MONITOR GETSA

Level

vpn_read

History

Format Appears in 9.0.0

Description

List IPsec SA

Returns

src=<ip> : source IP address
dst=<ip> : destination IP address
type=ah|esp : SA type
mode=any|transport|tunnel : SA mode
spi=<id> : identifier
reqid=<id> : identifier
comp=<algo> : compression algo in use
enc=<algo> : cypher algo in use
auth=<algo> : authentication in use
state=larval|mature|dying|dead : SA state
lifetime=<secs> : time count
bytes=<count> : byte count

Format

section_line

Example

101 begin
src=10.2.0.1 dst=10.2.0.2 type="esp" mode="tunnel" spi=6599678
peerspi=106673664 reqid=16385 enc="rijndael-cbc"
auth="hmac-sha1" state="mature" lifetime=465
bytes=101552 maxlifetime=600 maxbytes=0

src=10.2.0.2 dst=10.2.0.1 type="esp" mode="tunnel" spi=106673664
peerspi=6599678 reqid=16386 enc="rijndael-cbc" auth="hmac-sha1"
state="mature" lifetime=465 bytes=282280 maxlifetime=600 maxbytes=0
.