12 .TH tripe-admin 5 "18 February 2001" "Straylight/Edgeware" "TrIPE: Trivial IP Encryption"
14 tripe-admin \- administrator commands for TrIPE
16 This manual page describes the administration interface provided by the
22 program can be used either interactively or in scripts to communicate
23 with the server using this interface. Alternatively, simple custom
24 clients can be written in scripting languages such as Perl, Python or
25 Tcl, or more advanced clients such as GUI monitors can be written in C
26 with little difficulty.
28 By default, the server listens for admin connections on the Unix-domain
30 .BR /var/lib/tripe/tripesock .
31 Administration commands use a textual protocol. Each client command or
32 server response consists of a line of ASCII text terminated by a single
33 linefeed character. No command may be longer than 255 characters.
34 .SS "General structure"
35 Each command or response line consists of a sequence of
36 whitespace-separated words. The number and nature of whitespace
37 characters separating two words in a client command is not significant;
38 the server always uses a single space character. The first word in a
41 identifying the type of command or response contained. Keywords in
42 client commands are not case-sensitive; the server always uses uppercase
45 For simple client command, the server responds with zero or more
47 lines, followed by either an
53 provides information requested in the command. An
55 response contains no further data. A
57 code is followed by a machine-readable explanation of why the command
60 Simple command processing is strictly synchronous: the server reads a
61 command, processes it, and responds, before reading the next command.
62 All commands can be run as simple commands. Long-running commands
67 block the client until they finish, but the rest of the server continues
69 .B "Background commands"
70 to find out how to issue long-running commands without blocking.
71 .SS "Asynchronous broadcasts"
72 There are three types of asynchronous broadcast messages which aren't
73 associated with any particular command. Clients can select which
74 broadcast messages they're interested in using the
80 message contains a machine-readable message warning of an error
81 encountered while processing a command, unexpected or unusual behaviour
82 by a peer, or a possible attack by an adversary. Under normal
83 conditions, the server shouldn't emit any warnings.
87 message contains a human-readable tracing message containing diagnostic
88 information. Trace messages are controlled using the
90 command-line option to the server, or the
92 administration command (see below). Support for tracing can be disabled
93 when the package is being configured, and may not be available in your
98 message is a machine-readable notification about some routine but
99 interesting event such as creation or destruction of peers.
100 .SS "Background commands"
105 take a long time to complete. To prevent these long-running commands
106 from tying up a server connection, they can be run in the background.
107 Not all commands can be run like this: the ones that can provide a
109 option, which must be supplied with a
112 A command may fail before it starts running in the background. In this
113 case, the server emits a
115 response, as usual. To indicate that a command has started running in
116 the background, the server emits a response of the form
117 .BI "BGDETACH " tag \fR,
120 is the value passed to the
122 option. From this point on, the server is ready to process more
123 commands and reply to them.
125 Responses to background commands are indicated by a line beginning with
131 followed by the command tag. These correspond to the
136 responses for simple commands:
138 indicates information from a background command which has not completed
143 indicates that a background command succeeded or failed, respectively.
145 A background command will never issue an
149 response: it will always detach and then issue any
154 .SS "Client-provided services"
155 .\"* 25 Service-related messages
156 An administration client can provide services to other clients.
157 Services are given names and versions. A client can attempt to
159 a particular service by issuing the
161 command. This may fail, for example, if some other client already
162 provides the same or later version of the service.
164 Other clients can issue
165 .I "service commands"
168 command; the service provider is expected to handle these commands and
171 There are three important asynchronous messages which will be sent to
174 .BI "SVCCANCEL " jobid
175 The named job has been cancelled, either because the issuing client has
176 disconnected or explicitly cancelled the job using the
180 .BI "SVCCLAIM " service " " version
181 Another client has claimed a later version of the named
182 .I service. The recipient is no longer the provider of this service.
184 .BI "SVCJOB " jobid " " service " " command " " args \fR...
185 Announces the arrival of a new job. The
187 is a simple token consisting of alphanumeric characters which
189 uses to identify this job.
191 The service provider can reply to the job using the commands
196 The first of these sends an
198 response and leaves the job active; the other two send an
202 response respectively, and mark the job as being complete.
206 is a potentially long-running command, it can be run in the background.
207 This detail is hidden from service providers:
209 will issue the corresponding
211 responses when appropriate.)
212 .SS "Network addresses"
213 A network address is a sequence of words. The first is a token
214 identifying the network address family. The length of an address and
215 the meanings of the subsequent words depend on the address family.
216 Address family tokens are not case-sensitive on input; on output, they
217 are always in upper-case.
219 At present, only one address family is understood.
221 .BI "INET " address " " port
222 An Internet socket, naming an IPv4 address and UDP port. On output, the
223 address is always in numeric dotted-quad form, and the port is given as
224 a plain number. On input, DNS hostnames and symbolic port names are
225 permitted. Name resolution does not block the main server, but will
226 block the requesting client. This hopefully makes life simpler for
227 stupid clients. Complex clients which don't wish to be held up can open
228 extra connections or do the resolution themselves.)
230 If, on input, no recognised address family token is found, the following
231 words are assumed to represent an
234 .SS "Key-value output"
239 produce output in the form of
241 pairs, one per word. Neither the
247 Commands which enable or disable kinds of output (e.g.,
251 work in similar ways. They take a single optional argument, which
252 consists of a string of letters selecting message types, optionally
257 to disable, the subsequently listed types.
259 If the argument is omitted, the available message types are displayed,
262 line, in a fixed-column format. Column zero contains the key letter for
263 selecting that message type; column one contains either a space or a
265 sign, if the message type is disabled or enabled respectively; and a
266 textual description of the message type begins at column 3 and continues
267 to the end of the line.
269 Lowercase key letters control individual message types. Uppercase key
270 letters control collections of message types.
271 .SH "COMMAND REFERENCE"
273 The commands provided are:
275 .BI "ADD \fR[" options "\fR] " peer " " address "\fR..."
276 Adds a new peer. The peer is given the name
278 the peer's public key is assumed to be in the file
280 (or whatever alternative file was specified in the
282 option on the command line). The
284 is the network address (see above for the format) at which the peer can
285 be contacted. The following options are recognised.
289 .BI "\-background " tag
290 Run the command in the background, using the given
293 .BI "\-keepalive " time
294 Send a no-op packet if we've not sent a packet to the peer in the last
296 interval. This is useful for persuading port-translating firewalls to
297 believe that the `connection' is still active. The
299 is expressed as a nonnegative integer followed optionally by
305 for days, hours, minutes, or seconds respectively; if no suffix is
306 given, seconds are assumed.
308 .BI "\-tunnel " tunnel
309 Use the named tunnel driver, rather than the default.
316 line reporting the IP address and port number stored for
320 Cancels the background job with the named
323 .BI "CHECKCHAL " challenge
324 Verifies a challenge as being one earlier issued by
326 and not previously either passed to
328 or in a greeting message.
331 Causes the server to disassociate itself from its terminal and become a
332 background task. This only works once. A warning is issued.
334 .BI "EPING \fR[" options "\fR] " peer
335 Sends an encrypted ping to the peer, and expects an encrypted response.
336 This checks that the peer is running (and not being impersonated), and
337 that it can encrypt and decrypt packets correctly. Options and
338 responses are the same as for the
343 Requests the server to begin a new key exchange with
348 Requests a challenge. The challenge is returned in an
350 line, as a base64-encoded string. See
353 .BI "GREET " peer " " challenge
354 Sends a greeting packet containing the
356 (base-64 encoded) to the named
358 The expectation is that this will cause the peer to recognize us and
359 begin a key-exchange.
362 Causes the server to emit an
364 line for each command it supports. Each line lists the command name,
365 followed by the names of the arguments. This may be helpful as a memory
366 aid for interactive use, or for program clients probing for features.
371 line containing the name of the network interface used to collect IP
372 packets which are to be encrypted and sent to
374 Used by configuration scripts so that they can set up routing tables
375 appropriately after adding new peers.
380 line giving the tag for each outstanding background job.
383 Causes the server to forget all about
385 All keys are destroyed, and no more packets are sent. No notification
386 is sent to the peer: if it's important that the peer be notified, you
387 must think of a way to do that yourself.
390 For each currently-known peer, an
392 line is written containing the peer's name, as given to
395 .BI "NOTIFY " tokens\fR...
398 notification to all interested administration clients.
401 Returns information about a peer, in key-value form. The following keys
406 The tunnel driver used for this peer.
409 The keepalive interval, in seconds, or zero if no keepalives are to be
413 .BI "PING \fR[" options "\fR] " peer
414 Send a transport-level ping to the peer. The ping and its response are
415 not encrypted or authenticated. This command, possibly in conjunction
416 with tracing, is useful for ensuring that UDP packets are actually
417 flowing in both directions. See also the
423 line is printed describing the outcome:
426 .BI "ping-ok " millis
427 A response was received
429 after the ping was sent.
432 No response was received within the time allowed.
435 The peer was killed (probably by another admin connection) before a
436 response was received.
439 Options recognized for this command are:
443 .BI "\-background " tag
444 Run the command in the background, using the given
447 .BI "\-timeout " time
450 seconds before giving up on a response. The default is 5 seconds. (The
451 time format is the same as for the
460 line containing just the number of the UDP port used by the
462 server. If you've allowed your server to allocate a port dynamically,
463 this is how to find out which one it chose.
466 Instructs the server to recheck its keyring files. The server checks
467 these periodically anyway but it may be necessary to force a recheck,
468 for example after adding a new peer key.
471 Instructs the server to exit immediately. A warning is sent.
474 Returns information about the server, in the form of key-value pairs.
475 The following keys are used.
479 A keyword naming the implementation of the
481 server. The current implementation is called
485 The server's version number, as reported by
493 if the server has or hasn't (respectively) become a daemon.
496 .BI "SETIFNAME " peer " " new-name
497 Informs the server that the
499 tunnel-interface name has been changed to
501 This is useful if firewalling decisions are made based on interface
502 names: a setup script for a particular peer can change the name, and
503 then update the server's records so that they're accurate.
505 .BI "SVCCLAIM " service " " version
506 Attempts to claim the named
510 The claim is successful if the service is currently unclaimed, or if
511 a version earlier than
513 is provided; otherwise the command fails with the error
514 .BR "service-exists" .
516 .BI "SVCENSURE " service " \fR[" version \fR]
519 is provided, and (if specified) to at least the given
521 An error is reported if these conditions are not met; otherwise the
522 command succeeds silently.
524 .BI "SVCFAIL " jobid " " tokens \fR...
529 response to the service job with the given
533 as the reason for failure. The job is closed.
535 .BI "SVCINFO " jobid " " tokens \fR...
540 response to the service job with the given
544 as the info message. The job remains open.
547 Output a line of the form
554 for each service currently provided.
562 response to the service job with the given
566 .BI "SVCQUERY " service
569 lines in key-value format, describing the named
571 The following keys are used.
578 The service's version string.
581 .BI "SVCRELEASE " service
582 Announce that the client no longer wishes to provide the named
585 .BI "SVCSUBMIT \fR[" options "\fR] " service " " command " " arguments \fR...
586 Submit a job to the provider of the given
592 The following options are accepted.
596 .BI "\-background " tag
597 Run the command in the background, using the given
600 .BI "\-version " version
601 Ensure that at least the given
603 of the service is available before submitting the job.
610 lines, each containing one or more statistics in the form
611 .IB name = value \fR.
612 The statistics-gathering is experimental and subject to change.
614 .BR "TRACE " [\fIoptions\fP]
615 Selects trace outputs: see
617 above. Message types provided are:
620 Currently, the following tracing options are supported:
623 Tunnel events: reception of packets to be encrypted, and injection of
624 successfully-decrypted packets.
627 Peer management events: creation and destruction of peer attachments,
628 and arrival of messages.
631 Administration interface: acceptance of new connections, and handling of
632 the backgroud name-resolution required by the
637 Handling of symmetric keysets: creation and expiry of keysets, and
638 encryption and decryption of messages.
641 Key exchange: reception, parsing and emission of key exchange messages.
644 Key management: loading keys and checking for file modifications.
647 Display information about challenge issuing and verification.
650 Display contents of packets sent and received by the tunnel and/or peer
654 Display inputs, outputs and intermediate results of cryptographic
655 operations. This includes plaintext and key material. Use with
667 outputs provide extra detail for other outputs. Specifying
673 isn't useful; neither is specifying
684 For each available tunnel driver, an
686 line is printed giving its name.
689 Causes the server to emit an
691 line stating its software version, as two words: the server name, and
692 its version string. The server name
694 is reserved to the Straylight/Edgeware implementation.
696 .BR "WATCH " [\fIoptions\fP]
697 Enables or disables asynchronous broadcasts
698 .IR "for the current connection only" .
701 above. The default watch state for the connection the server opens
702 automatically on stdin/stdout is to show warnings and trace messages;
703 other connections show no asynchronous broadcast messages. (This is
704 done in order to guarantee that a program reading the server's stdout
705 does not miss any warnings.)
708 Message types provided are:
726 .BI "WARN " tokens\fR...
729 warning to all interested administration clients.
731 .\"* 20 Error messages (FAIL codes)
736 messages are sent to clients as a result of errors during command
744 server is already running as a daemon.
746 .BI "bad-addr-syntax " message
747 (For commands accepting socket addresses.) The address couldn't be
750 .BI "bad-syntax " cmd " " message
751 (For any command.) The command couldn't be understood: e.g., the number
752 of arguments was wrong.
754 .BI "bad-time-spec " word
757 is not a valid time interval specification. Acceptable time
758 specifications are nonnegative integers followed optionally by
764 for days, hours, minutes, or seconds, respectively.
766 .BI "bad-trace-option " char
769 An unknown trace option was requested.
771 .BI "bad-watch-option " char
774 An unknown watch option was requested.
776 .BI "daemon-error " ecode " " message
779 An error occurred during the attempt to become a daemon, as reported by
782 .BI "invalid-port " number
785 The given port number is out of range.
787 .BI "not-service-provider " service
790 The invoking client is not the current provider of the named
792 and is therefore not allowed to release it.
794 .BI "peer-create-fail " peer
799 failed for some reason. A warning should have been emitted explaining
802 .BI "peer-exists " peer
805 There is already a peer named
808 .B "ping-send-failed"
809 The attempt to send a ping packet failed, probably due to lack of
812 .BI "resolve-error " hostname
817 could not be resolved.
819 .BI "resolver-timeout " hostname
824 took too long to resolve.
826 .BI "service-exists " service " " version
829 Another client is already providing the stated
834 .BI "service-too-old " service " " version
843 is available, which does not meet the stated requirements.
845 .BI "tag-exists " tag
846 (For long-running commands.) The named
848 is already the tag of an outstanding job.
850 .BI "unknown-command " token
855 .BI "unknown-peer " name
863 There is no peer called
866 .BI "unknown-port " port
874 .BI "unknown-service " service
883 is not recognized as the name of a client-provided service.
885 .BI "unknown-tag " tag
890 is not the tag for any outstanding background job. It may have just
893 .\"* 30 Notification broadcasts (NOTE codes)
894 The following notifications are sent to clients who request them.
896 .BI "ADD " peer " " ifname " " address \fR...
897 A new peer has been added. The peer's name is
899 its tunnel is network interface
901 and its network address is
905 The server has forked off into the sunset and become a daemon.
907 .BI "GREET " challenge " " address \fR...
908 A valid greeting was received, with the given challenge (exactly as it
921 finished successfully.
926 has begun or restarted. If key exchange keeps failing, this message
927 will be repeated periodically.
929 .BI "NEWIFNAME " peer " " old-name " " new-name
932 tunnel interface name has been changed from
940 .BI "SVCCLAIM " service " " version
943 is now available, at the stated
946 .BI "SVCRELEASE " service
949 is no longer available.
951 .BI "USER " tokens\fR...
952 An administration client issued a notification using the
956 .\"* 40 Warning broadcasts (WARN codes)
958 There are many possible warnings. They are categorized according to
961 Many of these warnings report system errors. These are reported as a
962 pair of tokens, described below as
968 is a string of the form
972 value of the error; the
974 is the `human-readable' form of the message, as reported by
977 These all indicate that the
979 server has become unable to continue. If enabled, the server will dump
980 core in its configuration directory.
982 .BI "ABORT repeated-select-errors"
983 The main event loop is repeatedly failing. If the server doesn't quit,
984 it will probably waste all available CPU doing nothing.
986 These indicate a problem with the administration socket interface.
988 .BI "ADMIN accept-error " ecode " " message
989 There was an error while attempting to accept a connection from a new
992 .BI "ADMIN client-write-error " ecode " " message
993 There was an error sending data to a client. The connection to the
994 client has been closed.
996 These indicate errors in challenges, either in the
998 command or in greeting packets.
1000 .B "CHAL impossible-challenge"
1001 The server hasn't issued any challenges yet. Quite how anyone else
1002 thought he could make one up is hard to imagine.
1004 .B "CHAL incorrect-tag"
1005 Challenge received contained the wrong authentication data. It might be
1006 very stale, or a forgery.
1008 .B "CHAL invalid-challenge"
1009 Challenge received was the wrong length. We might have changed MAC
1010 algorithms since the challenge was issued, or it might just be rubbish.
1012 .B "CHAL replay duplicated-sequence"
1013 Challenge received was a definite replay of an old challenge. Someone's
1016 .B "CHAL replay old-sequence"
1017 Challenge received was old, but maybe not actually a replay. Try again.
1018 .SS "KEYMGMT warnings"
1019 These indicate a problem with the keyring files, or the keys stored in
1022 .BI "KEYMGMT bad-private-key " message
1023 The private key could not be read, or failed a consistency check. If
1024 there was a problem with the file, usually there will have been
1026 warnings before this.
1028 .BI "KEYMGMT bad-public-keyring " message
1029 The public keyring couldn't be read. Usually, there will have been
1031 warnings before this.
1033 .BI "KEYMGMT key-file-error " file ":" line " " message
1034 Reports a specific error with the named keyring file. This probably
1038 .BI "KEYMGMT public-key " tag " " tokens\fR...
1039 These messages all indicate a problem with the public key named
1042 .BI "KEYMGMT public-key " tag " algorithm-mismatch"
1043 The algorithms specified on the public key don't match the ones for our
1044 private key. All the peers in a network have to use the same
1047 .BI "KEYMGMT public-key " tag " bad " message
1048 The public key couldn't be read, or is invalid.
1050 .BI "KEYMGMT public-key " tag " bad-public-group-element"
1051 The public key is invalid. This may indicate a malicious attempt to
1052 introduce a bogus key.
1054 .BI "KEYMGMT public-key " tag " bad-algorithm-selection"
1055 The algorithms listed on the public key couldn't be understood. The
1056 algorithm selection attributes are probably malformed and need fixing.
1058 .BI "KEYMGMT public-key " tag " incorrect-group"
1059 The public key doesn't use the same group as our private key. All the
1060 peers in a network have to use the same group.
1062 .BI "KEYMGMT public-key " tag " not-found"
1063 The public key for peer
1065 wasn't in the public keyring.
1067 .BI "KEYMGMT public-key " tag " unknown-type"
1068 The type of the public key isn't understood. Maybe you need to upgrade
1071 (Even if you do, you'll have to regenerate your keys.)
1073 These indicate problems during key-exchange. Many indicate either a bug
1074 in the server (either yours or the remote one), or some kind of attack
1075 in progress. All name a
1077 as the second token: this is the peer the packet is apparently from,
1078 though it may have been sent by an attacker instead.
1080 In the descriptions below,
1082 is one of the tokens
1091 .BI "KX " peer " bad-expected-reply-log"
1094 uses in its protocol contain a check value which proves that the
1095 challenge is honest. This message indicates that the check value
1096 supplied is wrong: someone is attempting to use bogus challenges to
1099 server to leak private key information. No chance!
1101 .BI "KX " peer " decrypt-failed reply\fR|\fBswitch-ok"
1102 A symmetrically-encrypted portion of a key-exchange message failed to
1105 .BI "KX " peer " invalid " msgtoken
1106 A key-exchange message was malformed. This almost certainly indicates a
1109 .BI "KX " peer " incorrect cookie\fR|\fBswitch-rq\fR|\fBswitch-ok"
1110 A message didn't contain the right magic data. This may be a replay of
1111 some old exchange, or random packets being sent in an attempt to waste
1114 .BI "KX " peer " public-key-expired"
1115 The peer's public key has expired. It's maintainer should have given
1116 you a replacement before now.
1118 .BI "KX " peer " sending-cookie"
1119 We've received too many bogus pre-challenge messages. Someone is trying
1120 to flood us with key-exchange messages and make us waste CPU on doing
1121 hard asymmetric crypto sums.
1123 .BI "KX " peer " unexpected " msgtoken
1124 The message received wasn't appropriate for this stage of the key
1125 exchange process. This may mean that one of our previous packets got
1128 it may simply mean that the peer has recently restarted.
1130 .BI "KX " peer " unknown-challenge"
1131 The peer is asking for an answer to a challenge which we don't know
1132 about. This may mean that we've been inundated with challenges from
1133 some malicious source
1134 .I who can read our messages
1135 and discarded the valid one.
1137 .BI "KX " peer " unknown-message 0x" nn
1138 An unknown key-exchange message arrived.
1140 These are largely concerned with management of peers and the low-level
1141 details of the network protocol. The second word is usually the name of
1144 if none is relevant.
1146 .BI "PEER " peer " bad-packet no-type"
1147 An empty packet arrived. This is very strange.
1149 .BI "PEER " peer " bad-packet unknown-category 0x" nn
1150 The message category
1152 (in hex) isn't understood. Probably a strange random packet from
1153 somewhere; could be an unlikely bug.
1155 .BI "PEER " peer " bad-packet unknown-type 0x" nn
1158 (in hex) isn't understood. Probably a strange random packet from
1159 somewhere; could be an unlikely bug.
1161 .BI "PEER " peer " corrupt-encrypted-ping"
1162 The peer sent a ping response which matches an outstanding ping, but its
1163 payload is wrong. There's definitely a bug somewhere.
1165 .BI "PEER " peer " corrupt-transport-ping"
1166 The peer (apparently) sent a ping response which matches an outstanding
1167 ping, but its payload is wrong. Either there's a bug, or the bad guys
1168 are playing tricks on you.
1170 .BI "PEER " peer " decrypt-failed"
1171 An encrypted IP packet failed to decrypt. It may have been mangled in
1172 transit, or may be a very old packet from an expired previous session
1173 key. There is usually a considerable overlap in the validity periods of
1174 successive session keys, so this shouldn't occur unless the key exchange
1175 takes ages or fails.
1177 .BI "PEER " peer " malformed-encrypted-ping"
1178 The peer sent a ping response which is hopelessly invalid. There's
1179 definitely a bug somewhere.
1181 .BI "PEER " peer " malformed-transport-ping"
1182 The peer (apparently) sent a ping response which is hopelessly invalid.
1183 Either there's a bug, or the bad guys are playing tricks on you.
1185 .BI "PEER " peer " packet-build-failed"
1186 There wasn't enough space in our buffer to put the packet we wanted to
1187 send. Shouldn't happen.
1189 .BI "PEER \- socket-read-error " ecode " " message
1190 An error occurred trying to read an incoming packet.
1192 .BI "PEER " peer " socket-write-error " ecode " " message
1193 An error occurred attempting to send a network packet. We lost that
1196 .BI "PEER " peer " unexpected-encrypted-ping 0x" id
1197 The peer sent an encrypted ping response whose id doesn't match any
1198 outstanding ping. Maybe it was delayed for longer than the server was
1199 willing to wait, or maybe the peer has gone mad.
1201 .BI "PEER \- unexpected-source " address\fR...
1202 A packet arrived from
1204 (a network address \(en see above), but no peer is known at that
1205 address. This may indicate a misconfiguration, or simply be a result of
1206 one end of a connection being set up before the other.
1208 .BI "PEER " peer " unexpected-transport-ping 0x" id
1209 The peer (apparently) sent a transport ping response whose id doesn't
1210 match any outstanding ping. Maybe it was delayed for longer than the
1211 server was willing to wait, or maybe the peer has gone mad; or maybe
1212 there are bad people trying to confuse you.
1213 .SS "SERVER warnings"
1214 These indicate problems concerning the server process as a whole.
1216 .BI "SERVER ignore signal " name
1217 A signal arrived, but the server ignored it. Currently this happens for
1219 because that's a popular way of telling daemons to re-read their
1220 configuration files. Since
1222 re-reads its keyrings automatically and has no other configuration
1223 files, it's not relevant, but it seemed better to ignore the signal than
1226 .BI "SERVER quit signal " \fR[\fInn\fR|\fIname\fR]
1227 A signal arrived and
1231 .BI "SERVER quit admin-request"
1232 A client of the administration interface issued a
1236 .BI "SERVER select-error " ecode " " message
1237 An error occurred in the server's main event loop. This is bad: if it
1238 happens too many times, the server will abort.
1240 These are concerned with the symmetric encryption and decryption
1243 .BI "SYMM replay old-sequence"
1244 A packet was received with an old sequence number. It may just have
1245 been delayed or duplicated, or it may have been an attempt at a replay
1248 .BI "SYMM replay duplicated-sequence"
1249 A packet was received with a sequence number we've definitely seen
1250 before. It may be an accidental duplication because the 'net is like
1251 that, or a deliberate attempt at a replay.
1253 These concern the workings of the system-specific tunnel driver. The
1254 second word is the name of the tunnel interface in question, or
1258 .BI "TUN \- bsd no-tunnel-devices"
1259 The driver couldn't find an available tunnel device. Maybe if you
1262 files, it will work.
1264 .BI "TUN - " tun-name " open-error " device " " ecode " " message
1265 An attempt to open the tunnel device file
1269 .BI "TUN \- linux config-error " ecode " " message
1270 Configuring the Linux TUN/TAP interface failed.
1272 .BI "TUN " ifname " " tun-name " read-error " ecode " " message
1273 Reading from the tunnel device failed.
1275 .BI "TUN " ifname " slip bad-escape"
1276 The SLIP driver encountered a escaped byte it wasn't expecting to see.
1277 The erroneous packet will be ignored.
1279 .BI "TUN " ifname " slip eof"
1280 The SLIP driver encountered end-of-file on its input descriptor.
1281 Pending data is discarded, and no attempt is made to read any more data
1282 from that interface ever.
1284 .BI "TUN " ifname " slip escape-end"
1285 The SLIP driver encountered an escaped `end' marker. This probably
1286 means that someone's been sending it junk. The erroneous packet is
1287 discarded, and we hope that we've rediscovered synchronization.
1289 .BI "TUN \- slip fork-error " ecode " " message
1290 The SLIP driver encountered an error forking a child process while
1291 allocating a new dynamic interface.
1293 .BI "TUN \- slip no-slip-interfaces"
1294 The driver ran out of static SLIP interfaces. Either preallocate more,
1295 or use dynamic SLIP interface allocation.
1297 .BI "TUN " ifname " slip overflow"
1298 The SLIP driver gave up reading a packet because it got too large.
1300 .BI "TUN \- slip pipe-error " ecode " " message
1301 The SLIP driver encountered an error creating pipes while allocating a
1302 new dynamic interface.
1304 .BI "TUN \- slip read-ifname-failed " ecode " " message
1305 The SLIP driver encountered an error reading the name of a dynamically
1306 allocated interface. Maybe the allocation script is broken.
1308 .BI "TUN \- unet config-error " ecode " " message
1309 Configuring the Linux Unet interface failed. Unet is obsolete and
1310 shouldn't be used any more.
1312 .BI "TUN \- unet getinfo-error " ecode " " message
1313 Reading information about the Unet interface failed. Unet is obsolete
1314 and shouldn't be used any more.
1316 .BI "TUN \- unet ifname-too-long"
1317 The Unet interface's name overflowed, so we couldn't read it properly.
1318 Unet is obsolete and shouldn't be used any more.
1320 These are issued by administration clients using the
1324 .BI "USER " tokens\fR...
1325 An administration client issued a warning.
1328 .SS "Command responses"
1330 .BI "BGFAIL " tag " " tokens \fR...
1331 .BI "BGINFO " tag " " tokens \fR...
1333 .BI "FAIL " tokens \fR...
1334 .BI "INFO " tokens \fR...
1342 .IR "The Trivial IP Encryption Protocol" .
1344 Mark Wooding, <mdw@distorted.org.uk>