NAME¶
racoon
—
IKE (ISAKMP/Oakley) key management daemon
SYNOPSIS¶
racoon |
[-46BdFLVv ]
[-f configfile]
[-l logfile]
[-P isakmp-natt-port]
[-p isakmp-port] |
DESCRIPTION¶
racoon
speaks the IKE (ISAKMP/Oakley) key management
protocol, to establish security associations with other hosts. The SPD
(Security Policy Database) in the kernel usually triggers
racoon
. racoon
usually sends
all informational messages, warnings and error messages to
syslogd(8) with the facility
LOG_DAEMON
and the priority
LOG_INFO
. Debugging messages are sent with the
priority LOG_DEBUG
. You should configure
syslog.conf(5) appropriately to see these messages.
-4
-
-6
- Specify the default address family for the sockets.
-B
- Install SA(s) from the file which is specified in
racoon.conf(5).
-d
- Increase the debug level. Multiple
-d
arguments
will increase the debug level even more.
-F
- Run
racoon
in the foreground.
-f
configfile
- Use configfile as the configuration file instead of
the default.
-L
- Include file_name:line_number:function_name in all
messages.
-l
logfile
- Use logfile as the logging file instead of
syslogd(8).
-P
isakmp-natt-port
- Use isakmp-natt-port for NAT-Traversal
port-floating. The default is 4500.
-p
isakmp-port
- Listen to the ISAKMP key exchange on port
isakmp-port instead of the default port number,
500.
-V
- Print racoon version and compilation options and exit.
-v
- This flag causes the packet dump be more verbose, with higher debugging
level.
racoon
assumes the presence of the kernel
random number device rnd(4) at
/dev/urandom.
RETURN VALUES¶
The command exits with 0 on success, and non-zero on errors.
FILES¶
- /etc/racoon.conf
- default configuration file.
HISTORY¶
The racoon
command first appeared in the
“YIPS” Yokogawa IPsec implementation.