Content-type: text/html

<HTML><HEAD><TITLE>Manpage of IPSEC_BARF</TITLE>
</HEAD><BODY>
<H1>IPSEC_BARF</H1>
Section: Maintenance Commands (8)<BR>Updated: 31 May 2001<BR><A HREF="#index">Index</A>
<A HREF="http://localhost/cgi-bin/man/man2html">Return to Main Contents</A><HR>


<A NAME="lbAB">&nbsp;</A>
<H2>NAME</H2>

ipsec barf - spew out collected IPsec debugging information
<BR>

ipsec look - show minimal debugging information
<A NAME="lbAC">&nbsp;</A>
<H2>SYNOPSIS</H2>

<B>ipsec</B>

<B>barf</B>

[
<B>--short</B>

]
<P>
<B>ipsec</B>

<B>look</B>

<A NAME="lbAD">&nbsp;</A>
<H2>DESCRIPTION</H2>

<I>Barf</I>

outputs (on standard output) a collection of debugging information
(contents of files, selections from logs, etc.)
related to the IPsec encryption/authentication system.
It is primarily a convenience for remote debugging,
a single command which packages up (and labels) all information
that might be relevant to diagnosing a problem in IPsec.
<P>

<I>Look</I>

outputs a minimal subset of this,
intended as a quick look at current connections and related information,
in a somewhat less self-explanatory format optimized for terseness.
<P>

The
<B>--short</B>

option limits the length of
the log portion of
<I>barf</I>'s

output, which can otherwise be extremely voluminous
if debug logging is turned on.
<P>

<I>Barf</I>

censors its output,
replacing keys
and secrets with brief checksums to avoid revealing sensitive information.
<I>Look</I>

output does not contain such information.
<P>

Beware that the output of both commands is aimed at humans,
not programs,
and the output format is subject to change without warning.
<A NAME="lbAE">&nbsp;</A>
<H2>FILES</H2>

<PRE>
/proc/net/*
/var/log/*
/etc/ipsec.conf
/etc/ipsec.secrets
</PRE>

<A NAME="lbAF">&nbsp;</A>
<H2>HISTORY</H2>

Written for the Linux FreeS/WAN project
&lt;<A HREF="http://www.freeswan.org">http://www.freeswan.org</A>&gt;
by Henry Spencer.
<A NAME="lbAG">&nbsp;</A>
<H2>BUGS</H2>

<I>Barf</I>

uses heuristics to try to pick relevant material out of the logs,
and relevant messages
which are not labelled with any of the tags that
<I>barf</I>

looks for will be lost.
We think we've eliminated the last such case, but one never knows...
<P>

Finding
<I>updown</I>

scripts (so they can be included in output) is, in general, difficult.
<I>Barf</I>

uses a very simple heuristic that is easily fooled.
<P>

<HR>
<A NAME="index">&nbsp;</A><H2>Index</H2>
<DL>
<DT><A HREF="#lbAB">NAME</A><DD>
<DT><A HREF="#lbAC">SYNOPSIS</A><DD>
<DT><A HREF="#lbAD">DESCRIPTION</A><DD>
<DT><A HREF="#lbAE">FILES</A><DD>
<DT><A HREF="#lbAF">HISTORY</A><DD>
<DT><A HREF="#lbAG">BUGS</A><DD>
</DL>
<HR>
This document was created by
<A HREF="http://localhost/cgi-bin/man/man2html">man2html</A>,
using the manual pages.<BR>
Time: 05:09:31 GMT, June 19, 2001
</BODY>
</HTML>