detach interfaces according to config file
kill -HUP can be used to reload the config file. New connections will
be added, old ones will be removed and modified ones will be reloaded.
Interfaces/Klips/Pluto will be reloaded if necessary.
Upon startup, starter will save its pid to the file
Upon reloading, dynamic DNS addresses will be resolved and updated.
Use --auto_reload to periodicaly check for dynamic DNS changes.
kill -USR1 can be used to reload all connections. This does a delete,
followed by an add and then either a route or initiate operation.
/var/run/pluto/dynip/xxxx can be used to use a virtual interface name
in ipsec.conf. By example, when adsl can be ppp0, ppp1, or some such,
one can do:
ipsec.conf: interfaces="ipsec0=adsl" And use /etc/ppp/ip-up to create
%auto can be used to automaticaly name the connections
kill -TERM can be used to stop Openswan. Pluto will be stopped and
kernel modules unloaded.
ipsec(8), ipsec_tncfg(8), ipsec_pluto(8)
Original by email@example.com for Arkoon Network Security. Updated for
FreeS/WAN version 2 by Michael Richardson <firstname.lastname@example.org>.
Merged into Openswan 2.2 by Xelerance Corporation
handle wildcards in include lines -- use glob() fct ex: include
handle duplicates keywords and sections
Support also keyword
add unsupported keywords
manually keyed connections
29 Nov 2004 IPSEC_STARTER(8)