Index |
A unique index for this entry. |
State |
The current state of the security association
Possible values:
alive(1), -- The SA is alive
expired(2), -- The SA is expired
negotiating(4),-- This SA is currently negotiated
established(5) -- The SA is alive and will eventually be
rekeyed. Enumerations: - expired (2)
- negotiating (4)
- established (5)
|
Dir |
This object specifies whether the SA is used for inbound or
outbound processing.
Possible values:
inbound(1), -- An inbound security association
outbound(2) -- An outbound security association. Enumerations: |
Mode |
This object specifies whether the SA is in tunnel or
transport mode.
Possible values:
tunnel(1), -- A tunnel mode SA
transport(2) -- A transport mode SA. Enumerations: |
SecProto |
This object specifies the security protocol applied by this SA.
Possible values:
esp(50), -- Encapsulating Security Payload
ah(51), -- Authentication Header
ipcomp(108) -- Internet Payload Compression Protocol. Enumerations: - esp (50)
- ah (51)
- ipcomp (108)
|
Spi |
The Security Parameters Index of this SA. |
AuthAlg |
The hash algorithm used, if any.
Possible Values:
none(2), -- No hash algorithm applied
md5-96(4), -- The MD5 hash algorithm
sha1-96(6) -- The Secure Hash Algorithm. Enumerations: - none (2)
- md5-96 (4)
- sha1-96 (6)
|
EncAlg |
The encryption algorithm used, if any.
Possible Values:
none(1), -- No encryption applied
des-cbc(2), -- DES in CBC mode
des3-cbc(3), -- Triple DES in CBC mode
blowfish-cbc(4), -- Blowfish in CBC mode
cast128-cbc(5), -- CAST with 128 bit key in CBC mode
twofish-cbc(6), -- Twofish in CBC mode
rijndael-cbc(7) -- Rijndael in CBC mode. Enumerations: - none (1)
- des-cbc (2)
- des3-cbc (3)
- blowfish-cbc (4)
- cast128-cbc (5)
- twofish-cbc (6)
- rijndael-cbc (7)
|
CompAlg |
The compression algorithm used, if any.
Possible Values:
none(1), -- No compression
deflate(2) -- DEFLATE compression algorithm. Enumerations: |
AuthKeyLen |
The length of the key used for authentication, if any. |
EncKeyLen |
The length of the key used for encryption, if any. |
ReplayErrors |
The number of replayed packets detected for this SA. |
RecvErrors |
The number of receive errors (replayed packets not counted)
detected for this SA. |
DecryptErrors |
The number of decryption errors (ESP only) detected for
this SA. |
Bundle |
unique id of SA-bundle within this SA is used. |
BundleNesting |
place of SA within SA-Bundle. |
SpiSize |
The size of the SPI in bytes. |