Using the ipsec command
You can use the ipsec command to display
information about:
- IP filter rules
- Security associations
- Port translation
- SECCLASS definitions
- Matching IP filter rules for a specified traffic pattern
- Network security information of an IKE daemon's active NSS IPSec clients
- NSS IPSec clients connected to NSS servers
By default, ipsec commands are directed to the local system. Optionally, ipsec commands may be directed to remote systems (NSS IPSec clients) using the ipsec -z option.
Restriction: Management of defensive filters
(ipsec -F) is only provided through the local ipsec command.
Remote management using an NSS server is not supported.