1 .\" $KAME: setkey.8,v 1.89 2003/09/07 22:17:41 itojun Exp $
3 .\" Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
4 .\" All rights reserved.
6 .\" Redistribution and use in source and binary forms, with or without
7 .\" modification, are permitted provided that the following conditions
9 .\" 1. Redistributions of source code must retain the above copyright
10 .\" notice, this list of conditions and the following disclaimer.
11 .\" 2. Redistributions in binary form must reproduce the above copyright
12 .\" notice, this list of conditions and the following disclaimer in the
13 .\" documentation and/or other materials provided with the distribution.
14 .\" 3. Neither the name of the project nor the names of its contributors
15 .\" may be used to endorse or promote products derived from this software
16 .\" without specific prior written permission.
18 .\" THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
19 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
22 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 .Nd "manually manipulate the IPsec SA/SP database"
61 utility adds, updates, dumps, or flushes
62 Security Association Database (SAD) entries
63 as well as Security Policy Database (SPD) entries in the kernel.
67 utility takes a series of operations from the standard input
74 or from the command line argument following the option
77 .Bl -tag -width indent
82 the SPD entries are dumped.
84 Flush the SAD entries.
87 the SPD entries are flushed.
89 Only SPD entries with global scope are dumped with
95 Only SPD entries with ifnet scope are dumped with
100 Such SPD entries are linked to the corresponding
102 virtual tunneling interface.
104 Add hexadecimal dump on
108 Loop forever with short output on
112 The program will dump messages exchanged on
114 socket, including messages sent from other processes to the kernel.
116 Loop forever and dump all the messages transmitted to
120 makes each timestamp unformatted.
122 .Ss Configuration syntax
129 accepts the following configuration syntax.
130 Lines starting with hash signs
132 are treated as comment lines.
133 .Bl -tag -width indent
137 .Ar src Ar dst Ar protocol Ar spi
144 can fail with multiple reasons,
145 including when the key length does not match the specified algorithm.
150 .Ar src Ar dst Ar protocol Ar spi
158 .Ar src Ar dst Ar protocol Ar spi
166 .Ar src Ar dst Ar protocol
169 Remove all SAD entries that match the specification.
176 Clear all SAD entries matched by the options.
178 on the command line achieves the same functionality.
185 Dumps all SAD entries matched by the options.
187 on the command line achieves the same functionality.
192 .Ar src_range Ar dst_range Ar upperspec Ar policy
200 .Ar src_range Ar dst_range Ar upperspec Fl P Ar direction
209 Clear all SPD entries.
211 on the command line achieves the same functionality.
217 Dumps all SPD entries.
219 on the command line achieves the same functionality.
223 Meta-arguments are as follows:
225 .Bl -tag -compact -width indent
228 Source/destination of the secure communication is specified as
233 can resolve a FQDN into numeric addresses.
234 If the FQDN resolves into multiple addresses,
236 will install multiple SAD/SPD entries into the kernel
237 by trying all possible combinations.
242 restricts the address resolution of FQDN in certain ways.
246 restrict results into IPv4/v6 addresses only, respectively.
248 avoids FQDN resolution and requires addresses to be numeric addresses.
254 .Bl -tag -width Fl -compact
266 TCP-MD5 based on rfc2385
271 Security Parameter Index
273 for the SAD and the SPD.
275 must be a decimal number, or a hexadecimal number with
278 SPI values between 0 and 255 are reserved for future use by IANA
279 and they cannot be used.
283 take some of the following:
284 .Bl -tag -width Fl natt_mtu -compact
287 Specify a security protocol mode for use.
290 .Li transport , tunnel
297 Specify the bitmap size in octets of the anti-replay window.
299 is a 32-bit unsigned integer, and its value is one eighth of the
300 anti-replay window size in packets.
303 is zero or not specified, an anti-replay check does not take place.
306 Specify the identifier of the policy entry in SPD.
310 .It Fl f Ar pad_option
311 defines the content of the ESP padding.
314 .Bl -tag -width random-pad -compact
316 All of the padding are zero.
318 A series of randomized values are set.
320 A series of sequential increasing numbers started from 1 are set.
323 .It Fl f Li nocyclic-seq
324 Do not allow cyclic sequence number.
328 Specify hard/soft life time duration of the SA.
329 .It Fl natt Ar oai \([ Ar sport \(] Ar oar \([ Ar dport \(]
330 Manually configure NAT-T for the SA, by specifying initiator
335 ip addresses and ports.
340 symbols are part of the syntax for the ports specification,
341 not indication of the optional components.
342 .It Fl natt_mtu Ar fragsize
343 Configure NAT-T fragment size.
348 .Bl -tag -width Fl -compact
349 .It Fl E Ar ealgo Ar key
350 Specify an encryption or Authenticated Encryption with Associated Data
355 .Fl E Ar ealgo Ar key
356 .Fl A Ar aalgo Ar key
358 Specify a encryption algorithm
360 as well as a payload authentication algorithm
363 .It Fl A Ar aalgo Ar key
364 Specify an authentication algorithm for AH.
365 .It Fl C Ar calgo Op Fl R
366 Specify a compression algorithm for IPComp.
371 field value will be used as the IPComp CPI
372 (compression parameter index)
377 the kernel will use well-known CPI on wire, and
379 field will be used only as an index for kernel internal usage.
383 must be double-quoted character string, or a series of hexadecimal digits
392 are specified in separate section.
397 These are selections of the secure communication specified as
398 IPv4/v6 address or IPv4/v6 address range, and it may accompany
399 TCP/UDP port specification.
400 This takes the following form:
403 .Ar address/prefixlen
405 .Ar address/prefixlen[port]
411 must be a decimal number.
412 The square brackets around
414 are necessary and are not manpage metacharacters.
415 For FQDN resolution, the rules applicable to
423 The upper layer protocol to be used.
424 You can use one of the words in
437 The protocol number may also be used to specify the
439 A type and code related to ICMPv6 may also be specified as an
441 The type is specified first, followed by a comma and then the relevant
443 The specification must be placed after
445 The kernel considers a zero to be a wildcard but
446 cannot distinguish between a wildcard and an ICMPv6
448 The following example shows a policy where IPSec is not required for
449 inbound Neighbor Solicitations:
451 .Dl "spdadd ::/0 ::/0 icmp6 135,0 -P in none;"
455 does not work in the forwarding case at this moment,
456 as it requires extra reassembly at forwarding node,
457 which is not implemented at this moment.
458 Although there are many protocols in
460 protocols other than TCP, UDP and ICMP may not be suitable to use with IPsec.
465 is expressed in one of the following three formats:
467 .Bl -tag -width 2n -compact
468 .It Fl P Ar direction Li discard
469 .It Fl P Ar direction Li none
470 .It Xo Fl P Ar direction Li ipsec
471 .Ar protocol/mode/src-dst/level Op ...
475 The direction of a policy must be specified as
480 The direction is followed by one of the following policy levels:
487 policylevel means that packets matching the supplied indices will
490 means that IPsec operations will not take place on the packet and
492 means that IPsec operation will take place onto the packet.
494 .Ar protocol/mode/src-dst/level
495 statement gives the rule for how to process the packet.
513 you must specify the end-point addresses of the SA as
519 between the addresses.
531 is one of the following:
532 .Li default , use , require
535 If the SA is not available in every level, the kernel will request
536 the SA from the key exchange daemon.
539 tells the kernel to use the system wide default protocol
540 e.g.,\& the one from the
542 sysctl variable, when the kernel processes the packet.
545 means that the kernel will use an SA if it is available,
546 otherwise the kernel will pass the packet as it would normally.
549 means that an SA is required whenever the kernel sends a packet matched
550 that matches the policy.
555 but, in addition, it allows the policy to bind with the unique out-bound SA.
556 For example, if you specify the policy level
558 .Xr racoon 8 Pq Pa ports/security/ipsec-tools
559 will configure the SA for the policy.
560 If you configure the SA by manual keying for that policy,
561 you can put the decimal number as the policy identifier after
565 as in the following example:
567 In order to bind this policy to the SA,
569 must be between 1 and 32767,
572 of manual SA configuration.
574 When you want to use an SA bundle, you can define multiple rules.
576 example, if an IP header was followed by an AH header followed by an
577 ESP header followed by an upper layer protocol header, the rule would
580 .Dl esp/transport//require ah/transport//require ;
582 The rule order is very important.
588 are not in the syntax described in
589 .Xr ipsec_set_policy 3 .
590 There are small, but important, differences in the syntax.
592 .Xr ipsec_set_policy 3
597 The following lists show the supported algorithms.
598 .Ss Authentication Algorithms
599 The following authentication algorithms can be used as
606 .Bd -literal -offset indent
607 algorithm keylen (bits) comment
608 hmac-sha1 160 ah/esp: rfc2404
609 160 ah-old/esp-old: 128bit ICV (no document)
610 null 0 to 2048 for debugging
611 hmac-sha2-256 256 ah/esp: 128bit ICV (RFC4868)
612 256 ah-old/esp-old: 128bit ICV (no document)
613 hmac-sha2-384 384 ah/esp: 192bit ICV (RFC4868)
614 384 ah-old/esp-old: 128bit ICV (no document)
615 hmac-sha2-512 512 ah/esp: 256bit ICV (RFC4868)
616 512 ah-old/esp-old: 128bit ICV (no document)
617 aes-xcbc-mac 128 ah/esp: 96bit ICV (RFC3566)
618 128 ah-old/esp-old: 128bit ICV (no document)
619 tcp-md5 8 to 640 tcp: rfc2385
620 chacha20-poly1305 256 ah/esp: 128bit ICV (RFC7634)
622 .Ss Encryption Algorithms
623 The following encryption algorithms can be used as the
630 .Bd -literal -offset indent
631 algorithm keylen (bits) comment
632 null 0 to 2048 rfc2410
633 aes-cbc 128/192/256 rfc3602
634 aes-ctr 160/224/288 rfc3686
635 aes-gcm-16 160/224/288 AEAD; rfc4106
636 chacha20-poly1305 256 rfc7634
639 Note that the first 128/192/256 bits of a key for
643 will be used as the AES key,
644 and the remaining 32 bits will be used as the nonce.
646 AEAD encryption algorithms such as
648 include authentication and should not be
649 paired with a separate authentication algorithm via
651 .Ss Compression Algorithms
652 The following compression algorithms can be used
660 .Bd -literal -offset indent
669 Add an ESP SA between two IPv6 addresses using the
670 AES-GCM AEAD algorithm.
671 .Bd -literal -offset indent
672 add 3ffe:501:4819::1 3ffe:501:481d::1 esp 123457
673 -E aes-gcm-16 0x3ffe050148193ffe050148193ffe050148193ffe ;
677 Add an authentication SA between two FQDN specified hosts:
678 .Bd -literal -offset indent
679 add -6 myhost.example.com yourhost.example.com ah 123456
680 -A hmac-sha2-256 "AH SA configuration!" ;
683 Get the SA information associated with first example above:
684 .Bd -literal -offset indent
685 get 3ffe:501:4819::1 3ffe:501:481d::1 ah 123456 ;
688 Flush all entries from the database:
689 .Bd -literal -offset indent
693 Dump the ESP entries from the database:
694 .Bd -literal -offset indent
698 Add a security policy between two networks that uses ESP in tunnel mode:
699 .Bd -literal -offset indent
700 spdadd 10.0.11.41/32[21] 10.0.11.33/32[any] any
701 -P out ipsec esp/tunnel/192.168.0.1-192.168.1.2/require ;
704 Use TCP MD5 between two numerically specified hosts:
705 .Bd -literal -offset indent
706 add 10.1.10.34 10.1.10.36 tcp 0x1000 -A tcp-md5 "TCP-MD5 BGP secret" ;
707 add 10.1.10.36 10.1.10.34 tcp 0x1001 -A tcp-md5 "TCP-MD5 BGP secret" ;
711 .Xr ipsec_set_policy 3 ,
713 .Xr racoon 8 Pq Pa ports/security/ipsec-tools ,
716 .%T "Changed manual key configuration for IPsec"
717 .%U https://www.kame.net/newsletter/19991007/
724 utility first appeared in WIDE Hydrangea IPv6 protocol stack kit.
725 The utility was completely re-designed in June 1998.
733 should report and handle syntax errors better.
735 For IPsec gateway configuration,
739 with TCP/UDP port number do not work, as the gateway does not reassemble
741 (cannot inspect upper-layer headers).