1IPSEC_VERIFY(8) [FIXME: manual] IPSEC_VERIFY(8)
2
6 ipsec_verify - see if FreeSWAN has been installed correctly
7
9 ipsec verify [--host name]
10
12 Invoked without argument, verify examines the local system for a number
13 of common system faults: IPsec not in path, no secrets file generated,
14 pluto not running, and IPsec support not present in kernel (or IPsec
15 module not loaded). If two or more interfaces are found, it performs
16 checks relevant on an IPsec gateway: whether IP forwarding is allowed,
17 and if so, whether MASQ or NAT rules are in play.
18 In addition, verify performs checks relevant to Opportunistic
20 Encryption. It looks in forward DNS for a TXT record for the system´s
21 hostname, and in reverse DNS for a TXT record for the system´s IP
22 addresses. It checks whether the system has a public IP.
23 The --host option causes verify to look for a TXT record for name in
25 forward and reverse DNS.
26
28 /proc/net/ipsec_eroute
29 /etc/ipsec.secrets
30
32 Written for the Linux FreeS/WAN project <http://www.freeswan.org> by
33 Michael Richardson.
34
36 Verify does not check for ipchains masquerading.
37 Verify does not look for TXT records for Opportunistic clients behind
39 the system.
40[FIXME: source] 10/06/2010 IPSEC_VERIFY(8)