[Openswan Users] the status of the IPSec SA

Paul Wouters paul at xelerance.com
Mon Sep 7 14:26:43 EDT 2009

On Mon, 7 Sep 2009, weiruyao wrote:

> I know the status of the IPSec SA can be got from the
> /proc/net/ipsec_spi.But I use NETKEY, so this file doesn't exist.Have
> this issue been fixed?
There is no "fix" as the netkey stack just does not use that file.

> If not ,is there another way to show me the status of the IPSec SA.Can
> setkey do the task?

remove setkey. Its an old tool that should not be used at all. Instead

ip xfrm policy
ip xfrm state


More information about the Users mailing list