diff options
author | shin <shin@FreeBSD.org> | 2000-03-12 16:37:25 +0000 |
---|---|---|
committer | shin <shin@FreeBSD.org> | 2000-03-12 16:37:25 +0000 |
commit | 121378791cc5cb702ae931a926a535151fd49e6d (patch) | |
tree | ccad52f4b8217e80ffc280fa23de84dd749f9d8b | |
parent | 1c9224ffb1184af00a3bc91753acb680706fe414 (diff) | |
download | FreeBSD-src-121378791cc5cb702ae931a926a535151fd49e6d.zip FreeBSD-src-121378791cc5cb702ae931a926a535151fd49e6d.tar.gz |
Merge from KAME. Basically man doc improvement and contents fix.
Obtained from: KAME project
-rw-r--r-- | share/man/man4/ipsec.4 | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/share/man/man4/ipsec.4 b/share/man/man4/ipsec.4 index acba715..a30c3b9 100644 --- a/share/man/man4/ipsec.4 +++ b/share/man/man4/ipsec.4 @@ -65,10 +65,10 @@ Transport mode is for protecting peer-to-peer commuication between end nodes. Tunnel mode includes IP-in-IP encapsulation operation and is designed for security gateways, like VPN configurations. .\" -.Sh KERNEL INTERFACE +.Ss Kernel interface .Nm -is controlled by key management engine, and policy engine in the -operating system kernel. +is controlled by key management engine and policy engine, +in the operating system kernel. .Pp Key management engine can be accessed from the userland by using .Dv PF_KEY @@ -100,7 +100,7 @@ That should be implemented as userland programs .Pq usually as daemons , by using the above described APIs. .\" -.Sh POLICY MANAGEMENT +.Ss Policy management The kernel implements experimental policy management code. You can manage the IPsec policy in two ways. One is to configure per-socket policy using @@ -207,16 +207,22 @@ routines from looking into IP payload. .Xr ip6 4 , .Xr setkey 8 , .Xr sysctl 8 , -.Xr racoon 8 . +.Xr racoon 8 .Pp .Rs -.%T RFC2367 +.%A Daniel L. McDonald +.%A Craig Metz +.%A Bao G. Phan +.%T "PF_KEY Key Management API, Version 2" +.%R RFC +.%N 2367 .Re .Rs .%A "D. L. McDonald" .%T "A Simple IP Security API Extension to BSD Sockets" +.%R internet draft .%N "draft-mcdonald-simple-ipsec-api-03.txt" -.%O "internet draft" +.%O work in progress material .Re .Sh CAVEAT The IPsec support is subject to change as the IPsec protocols develop. |