Provided by: openswan_2.6.22+dfsg-1.1ubuntu1_i386 bug

NAME

       ipsec_klipsdebug - list KLIPS (kernel IPSEC support) debug features and
       level

SYNOPSIS

       ipsec klipsdebug
             cat/proc/net/ipsec_klipsdebug

DESCRIPTION

       /proc/net/ipsec_klipsdebug lists flags that control various parts of
       the debugging output of KLIPS and MAST, two of the IPsec stacks
       supported by Openswan. At this point it is a read-only file.

       A table entry consists of:

       +
           a KLIPS debug variable

       +
           a ´=´ separator for visual and automated parsing between the
           variable name and its current value

       +
           hexadecimal bitmap of variable´s flags.

       The variable names roughly describe the scope of the debugging
       variable. Currently, no flags are documented or individually accessible
       yet except tunnel-xmit.

       The variable names are:

       tunnel
           tunnelling code

       netlink
           userspace communication code (obsolete)

       xform
           transform selection and manipulation code

       eroute
           eroute table manipulation code

       spi
           SA table manipulation code

       radij
           radij tree manipulation code

       esp
           encryptions transforms code

       ah
           authentication transforms code

       rcv
           receive code

       ipcomp
           ip compression transforms code

       verbose
           give even more information, beware this will probably trample the
           4k kernel printk buffer giving inaccurate output

       All KLIPS debug output appears as kernel.info messages to syslogd(8).
       Most systems are set up to log these messages to /var/log/messages.

EXAMPLES

       debug_tunnel=00000010.

       debug_netlink=00000000.

       debug_xform=00000000.

       debug_eroute=00000000.

       debug_spi=00000000.

       debug_radij=00000000.

       debug_esp=00000000.

       debug_ah=00000000.

       debug_rcv=00000000.

       debug_pfkey=ffffffff.

       means that one tunnel flag has been set (tunnel-xmit), full pfkey
       sockets debugging has been set and everything else is not set.

FILES

       /proc/net/ipsec_klipsdebug, /usr/bin/ipsec

SEE ALSO

       ipsec(8), ipsec_manual(8), ipsec_tncfg(8), ipsec_eroute(8),
       ipsec_spi(8), ipsec_spigrp(8), ipsec_klipsdebug(5), ipsec_version(5),
       ipsec_pf_key(5)

HISTORY

       Written for the Linux FreeS/WAN project <http://www.freeswan.org/> by
       Richard Guy Briggs.