| ipsec.4 (171696) | ipsec.4 (171732) |
|---|---|
| 1.\" $KAME: ipsec.4,v 1.17 2001/06/27 15:25:10 itojun Exp $ 2.\" 3.\" Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 4.\" All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: --- 13 unchanged lines hidden (view full) --- 22.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28.\" SUCH DAMAGE. 29.\" | 1.\" $KAME: ipsec.4,v 1.17 2001/06/27 15:25:10 itojun Exp $ 2.\" 3.\" Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 4.\" All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: --- 13 unchanged lines hidden (view full) --- 22.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28.\" SUCH DAMAGE. 29.\" |
| 30.\" $FreeBSD: head/share/man/man4/ipsec.4 171696 2007-08-02 08:04:48Z bz $ | 30.\" $FreeBSD: head/share/man/man4/ipsec.4 171732 2007-08-05 16:16:15Z bz $ |
| 31.\" | 31.\" |
| 32.Dd August 1, 2007 | 32.Dd August 5, 2007 |
| 33.Dt IPSEC 4 34.Os 35.Sh NAME 36.Nm IPsec 37.Nd Internet Protocol Security protocol 38.Sh SYNOPSIS 39.Cd "options IPSEC" | 33.Dt IPSEC 4 34.Os 35.Sh NAME 36.Nm IPsec 37.Nd Internet Protocol Security protocol 38.Sh SYNOPSIS 39.Cd "options IPSEC" |
| 40.Cd "options IPSEC_FILTERGIF" | 40.Cd "options IPSEC_FILTERTUNNEL" |
| 41.Cd "device crypto" 42.Pp 43.In sys/types.h 44.In netinet/in.h 45.In netipsec/ipsec.h 46.In netipsec/ipsec6.h 47.Sh DESCRIPTION 48.Nm --- 35 unchanged lines hidden (view full) --- 84.Xr enc 4 85interface, 86to perform packet filtering before outbound encryption and after decapsulation 87inbound. 88.Pp 89To properly filter on the inner packets of an 90.Nm 91tunnel with firewalls, add | 41.Cd "device crypto" 42.Pp 43.In sys/types.h 44.In netinet/in.h 45.In netipsec/ipsec.h 46.In netipsec/ipsec6.h 47.Sh DESCRIPTION 48.Nm --- 35 unchanged lines hidden (view full) --- 84.Xr enc 4 85interface, 86to perform packet filtering before outbound encryption and after decapsulation 87inbound. 88.Pp 89To properly filter on the inner packets of an 90.Nm 91tunnel with firewalls, add |
| 92.Cd "options IPSEC_FILTERGIF" | 92.Cd "options IPSEC_FILTERTUNNEL" |
| 93to the kernel configuration file. 94.\" 95.Ss Kernel interface 96.Nm 97is controlled by a key management and policy engine, 98that reside in the operating system kernel. 99Key management 100is the process of associating keys with security associations, also --- 311 unchanged lines hidden --- | 93to the kernel configuration file. 94.\" 95.Ss Kernel interface 96.Nm 97is controlled by a key management and policy engine, 98that reside in the operating system kernel. 99Key management 100is the process of associating keys with security associations, also --- 311 unchanged lines hidden --- |