IpsecConf parser - file /etc/ipsec.conf

IpsecConf parser the file /etc/ipsec.conf about the configuration and control information for the Libreswan IPsec subsystem.

class insights.parsers.ipsec_conf.IpsecConf(context, extra_bad_lines=None)[source]

Bases: insights.core.CommandParser, dict

Class for parsing the file /etc/ipsec.conf about the configuration and control information for the Libreswan IPsec subsystem

Raises

SkipException -- When content is empty or cannot be parsed.

Sample output of this command is:

# /etc/ipsec.conf - Libreswan IPsec configuration file
#
# see 'man ipsec.conf' and 'man pluto' for more information
#
# For example configurations and documentation, see https://libreswan.org/wiki/

config setup
        # plutodebug="control parsing"
        # plutodebug="all crypt"
        plutodebug=none
        # It seems that T-Mobile in the US and Rogers/Fido in Canada are
        # using 25/8 as "private" address space on their wireless networks.
        # This range has never been announced via BGP (at least up to 2015)
        virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v4:100.64.0.0/10,%v6:fd00::/8,%v6:fe80::/10

# if it exists, include system wide crypto-policy defaults
include /etc/crypto-policies/back-ends/libreswan.config

# It is best to add your IPsec connections as separate files in /etc/ipsec.d/
include /etc/ipsec.d/*.conf

Examples

>>> ipsec_conf['config']['setup']['plutodebug'] == 'none'
True
>>> ipsec_conf['include']
['/etc/crypto-policies/back-ends/libreswan.config', '/etc/ipsec.d/*.conf']
parse_content(content)[source]

This method must be implemented by classes based on this class.