Annotation of embedaddon/ipsec-tools/src/racoon/racoon.8, revision 1.1.1.1
1.1 misho 1: .\" $NetBSD: racoon.8,v 1.12 2009/01/24 10:42:31 wiz Exp $
2: .\"
3: .\" Id: racoon.8,v 1.4 2005/04/18 11:07:55 manubsd Exp
4: .\"
5: .\" Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
6: .\" All rights reserved.
7: .\"
8: .\" Redistribution and use in source and binary forms, with or without
9: .\" modification, are permitted provided that the following conditions
10: .\" are met:
11: .\" 1. Redistributions of source code must retain the above copyright
12: .\" notice, this list of conditions and the following disclaimer.
13: .\" 2. Redistributions in binary form must reproduce the above copyright
14: .\" notice, this list of conditions and the following disclaimer in the
15: .\" documentation and/or other materials provided with the distribution.
16: .\" 3. Neither the name of the project nor the names of its contributors
17: .\" may be used to endorse or promote products derived from this software
18: .\" without specific prior written permission.
19: .\"
20: .\" THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
21: .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22: .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23: .\" ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
24: .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25: .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26: .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27: .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28: .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29: .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30: .\" SUCH DAMAGE.
31: .\"
32: .Dd January 23, 2009
33: .Dt RACOON 8
34: .Os
35: .\"
36: .Sh NAME
37: .Nm racoon
38: .Nd IKE (ISAKMP/Oakley) key management daemon
39: .\"
40: .Sh SYNOPSIS
41: .Nm racoon
42: .Bk -words
43: .Op Fl 46BdFLVv
44: .Ek
45: .Bk -words
46: .Op Fl f Ar configfile
47: .Ek
48: .Bk -words
49: .Op Fl l Ar logfile
50: .Ek
51: .Bk -words
52: .Op Fl P Ar isakmp-natt-port
53: .Ek
54: .Bk -words
55: .Op Fl p Ar isakmp-port
56: .Ek
57: .\"
58: .Sh DESCRIPTION
59: .Nm
60: speaks the IKE
61: .Pq ISAKMP/Oakley
62: key management protocol,
63: to establish security associations with other hosts.
64: The SPD
65: .Pq Security Policy Database
66: in the kernel usually triggers
67: .Nm .
68: .Nm
69: usually sends all informational messages, warnings and error messages to
70: .Xr syslogd 8
71: with the facility
72: .Dv LOG_DAEMON
73: and the priority
74: .Dv LOG_INFO .
75: Debugging messages are sent with the priority
76: .Dv LOG_DEBUG .
77: You should configure
78: .Xr syslog.conf 5
79: appropriately to see these messages.
80: .Bl -tag -width Ds
81: .It Fl 4
82: .It Fl 6
83: Specify the default address family for the sockets.
84: .It Fl B
85: Install SA(s) from the file which is specified in
86: .Xr racoon.conf 5 .
87: .It Fl d
88: Increase the debug level.
89: Multiple
90: .Fl d
91: arguments will increase the debug level even more.
92: .It Fl F
93: Run
94: .Nm
95: in the foreground.
96: .It Fl f Ar configfile
97: Use
98: .Ar configfile
99: as the configuration file instead of the default.
100: .It Fl L
101: Include
102: .Ar file_name:line_number:function_name
103: in all messages.
104: .It Fl l Ar logfile
105: Use
106: .Ar logfile
107: as the logging file instead of
108: .Xr syslogd 8 .
109: .It Fl P Ar isakmp-natt-port
110: Use
111: .Ar isakmp-natt-port
112: for NAT-Traversal port-floating.
113: The default is 4500.
114: .It Fl p Ar isakmp-port
115: Listen to the ISAKMP key exchange on port
116: .Ar isakmp-port
117: instead of the default port number, 500.
118: .It Fl V
119: Print racoon version and compilation options and exit.
120: .It Fl v
121: This flag causes the packet dump be more verbose, with higher
122: debugging level.
123: .El
124: .Pp
125: .Nm
126: assumes the presence of the kernel random number device
127: .Xr rnd 4
128: at
129: .Pa /dev/urandom .
130: .\"
131: .Sh RETURN VALUES
132: The command exits with 0 on success, and non-zero on errors.
133: .\"
134: .Sh FILES
135: .Bl -tag -width /etc/racoon.conf -compact
136: .It Pa /etc/racoon.conf
137: default configuration file.
138: .El
139: .\"
140: .Sh SEE ALSO
141: .Xr ipsec 4 ,
142: .Xr racoon.conf 5 ,
143: .Xr syslog.conf 5 ,
144: .Xr setkey 8 ,
145: .Xr syslogd 8
146: .\"
147: .Sh HISTORY
148: The
149: .Nm
150: command first appeared in the
151: .Dq YIPS
152: Yokogawa IPsec implementation.
153: .\"
154: .Sh SECURITY CONSIDERATIONS
155: The use of IKE phase 1 aggressive mode is not recommended,
156: as described in
157: .Pa http://www.kb.cert.org/vuls/id/886601 .
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to racoon.8 CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / ipsec-tools / src / racoon