Bgpctl,
Rdomain,
Ipsec,
Bgpd,
Isakmpd,
Rc.conf.local,
Strftime,
Tcp,
Ipsecctl,
Pf,
Bgpd-Conf BGPD.CONF(5) - File Formats Manual # BGPD.CONF(5) - File Formats Manual
NAME # bgpd.conf - BGP routing daemon configuration file
DESCRIPTION # The bgpd(8) daemon implements the Border Gateway Protocol version 4 as described in RFC 4271.
The bgpd.conf config file is divided into the following main sections:
MACROS
User-defined variables may be defined and used later, simplifying the configuration file.
GLOBAL CONFIGURATION
Global settings for bgpd(8).
SET CONFIGURATION
...
Netstart,
Arp,
Netintro,
Etherip,
Vether,
Ipsec,
Ipsecctl,
Tpmr,
Isakmpd,
Ifconfig,
Ioctl,
Errno,
Ip6,
Ip,
Hostname.if,
Pf,
Bridge BRIDGE(4) - Device Drivers Manual # BRIDGE(4) - Device Drivers Manual
NAME # bridge - Ethernet bridge interface
SYNOPSIS # pseudo-device bridge
#include <sys/types.h>
#include <net/if.h>
#include <netinet/in.h>
#include <netinet/if_ether.h>
#include <net/if_bridge.h>
DESCRIPTION # The bridge device creates a logical link between two or more Ethernet interfaces or encapsulation interfaces (see [etherip(4)](/man/man4/etherip.4)). This link between the interfaces selectively forwards frames from each interface on the bridge to every other interface on the bridge.
...
IKED(8) - System Manager’s Manual # IKED(8) - System Manager’s Manual
NAME # iked - Internet Key Exchange version 2 (IKEv2) daemon
SYNOPSIS # iked [-dnSTtVv] [-D macro=value] [-f file] [-p udpencap_port] [-s socket]
DESCRIPTION # iked is an Internet Key Exchange (IKEv2) daemon which performs mutual authentication and which establishes and maintains IPsec flows and security associations (SAs) between the two peers.
The IKEv2 protocol is defined in RFC 7296, which combines and updates the previous standards: ISAKMP/Oakley (RFC 2408), IKE (RFC 2409), and the Internet DOI (RFC 2407).
...
IPSEC.CONF(5) - File Formats Manual # IPSEC.CONF(5) - File Formats Manual
NAME # ipsec.conf - IPsec configuration file
DESCRIPTION # The ipsec.conf file specifies rules and definitions for IPsec, which provides security services for IP datagrams. IPsec itself is a pair of protocols: Encapsulating Security Payload (ESP), which provides integrity and confidentiality; and Authentication Header (AH), which provides integrity. The IPsec protocol itself is described in ipsec(4).
In its most basic form, a flow is established between hosts and/or networks, and then Security Associations (SAs) are established, which detail how the desired protection will be achieved.
...
IPSEC(4) - Device Drivers Manual # IPSEC(4) - Device Drivers Manual
NAME # ipsec - IP Security Protocol
DESCRIPTION # IPsec is a pair of protocols, Encapsulating Security Payload (ESP) and Authentication Header (AH), which provide security services for IP datagrams.
Both protocols may be enabled or disabled using the following sysctl(2) variables in /etc/sysctl.conf. By default, both protocols are enabled:
net.inet.esp.enable
Enable the ESP IPsec protocol
net.inet.ah.enable
Enable the AH IPsec protocol
...
IPSECCTL(8) - System Manager’s Manual # IPSECCTL(8) - System Manager’s Manual
NAME # ipsecctl - control flows for IPsec
SYNOPSIS # ipsecctl [-cdFkmnv] [-D macro=value] [-f file] [-i fifo] [-s modifier]
DESCRIPTION # The ipsecctl utility controls flows that determine which packets are to be processed by IPsec. It allows ruleset configuration, and retrieval of status information from the kernel’s SPD (Security Policy Database) and SAD (Security Association Database). It also can control isakmpd(8) and establish tunnels using automatic keying with isakmpd(8).
...
ISAKMPD.CONF(5) - File Formats Manual # ISAKMPD.CONF(5) - File Formats Manual
NAME # isakmpd.conf - configuration file for isakmpd
DESCRIPTION # isakmpd.conf is the configuration file for the isakmpd(8) daemon, managing security association and key management for the IPsec layer of the kernel’s networking stack.
The file is of a well-known type of format called .INI style, named after the suffix used by an overrated windowing environment for its configuration files.
...
ISAKMPD.POLICY(5) - File Formats Manual # ISAKMPD.POLICY(5) - File Formats Manual
NAME # isakmpd.policy - policy configuration file for isakmpd
DESCRIPTION # isakmpd.policy is the policy configuration file for the isakmpd(8) daemon, managing security association and key management for the ipsec(4) layer of the kernel’s networking stack. The isakmpd(8) daemon, also known as the IKEv1 key management daemon, implements the Internet Key Exchange version 1 (IKEv1) protocol. It follows then that references to IKE in this document pertain to IKEv1 only, and not IKEv2.
...
Tcpdump,
Getnameinfo,
Iked,
Ssl,
Isakmpd.policy,
Ipsec,
Isakmpd.conf,
Openssl,
Pcap_open_offline,
Ipsec.conf,
Sasyncd,
Isakmpd ISAKMPD(8) - System Manager’s Manual # ISAKMPD(8) - System Manager’s Manual
NAME # isakmpd - ISAKMP/Oakley a.k.a. IKEv1 key management daemon
SYNOPSIS # isakmpd [-46adKLnSTv] [-c config-file] [-D class=level] [-f fifo] [-i pid-file] [-l packetlog-file] [-N udpencap-port] [-p listen-port] [-R report-file]
DESCRIPTION # The isakmpd daemon establishes Security Associations (SAs) for encrypted and/or authenticated network traffic. At this moment, and probably forever, this means ipsec(4) traffic. Traditionally, isakmpd was configured using the isakmpd.
...
SASYNCD(8) - System Manager’s Manual # SASYNCD(8) - System Manager’s Manual
NAME # sasyncd - IPsec SA synchronization daemon for failover gateways
SYNOPSIS # sasyncd [-dnv] [-c config-file]
DESCRIPTION # The sasyncd daemon synchronizes IPsec SA and SPD information between a number of failover IPsec gateways. The most typical scenario is to run sasyncd on hosts also running isakmpd(8) or iked(8) and sharing a common IP address using carp(4).
...