- ipsec verify [--host name]
In addition, verify performs checks relevant to Opportunistic Encryption. It looks in forward DNS for a TXT record for the system's hostname, and in reverse DNS for a TXT record for the system's IP addresses. It checks whether the system has a public IP.
The --host option causes verify to look for a TXT record for name in forward and reverse DNS.
Written for the Linux FreeS/WAN project <m[blue]http://www.freeswan.orgm> by Michael Richardson.
Verify does not check for ipchains masquerading.
Verify does not look for TXT records for Opportunistic clients behind the system.