Provided by: libreswan_4.14-1ubuntu2_amd64 bug

NAME
       ipsec_barf - spew out collected IPsec debugging information


SYNOPSIS

       ipsec barf [--short]


DESCRIPTION
       Barf outputs (on standard output) a collection of debugging information (contents of files, selections
       from logs, etc.) related to the IPsec encryption/authentication system. It is primarily a convenience for
       remote debugging, a single command that packages up (and labels) all information that might be relevant
       to diagnosing a problem in IPsec.

       The --short option limits the length of the log portion of barf's output, which can otherwise be
       extremely voluminous if debug logging is turned on.

       On systems with systemd, ipsec barf will look for logs using the journalctl command. If the logfile=
       option is used, logs will also not be found by the ipsec barf command.

       Barf censors its output, replacing keys and secrets with brief checksums to avoid revealing sensitive
       information.

       Beware that the output of both commands is aimed at humans, not programs, and the output format is
       subject to change without warning.

       Barf has to figure out which files in /var/log contain the IPsec log messages. It looks for general log
       messages first in messages and syslog, and for Pluto messages first in secure, auth.log, and debug. In
       both cases, if it does not find what it is looking for in one of those “likely” places, it will resort to
       a brute-force search of most (non-compressed) files in /var/log.


FILES
           /proc/net/*
           /var/log/*
           /etc/ipsec.conf
           /etc/ipsec.secrets


HISTORY
       Written for the Linux FreeS/WAN project <https://www.freeswan.org> by Henry Spencer.


BUGS
       Barf uses heuristics to try to pick relevant material out of the logs, and relevant messages that are not
       labelled with any of the tags that barf looks for will be lost. We think we've eliminated the last such
       case, but one never knows...

       Finding updown scripts (so they can be included in output) is, in general, difficult.  Barf uses a very
       simple heuristic that is easily fooled.

       The brute-force search for the right log files can get expensive on systems with a lot of clutter in
       /var/log.


AUTHOR
       Paul Wouters
           placeholder to suppress warning

libreswan                                          03/31/2024                                      IPSEC_BARF(8)