ipv6-host2host scenario added

2006-06-06 05:43:32 +00:00 · 2006-06-06 05:43:32 +00:00 · 71c80765a5
parent fc0afb6810
commit 71c80765a5
7 changed files with 99 additions and 0 deletions
--- a/testing/tests/ipv6-host2host/description.txt
+++ b/testing/tests/ipv6-host2host/description.txt
@ -0,0 +1,3 @@
+An IPv6 ESP connection between the hosts <b>moon</b> and <b>sun</b> is successfully set up.
+The authentication is based on X.509 certificates. In order to test the host-to-host tunnel
+<b>moon</b> sends an IPv6 ICMP request to <b>sun</b> using the ping6 command.
--- a/testing/tests/ipv6-host2host/evaltest.dat
+++ b/testing/tests/ipv6-host2host/evaltest.dat
@ -0,0 +1,5 @@
+moon::ipsec status::host-host.*STATE_QUICK_I2.*IPsec SA established::YES
+sun::ipsec status::host-host.*STATE_QUICK_R2.*IPsec SA established::YES
+moon::ping6 -c 1 ip6-sun.strongswan.org::64 bytes from ip6-sun.strongswan.org: icmp_seq=1::YES
+sun::tcpdump::00:01 >.*00:02, ethertype IPv6.*length 194::YES
+sun::tcpdump::00:02 >.*00:01, ethertype IPv6.*length 194::YES
--- a/testing/tests/ipv6-host2host/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ipv6-host2host/hosts/moon/etc/ipsec.conf
@ -0,0 +1,33 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+version	2.0	# conforms to second version of ipsec.conf specification
+
+config setup
+	plutodebug=control
+	crlcheckinterval=180
+	strictcrlpolicy=no
+	charonstart=no
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+
+conn net-net
+	also=host-host
+	leftsubnet=fec1::0/16
+	rightsubnet=fec2::0/16
+
+conn host-host
+	left=PH_IP6_MOON
+	leftnexthop=0::0
+	leftcert=moonCert.pem
+	leftid=@moon.strongswan.org
+	leftfirewall=yes
+	right=PH_IP6_SUN
+	rightnexthop=0::0
+	rightid=@sun.strongswan.org
+	#keyexchange=ikev2
+	auto=add
+
--- a/testing/tests/ipv6-host2host/hosts/sun/etc/ipsec.conf
+++ b/testing/tests/ipv6-host2host/hosts/sun/etc/ipsec.conf
@ -0,0 +1,31 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+version	2.0	# conforms to second version of ipsec.conf specification
+
+config setup
+	plutodebug=control
+	crlcheckinterval=180
+	strictcrlpolicy=no
+	charonstart=no
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+
+conn net-net
+	also=host-host
+	leftsubnet=fec2::0/16
+	rightsubnet=fec1::0/16
+
+conn host-host
+	left=PH_IP6_SUN
+	leftnexthop=0::0
+	leftcert=sunCert.pem
+	leftid=@sun.strongswan.org
+	leftfirewall=yes
+	right=PH_IP6_MOON
+	rightnexthop=0::0
+	rightid=@moon.strongswan.org
+	auto=add
--- a/testing/tests/ipv6-host2host/posttest.dat
+++ b/testing/tests/ipv6-host2host/posttest.dat
@ -0,0 +1,2 @@
+moon::ipsec stop
+sun::ipsec stop
--- a/testing/tests/ipv6-host2host/pretest.dat
+++ b/testing/tests/ipv6-host2host/pretest.dat
@ -0,0 +1,4 @@
+moon::ipsec start
+sun::ipsec start
+moon::sleep 2 
+moon::ipsec up host-host
--- a/testing/tests/ipv6-host2host/test.conf
+++ b/testing/tests/ipv6-host2host/test.conf
@ -0,0 +1,21 @@
+#!/bin/bash
+#
+# This configuration file provides information on the
+# UML instances used for this test
+
+# All UML instances that are required for this test
+#
+UMLHOSTS="moon winnetou sun"
+ 
+# Corresponding block diagram
+#
+DIAGRAM="m-w-s.png"
+
+# UML instances on which tcpdump is to be started
+#
+TCPDUMPHOSTS="sun"
+
+# UML instances on which IPsec is started
+# Used for IPsec logging purposes
+#
+IPSECHOSTS="moon sun"