summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJason McIntyre <jmc@cvs.openbsd.org>2006-09-07 12:58:22 +0000
committerJason McIntyre <jmc@cvs.openbsd.org>2006-09-07 12:58:22 +0000
commit2cf186de1e6b4b33fed78c95060b82efb6a1ac6e (patch)
tree1bb19f53a33f314560d01881c79ce8ac115a6806
parent73367b0a16db54dd65d9dbe204469b418053f38a (diff)
note that we can filter ipsec traffic on the enc interface;
-rw-r--r--sbin/ipsecctl/ipsec.conf.58
1 files changed, 7 insertions, 1 deletions
diff --git a/sbin/ipsecctl/ipsec.conf.5 b/sbin/ipsecctl/ipsec.conf.5
index 1eb447b966a..d881da48f68 100644
--- a/sbin/ipsecctl/ipsec.conf.5
+++ b/sbin/ipsecctl/ipsec.conf.5
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ipsec.conf.5,v 1.87 2006/09/07 12:38:09 jmc Exp $
+.\" $OpenBSD: ipsec.conf.5,v 1.88 2006/09/07 12:58:21 jmc Exp $
.\"
.\" Copyright (c) 2004 Mathieu Sauve-Frankel All rights reserved.
.\"
@@ -38,6 +38,11 @@ Encapsulating Security Payload (ESP),
which provides integrity and confidentiality;
and Authentication Header (AH),
which provides integrity.
+IPsec traffic can be packet filtered via
+.Xr pf 4
+on the
+.Xr enc 4
+interface.
The IPsec protocol itself is described in
.Xr ipsec 4 .
.Pp
@@ -671,6 +676,7 @@ keyword:
.El
.Sh SEE ALSO
.Xr openssl 1 ,
+.Xr enc 4 ,
.\".Xr ipcomp 4 ,
.Xr ipsec 4 ,
.Xr tcp 4 ,