Annotation of embedaddon/ipsec-tools/src/racoon/racoon.8, revision 1.1
1.1 ! misho 1: .\" $NetBSD: racoon.8,v 1.12 2009/01/24 10:42:31 wiz Exp $
! 2: .\"
! 3: .\" Id: racoon.8,v 1.4 2005/04/18 11:07:55 manubsd Exp
! 4: .\"
! 5: .\" Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
! 6: .\" All rights reserved.
! 7: .\"
! 8: .\" Redistribution and use in source and binary forms, with or without
! 9: .\" modification, are permitted provided that the following conditions
! 10: .\" are met:
! 11: .\" 1. Redistributions of source code must retain the above copyright
! 12: .\" notice, this list of conditions and the following disclaimer.
! 13: .\" 2. Redistributions in binary form must reproduce the above copyright
! 14: .\" notice, this list of conditions and the following disclaimer in the
! 15: .\" documentation and/or other materials provided with the distribution.
! 16: .\" 3. Neither the name of the project nor the names of its contributors
! 17: .\" may be used to endorse or promote products derived from this software
! 18: .\" without specific prior written permission.
! 19: .\"
! 20: .\" THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
! 21: .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
! 22: .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
! 23: .\" ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
! 24: .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
! 25: .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
! 26: .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
! 27: .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
! 28: .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
! 29: .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
! 30: .\" SUCH DAMAGE.
! 31: .\"
! 32: .Dd January 23, 2009
! 33: .Dt RACOON 8
! 34: .Os
! 35: .\"
! 36: .Sh NAME
! 37: .Nm racoon
! 38: .Nd IKE (ISAKMP/Oakley) key management daemon
! 39: .\"
! 40: .Sh SYNOPSIS
! 41: .Nm racoon
! 42: .Bk -words
! 43: .Op Fl 46BdFLVv
! 44: .Ek
! 45: .Bk -words
! 46: .Op Fl f Ar configfile
! 47: .Ek
! 48: .Bk -words
! 49: .Op Fl l Ar logfile
! 50: .Ek
! 51: .Bk -words
! 52: .Op Fl P Ar isakmp-natt-port
! 53: .Ek
! 54: .Bk -words
! 55: .Op Fl p Ar isakmp-port
! 56: .Ek
! 57: .\"
! 58: .Sh DESCRIPTION
! 59: .Nm
! 60: speaks the IKE
! 61: .Pq ISAKMP/Oakley
! 62: key management protocol,
! 63: to establish security associations with other hosts.
! 64: The SPD
! 65: .Pq Security Policy Database
! 66: in the kernel usually triggers
! 67: .Nm .
! 68: .Nm
! 69: usually sends all informational messages, warnings and error messages to
! 70: .Xr syslogd 8
! 71: with the facility
! 72: .Dv LOG_DAEMON
! 73: and the priority
! 74: .Dv LOG_INFO .
! 75: Debugging messages are sent with the priority
! 76: .Dv LOG_DEBUG .
! 77: You should configure
! 78: .Xr syslog.conf 5
! 79: appropriately to see these messages.
! 80: .Bl -tag -width Ds
! 81: .It Fl 4
! 82: .It Fl 6
! 83: Specify the default address family for the sockets.
! 84: .It Fl B
! 85: Install SA(s) from the file which is specified in
! 86: .Xr racoon.conf 5 .
! 87: .It Fl d
! 88: Increase the debug level.
! 89: Multiple
! 90: .Fl d
! 91: arguments will increase the debug level even more.
! 92: .It Fl F
! 93: Run
! 94: .Nm
! 95: in the foreground.
! 96: .It Fl f Ar configfile
! 97: Use
! 98: .Ar configfile
! 99: as the configuration file instead of the default.
! 100: .It Fl L
! 101: Include
! 102: .Ar file_name:line_number:function_name
! 103: in all messages.
! 104: .It Fl l Ar logfile
! 105: Use
! 106: .Ar logfile
! 107: as the logging file instead of
! 108: .Xr syslogd 8 .
! 109: .It Fl P Ar isakmp-natt-port
! 110: Use
! 111: .Ar isakmp-natt-port
! 112: for NAT-Traversal port-floating.
! 113: The default is 4500.
! 114: .It Fl p Ar isakmp-port
! 115: Listen to the ISAKMP key exchange on port
! 116: .Ar isakmp-port
! 117: instead of the default port number, 500.
! 118: .It Fl V
! 119: Print racoon version and compilation options and exit.
! 120: .It Fl v
! 121: This flag causes the packet dump be more verbose, with higher
! 122: debugging level.
! 123: .El
! 124: .Pp
! 125: .Nm
! 126: assumes the presence of the kernel random number device
! 127: .Xr rnd 4
! 128: at
! 129: .Pa /dev/urandom .
! 130: .\"
! 131: .Sh RETURN VALUES
! 132: The command exits with 0 on success, and non-zero on errors.
! 133: .\"
! 134: .Sh FILES
! 135: .Bl -tag -width /etc/racoon.conf -compact
! 136: .It Pa /etc/racoon.conf
! 137: default configuration file.
! 138: .El
! 139: .\"
! 140: .Sh SEE ALSO
! 141: .Xr ipsec 4 ,
! 142: .Xr racoon.conf 5 ,
! 143: .Xr syslog.conf 5 ,
! 144: .Xr setkey 8 ,
! 145: .Xr syslogd 8
! 146: .\"
! 147: .Sh HISTORY
! 148: The
! 149: .Nm
! 150: command first appeared in the
! 151: .Dq YIPS
! 152: Yokogawa IPsec implementation.
! 153: .\"
! 154: .Sh SECURITY CONSIDERATIONS
! 155: The use of IKE phase 1 aggressive mode is not recommended,
! 156: as described in
! 157: .Pa http://www.kb.cert.org/vuls/id/886601 .
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to racoon.8 CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / ipsec-tools / src / racoon