Barf outputs (on standard output) a collection of debugging information (contents of files, selections
from logs, etc.) related to the IPsec encryption/authentication system. It is primarily a convenience for
remote debugging, a single command that packages up (and labels) all information that might be relevant
to diagnosing a problem in IPsec.
The --short option limits the length of the log portion of barf's output, which can otherwise be
extremely voluminous if debug logging is turned on.
On systems with systemd, ipsec barf will look for logs using the journalctl command. If the logfile=
option is used, logs will also not be found by the ipsec barf command.
Barf censors its output, replacing keys and secrets with brief checksums to avoid revealing sensitive
information.
Beware that the output of both commands is aimed at humans, not programs, and the output format is
subject to change without warning.
Barf has to figure out which files in /var/log contain the IPsec log messages. It looks for general log
messages first in messages and syslog, and for Pluto messages first in secure, auth.log, and debug. In
both cases, if it does not find what it is looking for in one of those “likely” places, it will resort to
a brute-force search of most (non-compressed) files in /var/log.
Install Now
PNG Icons
