Luthienstar Networks Wiki

User Tools

Site Tools

Trace: policy
docs:ipsec:policy

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
docs:ipsec:policy [2013/09/27 12:39] rootdocs:ipsec:policy [2013/09/27 12:57] (current) root
Line 2: Line 2:
  
 ===== Policy Format ===== ===== Policy Format =====
-Policy format for IPSec is **protocol mode src dst [/level]**.+Policy format is **__direction__ [__priority__ __specification__] __policy__** 
 +  * ''discard'' means that packets will be dropped if they match the policy. 
 +  * ''entrust'' means to consult the SPD defined by setkey(8). 
 +  * ''bypass'' means to bypass the IPsec processing.  (the packet will be transmitted in clear).  This is for privileged sockets. 
 +  * ''ipsec'' means that the matching packets are subject to IPsec processing.  ipsec can be followed by one or more **request** strings, which are formatted as below: 
 + 
 +===== Request Format ===== 
 +Request format for IPSec is **__protocol__ __mode__ __src__ __dst__ [/ __level__]**.
  
   * **protocol** is either ''ah'', ''esp'', or ''ipcomp''.   * **protocol** is either ''ah'', ''esp'', or ''ipcomp''.
docs/ipsec/policy.1380278360.txt.gz · Last modified: 2013/09/27 12:39 by root
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki