HP-UX IPSec version A.02.00 manpages
ipsec_admin(1M) ipsec_admin(1M)
(HP-UX IPSec Software Required)
-start
|
st
Starts the HP-UX IPSec subsystem, including all user-space daemons. If the configuration file
to be used does not have the correct version,
ipsec_admin
issues an error message and
exits. You can migrate the configuration file to the correct version using
ipsec_migrate
.
-stop
|sp
Stops the HP-UX IPSec subsystem, including all user-space daemons.
-status
|
s
Reports the current status of the HP-UX IPSec subsystem. The report displays the current
state of HP-UX IPSec (active or not active). If active,
ipsec_admin displays the status of
HP-UX IPSec daemons that are currently running. It also displays the current audit file and
any Level 4 tracing enabled.
-silentstatus
|
ss
Queries the current status of the HP-UX IPSec subsystem. If HP-UX IPSec is running and
responding,
ipsec_admin
returns a zero exit code to the shell; otherwise it returns a 1 exit
code to the shell.
-newpasswd|np
password
Changes the HP-UX IPSec password. The password must be at least 15 characters. HP-UX
IPSec does not have to be running when you change the password.
-audit|au
audit_directory
Specifies the HP-UX IPSec audit directory. HP-UX IPSec stores audit files in the audit direc-
tory. The default directory is
/var/adm/ipsec
.
This option is also valid with the
-start
option.
-auditlvl|al alert|error|warning|informative|debug
Changes the audit level for the HP-UX IPSec subsystem. The levels are shown in ascending
order. Higher audit levels include all lower levels. The default audit level is
error which
includes
alert
messages.
This option is also valid with the
-start
option.
A definition of each class follows.
alert
These messages include security violations and attacks, password violations, errors
that may prevent correct operation of the product, any error condition that is not
recoverable, authentication problems, significant changes in security parameters,
unknown message types, and changing of the HP-UX IPSec password or audit level.
error
These messages include recoverable error conditions, syntax errors, unsupported
features, bad packets, and unknown message types.
warning
These messages provide notification to the user about non-intrusive security events.
informative
These messages provide detailed event logging for troubleshooting purposes.
debug These messages provide very detailed event logging for debugging and troubleshoot-
ing purposes. The debug audit level generates many messages in the audit file.
-maxsize|ms
max_audit_file_size
Specifies the maximum size, in kilobytes, of an audit file before HP-UX IPSec creates a new
one. The default size is 100 kbytes.
This option is also valid with the
-start option.
-traceon|tn tcp | udp | igmp | all
Enables Level 4 tracing for TCP, UDP, or IGMP. If all is selected, all three protocols are
traced. ipsec_admin uses nettl to enable Level 4 tracing. Tracing output is directed to
/var/adm/ipsec/nettl.TRC000 and /var/adm/ipsec/nettl.TRC001 if nettl is
not already enabled for tracing. If it is, the trace file is the file already started by nettl. See
nettl (1M) for more information.
This option is also valid with the
-start option.
-traceoff|tf
Disables any Level 4 tracing enabled with the -traceon option.
2 Hewlett-Packard Company − 2 − HP-UX IPSec A.02.00