git: dcaa24cf3057 - stable/13 - setkey(8): document NAT-T and NAT-T MTU extensions syntax
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 05 Jun 2023 08:36:00 UTC
The branch stable/13 has been updated by kib:
URL: https://cgit.FreeBSD.org/src/commit/?id=dcaa24cf30571be8b80be3f5202e4ec77aa595f2
commit dcaa24cf30571be8b80be3f5202e4ec77aa595f2
Author: Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2023-05-27 06:00:24 +0000
Commit: Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2023-06-05 08:35:00 +0000
setkey(8): document NAT-T and NAT-T MTU extensions syntax
(cherry picked from commit cf85818e05a9349dfba040fb32e752d3c691ed1f)
---
sbin/setkey/setkey.8 | 19 +++++++++++++++++--
1 file changed, 17 insertions(+), 2 deletions(-)
diff --git a/sbin/setkey/setkey.8 b/sbin/setkey/setkey.8
index 20754c1b368f..73c89fdf9ec2 100644
--- a/sbin/setkey/setkey.8
+++ b/sbin/setkey/setkey.8
@@ -29,7 +29,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd April 3, 2023
+.Dd May 27, 2023
.Dt SETKEY 8
.Os
.\"
@@ -283,7 +283,7 @@ and they cannot be used.
.Pp
.It Ar extensions
take some of the following:
-.Bl -tag -width Fl -compact
+.Bl -tag -width Fl natt_mtu -compact
.\"
.It Fl m Ar mode
Specify a security protocol mode for use.
@@ -328,6 +328,21 @@ Do not allow cyclic sequence number.
.It Fl lh Ar time
.It Fl ls Ar time
Specify hard/soft life time duration of the SA.
+.It Fl natt Ar oai \([ Ar sport \(] Ar oar \([ Ar dport \(]
+Manually configure NAT-T for the SA, by specifying initiator
+.Ar oai
+and
+requestor
+.Ar oar
+ip addresses and ports.
+Note that the
+.Sq \([
+and
+.Sq \(]
+symbols are part of the syntax for the ports specification,
+not indication of the optional components.
+.It Fl natt_mtu Ar fragsize
+Configure NAT-T fragment size.
.El
.\"
.Pp