252
253 o Count of all attempted P1 SAs since boot, where the
254 local entity was the responder; includes failed attempts
255
256 o Count of all failed attempts to initiate a P1 SA, where
257 the failure occurred because the peer did not respond
258
259 o Count of all failed attempts to initiate a P1 SA, where
260 the peer responded
261
262 o Count of all failed P1 SAs where the peer was the
263 initiator
264
265 o Whether a PKCS#11 library is in use, and if applicable,
266 the PKCS#11 library that is loaded. See .
267
268
269 defaults
270
271 Display default values used by the in.iked daemon. Some values can
272 be overriden in the daemon configuration file (see ike.config(4));
273 for these values, the token name is displayed in the get defaults
274 output. The output will reflect where a configuration token has
275 changed the default.
276
277 Default values might be ignored in the event a peer system makes a
278 valid alternative proposal or they can be overriden by per-rule
279 values established in ike.config. In such instances, a get defaults
280 command continues to display the default values, not the values
281 used to override the defaults.
282
283
284 p1
285
286 An IKE Phase 1 SA. A p1 object is identified by an IP address pair
287 or a cookie pair; identification formats are described below.
288
289
290 rule
291
292 An IKE policy rule, defining the acceptable security
293 characteristics for Phase 1 SAs between specified local and remote
294 identities. A rule is identified by its label; identification
295 formats are described below.
296
297
298 preshared
|
252
253 o Count of all attempted P1 SAs since boot, where the
254 local entity was the responder; includes failed attempts
255
256 o Count of all failed attempts to initiate a P1 SA, where
257 the failure occurred because the peer did not respond
258
259 o Count of all failed attempts to initiate a P1 SA, where
260 the peer responded
261
262 o Count of all failed P1 SAs where the peer was the
263 initiator
264
265 o Whether a PKCS#11 library is in use, and if applicable,
266 the PKCS#11 library that is loaded. See .
267
268
269 defaults
270
271 Display default values used by the in.iked daemon. Some values can
272 be overridden in the daemon configuration file (see ike.config(4));
273 for these values, the token name is displayed in the get defaults
274 output. The output will reflect where a configuration token has
275 changed the default.
276
277 Default values might be ignored in the event a peer system makes a
278 valid alternative proposal or they can be overridden by per-rule
279 values established in ike.config. In such instances, a get defaults
280 command continues to display the default values, not the values
281 used to override the defaults.
282
283
284 p1
285
286 An IKE Phase 1 SA. A p1 object is identified by an IP address pair
287 or a cookie pair; identification formats are described below.
288
289
290 rule
291
292 An IKE policy rule, defining the acceptable security
293 characteristics for Phase 1 SAs between specified local and remote
294 identities. A rule is identified by its label; identification
295 formats are described below.
296
297
298 preshared
|