is used to control
operation, if ipsec-tools was configured with adminport support.
is done through a UNIX socket.
By changing the default mode and ownership
of the socket, you can allow non-root users to alter
behavior, so do that with caution.
The following commands are available:
This should cause
to reload its configuration file.
Dump the SA: All the SAs if no SA class is provided, or either ISAKMP SAs,
IPsec ESP SAs, IPsec AH SAs, or all IPsec SAs.
to increase verbosity.
is used to flush all SAs if no SA class is provided, or a class of SAs,
either ISAKMP SAs, IPsec ESP SAs, IPsec AH SAs, or all IPsec SAs.
Establish an SA, either an ISAKMP SA, IPsec ESP SA, or IPsec AH SA.
can be used when establishing an ISAKMP SA while hybrid auth is in use.
will prompt you for the password associated with
and these credentials will be used in the Xauth exchange.