[Swan-dev] IPSEC Active Tunnels Status using 'ipsec whack --status'
Paul Wouters
paul at nohats.ca
Mon Jan 9 20:01:15 EET 2023
On Mon, 9 Jan 2023, Praveen Chavan wrote:
>
> Thanks for the clarification.
>
> Follow up:
> 1. Could you share some examples for "ipsec trafficstatus" output?
See git grep "ipsec traffic" testing/pluto/
you can also see the test output on testing.libreswan.org
eg from https://testing.libreswan.org/v4.9-648-g0c35714ef7-main/basic-pluto-02/west.console.txt
west #
ipsec trafficstatus
006 #2: "westnet-all", type=ESP, add_time=1234567890, inBytes=84, outBytes=84, maxBytes=2^63B, id='@east'
> 2. Can I assume 'established Child SA' remains the same, in the output for whack --status even if other things could change every
> couple releases?
We give no guarantees on the whack API. It is considered "internal only"
at the moment. Once we have a json/yang output, we will give guarantees
on it.
Paul
More information about the Swan-dev
mailing list