Content-type: text/html
/proc/net/ipsec_klipsdebug lists flags that control various parts of the debugging output of KLIPS and MAST, two of the IPsec stacks supported by Openswan. At this point it is a read-only file.
The variable names roughly describe the scope of the debugging variable. Currently, no flags are documented or individually accessible yet except tunnel-xmit.
The variable names are:
All KLIPS debug output appears as kernel.info messages to syslogd(8). Most systems are set up to log these messages to /var/log/messages.
debug_tunnel=00000010. debug_netlink=00000000. debug_xform=00000000. debug_eroute=00000000. debug_spi=00000000. debug_radij=00000000. debug_esp=00000000. debug_ah=00000000. debug_rcv=00000000. debug_pfkey=ffffffff.
means that one tunnel flag has been set (tunnel-xmit), full pfkey sockets debugging has been set and everything else is not set.
/proc/net/ipsec_klipsdebug, /usr/bin/ipsec
ipsec(8), ipsec_manual(8), ipsec_tncfg(8), ipsec_eroute(8), ipsec_spi(8), ipsec_spigrp(8), ipsec_klipsdebug(5), ipsec_version(5), ipsec_pf_key(5)
Written for the Linux FreeS/WAN project <http://www.freeswan.org/: http://www.freeswan.org/> by Richard Guy Briggs.