Provided by: openswan_2.4.4-3ubuntu1_i386 bug


       ipsec verify - see if FreeSWAN has been installed correctly


       ipsec verify [ --host  name ]


       Invoked without argument, verify examines the local system for a number
       of common system faults: IPsec not in path, no secrets file  generated,
       pluto  not  running,  and IPsec support not present in kernel (or IPsec
       module not loaded).  If two or more interfaces are found,  it  performs
       checks  relevant on an IPsec gateway: whether IP forwarding is allowed,
       and if so, whether MASQ or NAT rules are in play.

       In  addition,  verify  performs  checks   relevant   to   Opportunistic
       Encryption.   It looks in forward DNS for a TXT record for the system’s
       hostname, and in reverse DNS for a  TXT  record  for  the  system’s  IP
       addresses.  It checks whether the system has a public IP.

       The  --host  option  causes verify to look for a TXT record for name in
       forward and reverse DNS.




       Written for the Linux FreeS/WAN  project  <>  by
       Michael Richardson.


       Verify does not check for ipchains masquerading.

       Verify  does  not look for TXT records for Opportunistic clients behind
       the system.

                                  8 June 2002                  IPSEC_VERIFY(8)