[Openswan Users] the status of the IPSec SA
Paul Wouters
paul at xelerance.com
Mon Sep 7 14:26:43 EDT 2009
On Mon, 7 Sep 2009, weiruyao wrote:
> I know the status of the IPSec SA can be got from the
> /proc/net/ipsec_spi.But I use NETKEY, so this file doesn't exist.Have
> this issue been fixed?
There is no "fix" as the netkey stack just does not use that file.
> If not ,is there another way to show me the status of the IPSec SA.Can
> setkey do the task?
remove setkey. Its an old tool that should not be used at all. Instead
use:
ip xfrm policy
ip xfrm state
Paul
More information about the Users
mailing list