1IPSEC_PF_KEY(5)                                                IPSEC_PF_KEY(5)
2
3
4

NAME

6       ipsec_pf_key - lists PF_KEY sockets registered with KLIPS
7

SYNOPSIS

9       cat /proc/net/pf_key
10
11

STACK

13       Note  that pf_key is only supported on the KLIPS and MAST stacks. It is
14       not supported on any other stack.
15
16

DESCRIPTION

18       /proc/net/pf_key is a read-only file which  lists  the  presently  open
19       PF_KEY sockets on the local system and their parameters.
20
21
22       Each line lists one PF_KEY socket. A table entry consists of:
23
24
25       +      sock pointer (sock)
26
27
28       +      PID of the socket owner (pid)
29
30
31       +      flag to indicate if the socket is dead (d)
32
33
34       +      socket wait queue (sleep)
35
36
37       +      socket pointer (socket)
38
39
40       +      next socket in chain (next)
41
42
43       +      previous socket in chain (prev)
44
45
46       +      last socket error (e)
47
48
49       +      pointer to destruct routine (destruct)
50
51
52       +      is this a reused socket (r)
53
54
55       +      has this socket been zapped (z)
56
57
58       +      socket family to which this socket belongs (fa)
59
60
61       +      local port number (n)
62
63
64       +      protocol version number (p)
65
66
67       +      Receive queue bytes committed (r)
68
69
70       +      Transmit queue bytes committed (w)
71
72
73       +      option memory allocations (o)
74
75
76       +      size of send buffer in bytes (sndbf)
77
78
79       +      timestamp in seconds (stamp)
80
81
82       +      socket flags (Flags)
83
84
85       +      socket type (Type)
86
87
88       +      connection state (St)
89
90

EXAMPLES

92       c3b8c140  3553  0  c0599818  c05997fc  0  0  0 0 1 0 15 0 2 0 0 0 65535
93       0.103232 00000000 00000003 01
94
95
96
97       shows that there is one pf_key socket set up that starts  at  c3b8c140,
98       whose  owning  process  has  PID 3553, the socket is not dead, its wait
99       queue is at c0599818, whose owning socket is at c05997fc, with no other
100       sockets  in  the chain, no errors, no destructor, it is a reused socket
101       which has not been zapped, from protocol family 15 (PF_KEY), local port
102       number  0,  protocol socket version 2, no memory allocated to transmit,
103       receive or option queues, a send buffer of almost 64kB, a timestamp  of
104       0.103232, no flags set, type 3, in state 1.
105
106

FILES

108       /proc/net/pf_key
109
110

SEE ALSO

112       ipsec(8),  ipsec_manual(8),  ipsec_eroute(5),  ipsec_spi(5), ipsec_spi‐
113       grp(5), ipsec_klipsdebug(5), ipsec_tncfg(8), ipsec_version(5)
114
115

HISTORY

117       Written for  the  Linux  FreeS/WAN  project  <http://www.freeswan.org/:
118       http://www.freeswan.org/> by Richard Guy Briggs.
119
120
121
122
123                                                               IPSEC_PF_KEY(5)
Impressum