HP-UX IPSec version A.02.00 manpages

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software

ipsec_report(1M) ipsec_report(1M)

(IPSec Software Required)

Network Protocol: TCP Direction: inbound

Action: Dynamic key SA FLAGS: EXCLUSIVE

Proposal 1: Transform: ESP-AES128-HMAC-SHA1

Lifetime Seconds: 28800

Lifetime Kbytes: 0

-------------------

Active Host Policy Rule ---------------------

Rule Name: default ID: 1 Cookie: 1

Action: Pass

REPORT: ipsec_report -host conﬁgured

The

-host configured

option displays information about the host IPSec Policies that were conﬁgured

by the IPSec administrator and loaded by the IPSec Policy daemon. For each host IPSec Policy the Policy

daemon creates one or more pairs of active rules: one inbound rule and one outbound rule.

The

ipsec_report -host configured

command produces the following report:

-----------------

Configured Host Policy Rule -------------------

Rule Name: telnet_in ID: 3 Priority: 10

Src IP Addr: 192.1.1.1 Prefix: 32 Port number: 23

Dst IP Addr: 192.1.1.0 Prefix: 24 Port number: 0

Network Protocol: TCP Action: Dynamic key SA

FLAGS: EXCLUSIVE

Number of SA(s) Needed: 1 Pair(s)

Proposal 1: Transform: ESP-AES128-HMAC-SHA1

Lifetime Seconds: 28800

Lifetime Kbytes: 0

----------------- Configured Host Policy Rule -------------------

Rule Name: default ID: 1 Action: Pass

REPORT: ipsec_report -bypass

The

-bypass option displays the local IP addresses conﬁgured in the bypass list.

--------------------- Configured Bypass IP List ---------------------

IP Address: 192.2.2.1

REPORT: ipsec_report -ip

The

-ip option displays the active IP interfaces in the system (the interfaces conﬁgured with non-zero IP

addresses in the system, up or down).

Fields are deﬁned as follows:

Interface Name

The interface name, including the index. An asterisk (*) after the interface name indicates

that the interface is conﬁgured but has been marked down (for example, because the

ifconfig interface_name

down command was issued).

Address

The IP Address of the interface.

IPSec

The value indicates if HP-UX IPSec is in use for this interface.

On means that HP-UX IPSec is

applied to this interface.

Off means that HP-UX IPSec bypasses, or ignores this interface.

The

ipsec_report -ip

produces the following report:

--------------------------- System Configured Interface --------------

Interface Name: lan0 Address: 192.1.1.1

IPSec: On

--------------------------- System Configured Interface -------------

Interface Name: lan1 Address: 192.2.2.1

IPSec: Off

--------------------------- System Configured Interface ------------

Interface Name: lan0:1* Address: 192.1.3.3

HP-UX IPSec A.02.00 − 5 − Hewlett-Packard Company 45