ip(4): Mention IP_IPSEC_POLICY ip-level socket option

Text is literally taken from NetBSD ip(4). Sponsored by: NVIDIA Networking MFC after: 3 days
2026-04-02 16:05:17 -04:00 · 2021-08-09 14:07:18 +03:00 · 2021-08-09 14:07:18 +03:00 · 4a5a67fe67
commit 4a5a67fe67
parent ba3896e169
1 changed files with 10 additions and 1 deletions
--- a/share/man/man4/ip.4
+++ b/share/man/man4/ip.4
@ -28,7 +28,7 @@
 .\"     @(#)ip.4	8.2 (Berkeley) 11/30/93
 .\" $FreeBSD$
 .\"
-.Dd May 24, 2020
+.Dd August 9, 2021
 .Dt IP 4
 .Os
 .Sh NAME
@ -109,6 +109,15 @@ int ttl = 60;                   /* max = 255 */
 setsockopt(s, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl));
 .Ed
 .Pp
+.Dv IP_IPSEC_POLICY
+controls IPSec policy for sockets.
+For example,
+.Bd -literal
+const char *policy = "in ipsec ah/transport//require";
+char *buf = ipsec_set_policy(policy, strlen(policy));
+setsockopt(s, IPPROTO_IP, IP_IPSEC_POLICY, buf, ipsec_get_policylen(buf));
+.Ed
+.Pp
 .Dv IP_MINTTL
 may be used to set the minimum acceptable TTL a packet must have when
 received on a socket.