Provided by: openswan_2.6.38-1_amd64 bug

NAME
       ipsec_tncfg - lists IPSEC virtual interfaces attached to real interfaces


SYNOPSIS
       ipsec tncfg
             cat/proc/net/ipsec_tncfg


OBSOLETE
       Note that tncfg is only supported on the classic KLIPS stack. It is not supported on any
       other stack and will be completely removed in future versions. A replacement command still
       needs to be designed


DESCRIPTION
       /proc/net/ipsec_tncfg is a read-only file which lists which IPSEC virtual interfaces are
       attached to which real interfaces, through which packets will be forwarded once processed
       by IPSEC.

       Each line lists one ipsec I/F. A table entry consists of:

       +
           an ipsec virtual I/F name

       +
           a visual and machine parsable separator ´->´, separating the virtual I/F and the
           physical I/F,

       +
           a physical I/F name, to which the ipsec virtual I/F is attached or NULL if it is not
           attached,

       +
           the keyword mtu=,

       +
           the MTU of the ipsec virtual I/F,

       +
           the automatically adjusted effective MTU for PMTU discovery, in brackets,

       +
           a visual and machine parsable separator ´->´, separating the virtual I/F MTU and the
           physical I/F MTU,

       +
           the MTU of the attached physical I/F.


EXAMPLES
       ipsec2 -> eth3 mtu=16260(1443) -> 1500

       shows that virtual device ipsec2 with an MTU of 16260 is connected to physical device eth3
       with an MTU of 1500 and that the effective MTU as a result of PMTU discovery has been
       automatically set to 1443.

       ipsec0 -> wvlan0 mtu=1400(16260) -> 1500

       shows that virtual device ipsec0 with an MTU of 1400 is connected to physical device
       wvlan0 with an MTU of 1500 and no PMTU packets have gotten far enough to bump down the
       effective MTU from its default of 16260.

       ipsec3 -> NULL mtu=0(0) -> 0

       shows that virtual device ipsec3 is not connected to any physical device.


FILES
       /proc/net/ipsec_tncfg, /usr/local/bin/ipsec


SEE ALSO
       ipsec(8), ipsec_manual(8), ipsec_eroute(5), ipsec_spi(5), ipsec_spigrp(5),
       ipsec_klipsdebug(5), ipsec_tncfg(8), ipsec_version(5), ipsec_pf_key(5)


HISTORY
       Written for the Linux FreeS/WAN project <http://www.freeswan.org/> by Richard Guy Briggs.

[FIXME: source]                             10/06/2010                             IPSEC_TNCFG(5)