[Swan-dev] pluto --help through the ages

Lennart Sorensen lsorense at csclub.uwaterloo.ca
Sun May 18 17:41:08 EEST 2014


On Sat, May 17, 2014 at 06:06:41PM -0400, D. Hugh Redelmeier wrote:
> An 11 year old version of FreeS/WAN:
> 
> Usage: pluto [--help] [--version] [--optionsfrom <filename>] \
>         [--nofork] [--stderrlog] [--noklips] [--uniqueids] \
>         [--interface <ifname>] [--ikeport <port-number>] \
>         [--ctlbase <path>] \
>         [--secretsfile <secrets-file>] [--policygroupsdir <policygroups-dir>] \
>         [--adns <pathname>] \
>         [--debug-none] [--debug-all] \
>         [--debug-raw] [--debug-crypt] [--debug-parsing] [--debug-emitting] \
>         [--debug-control] [--debug-klips] [--debug-dns] [ --debug-private]
> FreeS/WAN 2.02-pre1
> 
> 
> Libreswan from Fedora 20's updates repo.  Notice how wide it is.
> 
> Usage: pluto [--help] [--version] \
>         [--config <filename>][--vendorid <vendorid>] [--nofork] [--stderrlog] [--logfile <filename>] [--plutostderrlogtime] [--force_busy] [--nocrsend] [--strictcrlpolicy] [--crlcheckinterval] [--uniqueids] [--use-klips] [--use-netkey] [--use-mast] [--use-bsdkame] [--use-nostack] \
>         [--interface <ifname|ifaddr>] [--ikeport <port-number>] [--natikeport <port-number>][--listen <ifaddr>] \
>         [--ctlbase <path>] \
>         [--perpeerlogbase <path>] [--perpeerlog] \
>         [--coredir <dirname>] [--noretransmits][--statsbin <filename>] \
>         [--secretsfile <secrets-file>] [--ipsecdir <ipsec-dir>] \
>         [--adns <pathname>][--nhelpers <number>] \
>         [--secctx_attr_value <number>] \
>         [--debug-none] [--debug-all] \
>         [--debug-raw] [--debug-crypt] [--debug-crypto] [--debug-parsing] [--debug-emitting] \
>         [--debug-control][--debug-lifecycle] [--debug-kernel] [--debug-x509] [--debug-dns] [--debug-oppo] [--debug-oppoinfo] [--debug-dpd] [ --debug-private] [ --debug-pfkey] [ --debug-nat-t] \
>         [--nat_traversal] [--keep_alive <delay_sec>] \
>         [--disable_port_floating] \
>         [--virtual_private <network_list>]
> Libreswan 3.8
> 
> Libreswan's current git head:
> 
> Usage: pluto [--help] [--version] \
>         [--leak-detective] [--config <filename>] [--vendorid <vendorid>] [--nofork] [--stderrlog] [--logfile <filename>] [--plutostderrlogtime] [--force-busy] [--nocrsend] [--strictcrlpolicy] [--crlcheckinterval] [--uniqueids] [--use-klips] [--use-netkey] [--use-mast] [--use-bsdkame] [--use-nostack] \
>         [--interface <ifname|ifaddr>] [--ikeport <port-number>] [--natikeport <port-number>][--listen <ifaddr>] \
>         [--ctlbase <path>] \
>         [--perpeerlogbase <path>] [--perpeerlog] \
>         [--coredir <dirname>] [--noretransmits][--statsbin <filename>] \
>         [--secretsfile <secrets-file>] [--ipsecdir <ipsec-dir>] \
>         [--adns <pathname>][--nhelpers <number>] \
>         [--debug-none] [--debug-all] \
>         [--debug-raw] [--debug-crypt] [--debug-crypto] [--debug-parsing] [--debug-emitting] \
>         [--debug-control][--debug-lifecycle] [--debug-kernel] [--debug-x509] [--debug-dns] [--debug-oppo] [--debug-oppoinfo] [--debug-dpd] [ --debug-private] [ --debug-pfkey] [ --debug-nat-t] \
>         [--keep-alive <delay_secs>] \
>         [--virtual-private <network_list>]
> Libreswan v3.8-842-g03cfc1b-master
> 
> 
> My work-in-progress version:
> 
> Usage: OBJ.linux.x86_64/programs/pluto/pluto [--help] [--version]
>         [--config <filename>] [--nofork] [--stderrlog] [--logfile <filename>]
>         [--plutostderrlogtime] [--force-busy] [--strictcrlpolicy]
>         [--crlcheckinterval <seconds>] [--uniqueids] [--use-nostack]
>         [--use-klips] [--use-netkey] [--use-mast] [--use-mastklips]
>         [--use-bsdkame] [--interface <ifname|ifaddr>] [--listen <ifaddr>]
>         [--ikeport <port-number>] [--natikeport <port-number>]
>         [--ctlbase <path>] [--secretsfile <secrets-file>]
>         [--perpeerlogbase <path>] [--perpeerlog] [--noretransmits]
>         [--dumpdir <dirname>] [--statsbin <filename>]
>         [--ipsecdir <ipsec-dir>] [--adns <pathname>]
>         [--keep-alive <delay_secs>] [--virtual-private <network_list>]
>         [--nhelpers <number>] [--vendorid <vendorid>] [--leak-detective]
>         [--debug-nattraversal]
>         [--debug-none] [--debug-all] [--debug-raw] [--debug-crypt]
>         [--debug-parsing] [--debug-emitting] [--debug-control]
>         [--debug-lifecycle] [--debug-kernel] [--debug-dns] [--debug-oppo]
>         [--debug-oppoinfo] [--debug-controlmore] [--debug-dpd] [--debug-x509]
>         [--debug-private] [--debug-pfkey]
>         [--impair-delay-adns-key-answer] [--impair-delay-adns-txt-answer]
>         [--impair-bust-mi2] [--impair-bust-mr2] [--impair-sa-creation]
>         [--impair-die-oninfo] [--impair-jacob-two-two]
>         [--impair-major-version-bump] [--impair-minor-version-bump]
>         [--impair-retransmits] [--impair-send-bogus-isakmp-flag]
>         [--impair-send-ikev2-ke]
> Libreswan v3.8-840-g7facd26-dirty-master
> 
> This last version is longer because the code automatically wraps at
> character 72 (the initial tab is one character).
> 
> There are actually fewer options in this list.  That's because I
> ditched some synonyms and some ignored options.
> 
> There may be a few additions.  Since (for the first time) help is
> generated from the actual table used to parse options, only and all
> real options are presented.
> 
> There is a facility for marking an option that should start a line in
> the --help output.  I used it on the --debug-none and
> --impair-delay-adns-key-answer options.
> 
> I ditched the end-of-line \.  Accidental, but seems like a good idea.
> I wonder about the [ ].
> 
> It would be good to group and separate options to make the --help
> output easier to understand.  Suggestions are welcome.

If you wanted to be really nice you could check if the environment
COLUMNS is set and the output is to a tty and then use the proper width,
and otherwise fall back to fixed 72.

I just happen to hate having my lines wasted, given those there are
never enough of.  But don't go to too much trouble for it.

-- 
Len Sorensen


More information about the Swan-dev mailing list