Name
ipsec show — see if a target IP address would get encrypted or not
DESCRIPTION
The ipsec show show if the target IP
address would get encrypted. Currently requires
the XFRM/NETKEY stack root access. If no target IP is given, show all
active source - dest tunnels.
HISTORY
Written originally for the Libreswan Project by Paul Wouters
BUGS
It's pretty simplistic, so there might be cases where it is wrong.
There is also obviously a race condition if you run this show and
right afterwards the tunnel goes down.