FreeBSD manual
download PDF document: swanctl.8.pdf
SWANCTL(8) strongSwan SWANCTL(8)
NAME
swanctl - strongSwan configuration, control and monitoring command line
interface.
SYNOPSIS
swanctl command [option ...]
swanctl -h | --help
DESCRIPTION
swanctl is a cross-platform command line utility to configure, control
and monitor the strongSwan IKE daemon. It is a replacement for the
aging starter, ipsec and stroke tools.
swanctl uses a configuration file called swanctl.conf(5) to parse
configurations and credentials. Private keys, certificates and other
PKI related credentials are read from specific directories.
To communicate with the IKE daemon, swanctl uses the VICI protocol, the
Versatile IKE Configuration Interface. This stable interface is usable
by other tools and is often preferable than scripting swanctl and
parsing its output.
COMMANDS
-i, --initiate
initiate a connection
-t, --terminate
terminate a connection
-R, --rekey
rekey an SA
-d, --redirect
redirect an IKE_SA
-p, --install
install a trap or shunt policy
-u, --uninstall
uninstall a trap or shunt policy
-l, --list-sas
list currently active IKE_SAs
-P, --list-pols
list currently installed policies
-b, --load-authorities
(re-)load certification authorities information
-L, --list-conns
list loaded configurations
-B, --list-authorities
list loaded certification authorities information
-g, --list-algs
list loaded algorithms and their implementation
-q, --load-all
(re-)load credentials, pools, authorities and connections
-c, --load-conns
(re-)load connection configuration
-s, --load-creds
(re-)load credentials
-a, --load-pools
(re-)load pool configuration
-T, --log
trace logging output
-S, --stats
show daemon infos and statistics
-f, --flush-certs
flush cached certificates
-r, --reload-settings
reload strongswan.conf(5) configuration
-v, --version
show daemon version information
-h, --help
show usage information
SEE ALSO
swanctl.conf(5)
5.9.14 2015-11-20 SWANCTL(8)