Context Navigation

racoon.8 @ 8645c9d7

55-freebsd-126-freebsd-12

Last change on this file since 8645c9d7 was ff36f5e, checked in by Christian Mauderer <christian.mauderer@…>, on 05/30/18 at 12:27:35

Import ipsec-tools 0.8.2.

Import unchanged ipsec-tools sources in the release version 0.8.2. The
homepage of ipsec-tools is http://ipsec-tools.sourceforge.net/. The
sources can be obtained from there.

Property mode set to 100644

File size: 4.0 KB

Line
1	.\" $NetBSD: racoon.8,v 1.12 2009/01/24 10:42:31 wiz Exp $
2	.\"
3	.\" Id: racoon.8,v 1.4 2005/04/18 11:07:55 manubsd Exp
4	.\"
5	.\" Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
6	.\" All rights reserved.
7	.\"
8	.\" Redistribution and use in source and binary forms, with or without
9	.\" modification, are permitted provided that the following conditions
10	.\" are met:
11	.\" 1. Redistributions of source code must retain the above copyright
12	.\" notice, this list of conditions and the following disclaimer.
13	.\" 2. Redistributions in binary form must reproduce the above copyright
14	.\" notice, this list of conditions and the following disclaimer in the
15	.\" documentation and/or other materials provided with the distribution.
16	.\" 3. Neither the name of the project nor the names of its contributors
17	.\" may be used to endorse or promote products derived from this software
18	.\" without specific prior written permission.
19	.\"
20	.\" THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
21	.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22	.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23	.\" ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
24	.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25	.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26	.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27	.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28	.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29	.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30	.\" SUCH DAMAGE.
31	.\"
32	.Dd January 23, 2009
33	.Dt RACOON 8
34	.Os
35	.\"
36	.Sh NAME
37	.Nm racoon
38	.Nd IKE (ISAKMP/Oakley) key management daemon
39	.\"
40	.Sh SYNOPSIS
41	.Nm racoon
42	.Bk -words
43	.Op Fl 46BdFLVv
44	.Ek
45	.Bk -words
46	.Op Fl f Ar configfile
47	.Ek
48	.Bk -words
49	.Op Fl l Ar logfile
50	.Ek
51	.Bk -words
52	.Op Fl P Ar isakmp-natt-port
53	.Ek
54	.Bk -words
55	.Op Fl p Ar isakmp-port
56	.Ek
57	.\"
58	.Sh DESCRIPTION
59	.Nm
60	speaks the IKE
61	.Pq ISAKMP/Oakley
62	key management protocol,
63	to establish security associations with other hosts.
64	The SPD
65	.Pq Security Policy Database
66	in the kernel usually triggers
67	.Nm .
68	.Nm
69	usually sends all informational messages, warnings and error messages to
70	.Xr syslogd 8
71	with the facility
72	.Dv LOG_DAEMON
73	and the priority
74	.Dv LOG_INFO .
75	Debugging messages are sent with the priority
76	.Dv LOG_DEBUG .
77	You should configure
78	.Xr syslog.conf 5
79	appropriately to see these messages.
80	.Bl -tag -width Ds
81	.It Fl 4
82	.It Fl 6
83	Specify the default address family for the sockets.
84	.It Fl B
85	Install SA(s) from the file which is specified in
86	.Xr racoon.conf 5 .
87	.It Fl d
88	Increase the debug level.
89	Multiple
90	.Fl d
91	arguments will increase the debug level even more.
92	.It Fl F
93	Run
94	.Nm
95	in the foreground.
96	.It Fl f Ar configfile
97	Use
98	.Ar configfile
99	as the configuration file instead of the default.
100	.It Fl L
101	Include
102	.Ar file_name:line_number:function_name
103	in all messages.
104	.It Fl l Ar logfile
105	Use
106	.Ar logfile
107	as the logging file instead of
108	.Xr syslogd 8 .
109	.It Fl P Ar isakmp-natt-port
110	Use
111	.Ar isakmp-natt-port
112	for NAT-Traversal port-floating.
113	The default is 4500.
114	.It Fl p Ar isakmp-port
115	Listen to the ISAKMP key exchange on port
116	.Ar isakmp-port
117	instead of the default port number, 500.
118	.It Fl V
119	Print racoon version and compilation options and exit.
120	.It Fl v
121	This flag causes the packet dump be more verbose, with higher
122	debugging level.
123	.El
124	.Pp
125	.Nm
126	assumes the presence of the kernel random number device
127	.Xr rnd 4
128	at
129	.Pa /dev/urandom .
130	.\"
131	.Sh RETURN VALUES
132	The command exits with 0 on success, and non-zero on errors.
133	.\"
134	.Sh FILES
135	.Bl -tag -width /etc/racoon.conf -compact
136	.It Pa /etc/racoon.conf
137	default configuration file.
138	.El
139	.\"
140	.Sh SEE ALSO
141	.Xr ipsec 4 ,
142	.Xr racoon.conf 5 ,
143	.Xr syslog.conf 5 ,
144	.Xr setkey 8 ,
145	.Xr syslogd 8
146	.\"
147	.Sh HISTORY
148	The
149	.Nm
150	command first appeared in the
151	.Dq YIPS
152	Yokogawa IPsec implementation.
153	.\"
154	.Sh SECURITY CONSIDERATIONS
155	The use of IKE phase 1 aggressive mode is not recommended,
156	as described in
157	.Pa http://www.kb.cert.org/vuls/id/886601 .

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format