[Openswan Users] Tunnel keeps up, but traffic is not sent.
Paul Wouters
paul at xelerance.com
Mon Jan 16 19:14:33 CET 2006
On Mon, 16 Jan 2006, Radek Antoniuk wrote:
> Julio Cesar Gazquez wrote:
> > plutodebug = "control parsing emitting natt"
>
> Just being curious, how did you invent these values for plutodebug??
> It's not documented in fact and it would be useful to know such things ;)
man ipsec.conf says:
plutodebug how much Pluto debugging output should be logged. An
empty value, or the magic value none, means no debugging
output (the default). The magic value all means full
output. Otherwise only the specified types of output (a
quoted list, names without the --debug- prefix, separated
by white space) are enabled; for details on available
debugging types, see ipsec_pluto(8).
man ipsec_pluto says:
SYNOPSIS
ipsec pluto [--help] [--version] [--optionsfrom filename] [--nofork]
[--stderrlog] [--noklips] [--uniqueids] [--interface
interfacename] [--ikeport portnumber] [--ctlbase path]
[--secretsfile secrets-file] [--adns pathname] [--lwdnsq
pathname] [--perpeerlog] [--perpeerlogbase dirname]
[--ipsecdir dirname] [--coredir dirname] [--noretransmits]
[--debug-none] [--debug-all] [--debug-raw] [--debug-crypt]
[--debug-parsing] [--debug-emitting] [--debug-control]
[--debug-lifecycle] [--debug-klips] [--debug-dns] [--debug-oppo]
[--debug-private]
Note that the man page does need updating, because there is also --debug-natt
these days. And I believe --debug-dpd
Paul
More information about the Users
mailing list