1IPSEC_PF_KEY(5) IPSEC_PF_KEY(5)
2
3
4
6 ipsec_pf_key - lists PF_KEY sockets registered with KLIPS
7
9 cat /proc/net/pf_key
10
11
13 Note that pf_key is only supported on the KLIPS and MAST stacks. It is
14 not supported on any other stack.
15
16
18 /proc/net/pf_key is a read-only file which lists the presently open
19 PF_KEY sockets on the local system and their parameters.
20
21
22 Each line lists one PF_KEY socket. A table entry consists of:
23
24
25 + sock pointer (sock)
26
27
28 + PID of the socket owner (pid)
29
30
31 + flag to indicate if the socket is dead (d)
32
33
34 + socket wait queue (sleep)
35
36
37 + socket pointer (socket)
38
39
40 + next socket in chain (next)
41
42
43 + previous socket in chain (prev)
44
45
46 + last socket error (e)
47
48
49 + pointer to destruct routine (destruct)
50
51
52 + is this a reused socket (r)
53
54
55 + has this socket been zapped (z)
56
57
58 + socket family to which this socket belongs (fa)
59
60
61 + local port number (n)
62
63
64 + protocol version number (p)
65
66
67 + Receive queue bytes committed (r)
68
69
70 + Transmit queue bytes committed (w)
71
72
73 + option memory allocations (o)
74
75
76 + size of send buffer in bytes (sndbf)
77
78
79 + timestamp in seconds (stamp)
80
81
82 + socket flags (Flags)
83
84
85 + socket type (Type)
86
87
88 + connection state (St)
89
90
92 c3b8c140 3553 0 c0599818 c05997fc 0 0 0 0 1 0 15 0 2 0 0 0 65535
93 0.103232 00000000 00000003 01
94
95
96
97 shows that there is one pf_key socket set up that starts at c3b8c140,
98 whose owning process has PID 3553, the socket is not dead, its wait
99 queue is at c0599818, whose owning socket is at c05997fc, with no other
100 sockets in the chain, no errors, no destructor, it is a reused socket
101 which has not been zapped, from protocol family 15 (PF_KEY), local port
102 number 0, protocol socket version 2, no memory allocated to transmit,
103 receive or option queues, a send buffer of almost 64kB, a timestamp of
104 0.103232, no flags set, type 3, in state 1.
105
106
108 /proc/net/pf_key
109
110
112 ipsec(8), ipsec_manual(8), ipsec_eroute(5), ipsec_spi(5), ipsec_spi‐
113 grp(5), ipsec_klipsdebug(5), ipsec_tncfg(8), ipsec_version(5)
114
115
117 Written for the Linux FreeS/WAN project <http://www.freeswan.org/:
118 http://www.freeswan.org/> by Richard Guy Briggs.
119
120
121
122
123 IPSEC_PF_KEY(5)