[Openswan Users] Ipsec connection

Paul Wouters paul at xelerance.com
Tue Nov 27 11:46:24 EST 2007

On Tue, 27 Nov 2007, Ansa Ahammed wrote:

> Is there any command to get the information about the currently active
> IPSEC connections
> and also
> -- Number of Bytes received
> -- Number of Bytes Sent
> -- Number of packets encrypted
> -- Number of packets decrypted
> -- Number of packets discarded
> -- Number of packets Bypassed

For KLIPS, check ifconfig statistics on ipsecX interfaces, and various files
in /proc/net/ipsec/ and /proc/net/pf_key

For NETKEY, use the completely undocumented features of "ip xfrm". There are
also a few xfrm_* files in /proc/sys/net/core/ and /proc/net/pfkey

Pluto might also know some things you want to know, see ipsec auto --listall
and/or ipsec auto --status.


More information about the Users mailing list