COMMAND-LINE REFERENCE

This appendix is intended to outline some useful commands which can be run from a Linux shell. You must either be logged onto the console or SSH'd into the machine as root to run these commands.

# ipsec whack -status 

This command dumps diagnostic information to the screen. The output of this command is very good to include when requesting support from Guardian Digital, Inc.

# ipsec barf 

This command dumps gracious amounts of debugging and diagnostic information to the screen. The output of this command is very good to include when requesting support from Guardian Digital, Inc.

Warning: The output from this command may get very large, so if you are planning on e-mailing it to somebody you may want to compress it:

# ipsec barf > my-ipsec-barf-output 

# gzip -9 my-ipsec-barf-output

# ipsec look 

This command shows the IPsec routing table and, if any VPN's are up, what tunnels they map to. The output is rather cryptic and hard to read if you are not familiar with IPsec concepts and protocols.

# ipsec auto -up <name> 

This command tries to bring the VPN <name> up. <name> should be the name of a Remote Security Gateway. For example, to bring up the VPN foo-bar-rsa:

# ipsec auto -up foo-bar-rsa

If the VPN is successfully established you should see a line saying "IPsec SA established".

# ipsec auto -down <name>

This command tries to bring the VPN <name> down. <name> should be the name of a Remote Security Gateway. For example, to bring down the VPN foo-bar-rsa:

# ipsec auto -down foo-bar-rsa

This command generates no output.

# /etc/init.d/ipsec { start | stop | restart } 

This command may be used to start, stop, or restart the IPsec subsystem.