matthias
/
iproute2
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

xfrm: revise man page and document ip xfrm policy set 

- document ip xfrm policy set
- update ip xfrm monitor documentation
- in DESCRIPTION section, reorganize grouping of commands

Signed-off-by: Christophe Gouault <christophe.gouault@6wind.com>
This commit is contained in:
Christophe Gouault 2015-04-09 17:39:33 +02:00 committed by Stephen Hemminger
parent 025fa9dc7a
commit 811aca0448
1 changed files with 59 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
man/man8/ip-xfrm.8
View File

@ -256,6 +256,13 @@ ip-xfrm \- transform configuration
.ti -8 .ti -8
.B "ip xfrm policy count" .B "ip xfrm policy count"
.ti -8
.B "ip xfrm policy set"
.RB "[ " hthresh4
.IR LBITS " " RBITS " ]"
.RB "[ " hthresh6
.IR LBITS " " RBITS " ]"
.ti -8 .ti -8
.IR SELECTOR " :=" .IR SELECTOR " :="
.RB "[ " src .RB "[ " src
@ -360,6 +367,13 @@ ip-xfrm \- transform configuration
.BR "ip xfrm monitor" " [ " all " |" .BR "ip xfrm monitor" " [ " all " |"
.IR LISTofXFRM-OBJECTS " ]" .IR LISTofXFRM-OBJECTS " ]"
.ti -8
.IR LISTofXFRM-OBJECTS " := [ " LISTofXFRM-OBJECTS " ] " XFRM-OBJECT
.ti -8
.IR XFRM-OBJECT " := "
.BR acquire " | " expire " | " SA " | " policy " | " aevent " | " report
.in -8 .in -8
.ad b .ad b
@ -385,7 +399,6 @@ ip xfrm state deleteall delete all existing state in xfrm
ip xfrm state list print out the list of existing state in xfrm ip xfrm state list print out the list of existing state in xfrm
ip xfrm state flush flush all state in xfrm ip xfrm state flush flush all state in xfrm
ip xfrm state count count all existing state in xfrm ip xfrm state count count all existing state in xfrm
ip xfrm monitor state monitoring for xfrm objects
.TE .TE
.TP .TP
@ -507,7 +520,9 @@ encapsulates packets with protocol
.BR espinudp " or " espinudp-nonike "," .BR espinudp " or " espinudp-nonike ","
.RI "using source port " SPORT ", destination port " DPORT .RI "using source port " SPORT ", destination port " DPORT
.RI ", and original address " OADDR "." .RI ", and original address " OADDR "."
.sp .sp
.PP
.TS .TS
l l. l l.
ip xfrm policy add add a new policy ip xfrm policy add add a new policy
@ -517,7 +532,6 @@ ip xfrm policy get get an existing policy
ip xfrm policy deleteall delete all existing xfrm policies ip xfrm policy deleteall delete all existing xfrm policies
ip xfrm policy list print out the list of xfrm policies ip xfrm policy list print out the list of xfrm policies
ip xfrm policy flush flush policies ip xfrm policy flush flush policies
ip xfrm policy count count existing policies
.TE .TE
.TP .TP
@ -612,7 +626,50 @@ and inbound trigger
can be can be
.BR required " (default) or " use "." .BR required " (default) or " use "."
.sp
.PP
.TS
l l.
ip xfrm policy count count existing policies
.TE
.PP
Use one or more -s options to display more details, including policy hash table
information.
.sp
.PP
.TS
l l.
ip xfrm policy set configure the policy hash table
.TE
.PP
Security policies whose address prefix lengths are greater than or equal
policy hash table thresholds are hashed. Others are stored in the
policy_inexact chained list.
.TP
.I LBITS
specifies the minimum local address prefix length of policies that are
stored in the Security Policy Database hash table.
.TP
.I RBITS
specifies the minimum remote address prefix length of policies that are
stored in the Security Policy Database hash table.
.sp
.PP
.TS
l l.
ip xfrm monitor state monitoring for xfrm objects
.TE
.PP
The xfrm objects to monitor can be optionally specified. The xfrm objects to monitor can be optionally specified.
.SH AUTHOR .SH AUTHOR
Manpage revised by David Ward <david.ward@ll.mit.edu> Manpage revised by David Ward <david.ward@ll.mit.edu>
.br
Manpage revised by Christophe Gouault <christophe.gouault@6wind.com>