1IPSEC_PF_KEY(5) Executable programs IPSEC_PF_KEY(5)
2
3
4
6 ipsec_pf_key - lists PF_KEY sockets registered with KLIPS
7
9 cat /proc/net/pf_key
10
12 Note that pf_key is only supported on the KLIPS and MAST stacks. It is
13 not supported on any other stack.
14
16 /proc/net/pf_key is a read-only file that lists the presently open
17 PF_KEY sockets on the local system and their parameters.
18
19 Each line lists one PF_KEY socket. A table entry consists of:
20
21 +
22 sock pointer (sock)
23
24 +
25 PID of the socket owner (pid)
26
27 +
28 flag to indicate if the socket is dead (d)
29
30 +
31 socket wait queue (sleep)
32
33 +
34 socket pointer (socket)
35
36 +
37 next socket in chain (next)
38
39 +
40 previous socket in chain (prev)
41
42 +
43 last socket error (e)
44
45 +
46 pointer to destruct routine (destruct)
47
48 +
49 is this a reused socket (r)
50
51 +
52 has this socket been zapped (z)
53
54 +
55 socket family to which this socket belongs (fa)
56
57 +
58 local port number (n)
59
60 +
61 protocol version number (p)
62
63 +
64 Receive queue bytes committed (r)
65
66 +
67 Transmit queue bytes committed (w)
68
69 +
70 option memory allocations (o)
71
72 +
73 size of send buffer in bytes (sndbf)
74
75 +
76 timestamp in seconds (stamp)
77
78 +
79 socket flags (Flags)
80
81 +
82 socket type (Type)
83
84 +
85 connection state (St)
86
88 c3b8c140 3553 0 c0599818 c05997fc 0 0 0 0 1 0 15 0 2 0 0 0 65535
89 0.103232 00000000 00000003 01
90
91 shows that there is one pf_key socket set up that starts at c3b8c140,
92 whose owning process has PID 3553, the socket is not dead, its wait
93 queue is at c0599818, whose owning socket is at c05997fc, with no other
94 sockets in the chain, no errors, no destructor, it is a reused socket
95 that has not been zapped, from protocol family 15 (PF_KEY), local port
96 number 0, protocol socket version 2, no memory allocated to transmit,
97 receive or option queues, a send buffer of almost 64kB, a timestamp of
98 0.103232, no flags set, type 3, in state 1.
99
101 /proc/net/pf_key
102
104 ipsec(8), ipsec_eroute(5), ipsec_spi(5), ipsec_spigrp(5),
105 ipsec_klipsdebug(5), ipsec_tncfg(8), ipsec_version(5)
106
108 Written for the Linux FreeS/WAN project <http://www.freeswan.org/> by
109 Richard Guy Briggs.
110
112 Paul Wouters
113 placeholder to suppress warning
114
115
116
117libreswan 02/01/2019 IPSEC_PF_KEY(5)