upgraded sql scenarios to 5.0.0
This commit is contained in:
Andreas Steffen
parent
1e26235a0d
commit
84b291e668
|
|
@ -1,21 +1,25 @@
|
|||
carol::cat /var/log/daemon.log::installing new virtual IP PH_IP_CAROL1::YES
|
||||
carol::ip addr list dev eth0::PH_IP_CAROL1::YES
|
||||
carol::ip route list table 220::10.1.0.0/16.*src PH_IP_CAROL1::YES
|
||||
carol::ipsec status::home.*INSTALLED::YES
|
||||
carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
|
||||
carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
|
||||
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
dave::cat /var/log/daemon.log::installing new virtual IP PH_IP_DAVE1::YES
|
||||
dave::ip addr list dev eth0::PH_IP_DAVE1::YES
|
||||
dave::ip route list table 220::10.1.0.0/16.*src PH_IP_DAVE1::YES
|
||||
dave::ipsec status::home.*INSTALLED::YES
|
||||
dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
moon::cat /var/log/daemon.log::peer requested virtual IP %any::YES
|
||||
moon::cat /var/log/daemon.log::acquired new lease for address.*in pool.*bigpool::YES
|
||||
moon::cat /var/log/daemon.log::assigning virtual IP::YES
|
||||
moon::ipsec pool --status 2> /dev/null::bigpool.*10.3.0.1.*10.3.0.6.*1h.*2::YES
|
||||
moon::ipsec pool --leases --filter pool=bigpool,addr=10.3.0.1,id=carol@strongswan.org 2> /dev/null::online::YES
|
||||
moon::ipsec pool --leases --filter pool=bigpool,addr=10.3.0.2,id=dave@strongswan.org 2> /dev/null::online::YES
|
||||
moon::ipsec status::rw.*ESTABLISHED.*carol@strongswan.org::YES
|
||||
moon::ipsec status::rw.*ESTABLISHED.*dave@strongswan.org::YES
|
||||
dave:: cat /var/log/daemon.log::installing new virtual IP PH_IP_DAVE1::YES
|
||||
dave:: ip addr list dev eth0::PH_IP_DAVE1::YES
|
||||
dave:: ip route list table 220::10.1.0.0/16.*src PH_IP_DAVE1::YES
|
||||
dave:: ipsec status 2> /dev/null::home.*ESTABLISHED.*dave@strongswan.org.*moon.strongswan.org::YES
|
||||
dave:: ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
|
||||
dave:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
moon:: cat /var/log/daemon.log::peer requested virtual IP %any::YES
|
||||
moon:: cat /var/log/daemon.log::acquired new lease for address.*in pool.*bigpool::YES
|
||||
moon:: cat /var/log/daemon.log::assigning virtual IP::YES
|
||||
moon:: ipsec pool --status 2> /dev/null::bigpool.*10.3.0.1.*10.3.0.6.*1h.*2::YES
|
||||
moon:: ipsec pool --leases --filter pool=bigpool,addr=10.3.0.1,id=carol@strongswan.org 2> /dev/null::online::YES
|
||||
moon:: ipsec pool --leases --filter pool=bigpool,addr=10.3.0.2,id=dave@strongswan.org 2> /dev/null::online::YES
|
||||
moon:: ipsec status 2> /dev/null::rw\[1]: ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::YES
|
||||
moon:: ipsec status 2> /dev/null::rw\[2]: ESTABLISHED.*moon.strongswan.org.*dave@strongswan.org::YES
|
||||
moon:: ipsec status 2> /dev/null::rw[{]1}.*INSTALLED, TUNNEL::YES
|
||||
moon:: ipsec status 2> /dev/null::rw[{]2}.*INSTALLED, TUNNEL::YES
|
||||
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
|
||||
moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,21 +1,25 @@
|
|||
carol::cat /var/log/daemon.log::installing new virtual IP PH_IP_CAROL1::YES
|
||||
carol::ip addr list dev eth0::PH_IP_CAROL1::YES
|
||||
carol::ip route list table 220::10.1.0.0/16.*src PH_IP_CAROL1::YES
|
||||
carol::ipsec status::home.*INSTALLED::YES
|
||||
carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
|
||||
carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
|
||||
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
dave::cat /var/log/daemon.log::installing new virtual IP PH_IP_DAVE1::YES
|
||||
dave::ip addr list dev eth0::PH_IP_DAVE1::YES
|
||||
dave::ip route list table 220::10.1.0.0/16.*src PH_IP_DAVE1::YES
|
||||
dave::ipsec status::home.*INSTALLED::YES
|
||||
dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
moon::cat /var/log/daemon.log::peer requested virtual IP %any::YES
|
||||
moon::cat /var/log/daemon.log::acquired existing lease for address.*in pool.*bigpool::YES
|
||||
moon::cat /var/log/daemon.log::assigning virtual IP::YES
|
||||
moon::ipsec pool --status 2> /dev/null::bigpool.*10.3.0.1.*10.3.0.6.*static.*2::YES
|
||||
moon::ipsec pool --leases --filter pool=bigpool,addr=10.3.0.1,id=carol@strongswan.org 2> /dev/null::online::YES
|
||||
moon::ipsec pool --leases --filter pool=bigpool,addr=10.3.0.2,id=dave@strongswan.org 2> /dev/null::online::YES
|
||||
moon::ipsec status::rw.*ESTABLISHED.*carol@strongswan.org::YES
|
||||
moon::ipsec status::rw.*ESTABLISHED.*dave@strongswan.org::YES
|
||||
dave:: cat /var/log/daemon.log::installing new virtual IP PH_IP_DAVE1::YES
|
||||
dave:: ip addr list dev eth0::PH_IP_DAVE1::YES
|
||||
dave:: ip route list table 220::10.1.0.0/16.*src PH_IP_DAVE1::YES
|
||||
dave:: ipsec status 2> /dev/null::home.*ESTABLISHED.*dave@strongswan.org.*moon.strongswan.org::YES
|
||||
dave:: ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
|
||||
dave:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
moon:: cat /var/log/daemon.log::peer requested virtual IP %any::YES
|
||||
moon:: cat /var/log/daemon.log::acquired existing lease for address.*in pool.*bigpool::YES
|
||||
moon:: cat /var/log/daemon.log::assigning virtual IP::YES
|
||||
moon:: ipsec pool --status 2> /dev/null::bigpool.*10.3.0.1.*10.3.0.6.*static.*2::YES
|
||||
moon:: ipsec pool --leases --filter pool=bigpool,addr=10.3.0.1,id=carol@strongswan.org 2> /dev/null::online::YES
|
||||
moon:: ipsec pool --leases --filter pool=bigpool,addr=10.3.0.2,id=dave@strongswan.org 2> /dev/null::online::YES
|
||||
moon:: ipsec status 2> /dev/null::rw\[1]: ESTABLISHED.*moon.strongswan.org.*dave@strongswan.org::YES
|
||||
moon:: ipsec status 2> /dev/null::rw\[2]: ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::YES
|
||||
moon:: ipsec status 2> /dev/null::rw[{]1}.*INSTALLED, TUNNEL::YES
|
||||
moon:: ipsec status 2> /dev/null::rw[{]2}.*INSTALLED, TUNNEL::YES
|
||||
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
|
||||
moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -5,28 +5,32 @@ carol::cat /var/log/daemon.log::handling INTERNAL_IP4_NBNS attribute failed::YES
|
|||
carol::cat /var/log/daemon.log::handling APPLICATION_VERSION attribute failed::YES
|
||||
carol::ip addr list dev eth0::PH_IP_CAROL1::YES
|
||||
carol::ip route list table 220::10.1.0.0/16.*src PH_IP_CAROL1::YES
|
||||
carol::ipsec status::home.*INSTALLED::YES
|
||||
carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
|
||||
carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
|
||||
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
dave::cat /var/log/daemon.log::installing new virtual IP PH_IP_DAVE1::YES
|
||||
dave::cat /var/log/daemon.log::installing new virtual IP PH_IP_DAVE1::YES
|
||||
dave::cat /var/log/daemon.log::installing DNS server PH_IP_WINNETOU::YES
|
||||
dave::cat /var/log/daemon.log::installing DNS server PH_IP_VENUS::YES
|
||||
dave::cat /var/log/daemon.log::handling INTERNAL_IP4_NBNS attribute failed::YES
|
||||
dave::cat /var/log/daemon.log::handling APPLICATION_VERSION attribute failed::YES
|
||||
dave::ip addr list dev eth0::PH_IP_DAVE1::YES
|
||||
dave::ip route list table 220::10.1.0.0/16.*src PH_IP_DAVE1::YES
|
||||
dave::ipsec status::home.*INSTALLED::YES
|
||||
dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
moon::cat /var/log/daemon.log::peer requested virtual IP %any::YES
|
||||
moon::cat /var/log/daemon.log::acquired new lease for address.*in pool.*bigpool::YES
|
||||
moon::cat /var/log/daemon.log::assigning virtual IP::YES
|
||||
moon::ipsec pool --status 2> /dev/null::dns servers: PH_IP_WINNETOU PH_IP_VENUS::YES
|
||||
moon::ipsec pool --status 2> /dev/null::nbns servers: PH_IP_VENUS::YES
|
||||
moon::ipsec pool --status 2> /dev/null::bigpool.*10.3.0.1.*10.3.0.6.*static.*2::YES
|
||||
moon::ipsec pool --leases --filter pool=bigpool,addr=10.3.0.1,id=carol@strongswan.org 2> /dev/null::online::YES
|
||||
moon::ipsec pool --leases --filter pool=bigpool,addr=10.3.0.2,id=dave@strongswan.org 2> /dev/null::online::YES
|
||||
moon::ipsec status::rw.*ESTABLISHED.*carol@strongswan.org::YES
|
||||
moon::ipsec status::rw.*ESTABLISHED.*dave@strongswan.org::YES
|
||||
dave:: cat /var/log/daemon.log::installing new virtual IP PH_IP_DAVE1::YES
|
||||
dave:: cat /var/log/daemon.log::installing new virtual IP PH_IP_DAVE1::YES
|
||||
dave:: cat /var/log/daemon.log::installing DNS server PH_IP_WINNETOU::YES
|
||||
dave:: cat /var/log/daemon.log::installing DNS server PH_IP_VENUS::YES
|
||||
dave:: cat /var/log/daemon.log::handling INTERNAL_IP4_NBNS attribute failed::YES
|
||||
dave:: cat /var/log/daemon.log::handling APPLICATION_VERSION attribute failed::YES
|
||||
dave:: ip addr list dev eth0::PH_IP_DAVE1::YES
|
||||
dave:: ip route list table 220::10.1.0.0/16.*src PH_IP_DAVE1::YES
|
||||
dave:: ipsec status 2> /dev/null::.*ESTABLISHED.*dave@strongswan.org.*moon.strongswan.org::YES
|
||||
dave:: ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
|
||||
dave:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
moon:: cat /var/log/daemon.log::peer requested virtual IP %any::YES
|
||||
moon:: cat /var/log/daemon.log::acquired new lease for address.*in pool.*bigpool::YES
|
||||
moon:: cat /var/log/daemon.log::assigning virtual IP::YES
|
||||
moon:: ipsec pool --status 2> /dev/null::dns servers: PH_IP_WINNETOU PH_IP_VENUS::YES
|
||||
moon:: ipsec pool --status 2> /dev/null::nbns servers: PH_IP_VENUS::YES
|
||||
moon:: ipsec pool --status 2> /dev/null::bigpool.*10.3.0.1.*10.3.0.6.*static.*2::YES
|
||||
moon:: ipsec pool --leases --filter pool=bigpool,addr=10.3.0.1,id=carol@strongswan.org 2> /dev/null::online::YES
|
||||
moon:: ipsec pool --leases --filter pool=bigpool,addr=10.3.0.2,id=dave@strongswan.org 2> /dev/null::online::YES
|
||||
moon:: ipsec status 2> /dev/null::rw\[1]: ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::YES
|
||||
moon:: ipsec status 2> /dev/null::rw\[2]: ESTABLISHED.*moon.strongswan.org.*dave@strongswan.org::YES
|
||||
moon:: ipsec status 2> /dev/null::rw[{]1}.*INSTALLED, TUNNEL::YES
|
||||
moon:: ipsec status 2> /dev/null::rw[{]2}.*INSTALLED, TUNNEL::YES
|
||||
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
|
||||
moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,14 +1,18 @@
|
|||
dave::cat /var/log/daemon.log::installing new virtual IP 10.3.1.1::YES
|
||||
dave::ipsec status::home.*INSTALLED::YES
|
||||
dave::ipsec status 2> /dev/null::home.*ESTABLISHED.*dave@strongswan.org.*moon.strongswan.org::YES
|
||||
dave::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
|
||||
carol::cat /var/log/daemon.log::installing new virtual IP 10.3.0.1::YES
|
||||
carol::ipsec status::home.*INSTALLED::YES
|
||||
moon::cat /var/log/daemon.log::acquired existing lease for address 10.3.1.1 in pool.*pool1::YES
|
||||
moon::cat /var/log/daemon.log::assigning virtual IP 10.3.1.1 to peer::YES
|
||||
moon::cat /var/log/daemon.log::acquired existing lease for address 10.3.0.1 in pool.*pool0::YES
|
||||
moon::cat /var/log/daemon.log::assigning virtual IP 10.3.0.1 to peer::YES
|
||||
moon::ipsec pool --status 2> /dev/null::pool0.*10.3.0.1.*10.3.0.2.*static.*2 .*1 .*1 ::YES
|
||||
moon::ipsec pool --status 2> /dev/null::pool1.*10.3.1.1.*10.3.1.2.*static.*2 .*1 .*1 ::YES
|
||||
moon::ipsec pool --leases --filter pool=pool0,addr=10.3.0.1,id=carol@strongswan.org 2> /dev/null::online::YES
|
||||
moon::ipsec pool --leases --filter pool=pool1,addr=10.3.1.1,id=dave@strongswan.org 2> /dev/null::online::YES
|
||||
moon::ipsec status::rw.*ESTABLISHED.*dave@strongswan.org::YES
|
||||
moon::ipsec status::rw.*ESTABLISHED.*carol@strongswan.org::YES
|
||||
carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
|
||||
carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
|
||||
moon:: cat /var/log/daemon.log::acquired existing lease for address 10.3.1.1 in pool.*pool1::YES
|
||||
moon:: cat /var/log/daemon.log::assigning virtual IP 10.3.1.1 to peer::YES
|
||||
moon:: cat /var/log/daemon.log::acquired existing lease for address 10.3.0.1 in pool.*pool0::YES
|
||||
moon:: cat /var/log/daemon.log::assigning virtual IP 10.3.0.1 to peer::YES
|
||||
moon:: ipsec pool --status 2> /dev/null::pool0.*10.3.0.1.*10.3.0.2.*static.*2 .*1 .*1 ::YES
|
||||
moon:: ipsec pool --status 2> /dev/null::pool1.*10.3.1.1.*10.3.1.2.*static.*2 .*1 .*1 ::YES
|
||||
moon:: ipsec pool --leases --filter pool=pool0,addr=10.3.0.1,id=carol@strongswan.org 2> /dev/null::online::YES
|
||||
moon:: ipsec pool --leases --filter pool=pool1,addr=10.3.1.1,id=dave@strongswan.org 2> /dev/null::online::YES
|
||||
moon:: ipsec status 2> /dev/null::rw\[1]: ESTABLISHED.*moon.strongswan.org.*dave@strongswan.org::YES
|
||||
moon:: ipsec status 2> /dev/null::rw\[2]: ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::YES
|
||||
moon:: ipsec status 2> /dev/null::rw[{]1}.*INSTALLED, TUNNEL::YES
|
||||
moon:: ipsec status 2> /dev/null::rw[{]2}.*INSTALLED, TUNNEL::YES
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,15 +1,17 @@
|
|||
carol::cat /var/log/daemon.log::installing new virtual IP 10.3.0.1::YES
|
||||
carol::ipsec status::home.*INSTALLED::YES
|
||||
dave::cat /var/log/daemon.log::installing new virtual IP 10.3.1.1::YES
|
||||
dave::ipsec status::home.*INSTALLED::YES
|
||||
moon::cat /var/log/daemon.log::acquired new lease for address 10.3.0.1 in pool.*pool0::YES
|
||||
moon::cat /var/log/daemon.log::assigning virtual IP 10.3.0.1 to peer::YES
|
||||
moon::cat /var/log/daemon.log::no available address found in pool.*pool0::YES
|
||||
moon::cat /var/log/daemon.log::acquired new lease for address 10.3.1.1 in pool.*pool1::YES
|
||||
moon::cat /var/log/daemon.log::assigning virtual IP 10.3.1.1 to peer::YES
|
||||
moon::ipsec pool --status 2> /dev/null::pool0.*10.3.0.1.*10.3.0.1.*static.*1 .*1 .*1 ::YES
|
||||
moon::ipsec pool --status 2> /dev/null::pool1.*10.3.1.1.*10.3.1.1.*static.*1 .*1 .*1 ::YES
|
||||
moon::ipsec pool --leases --filter pool=pool0,addr=10.3.0.1,id=carol@strongswan.org 2> /dev/null::online::YES
|
||||
moon::ipsec pool --leases --filter pool=pool1,addr=10.3.1.1,id=dave@strongswan.org 2> /dev/null::online::YES
|
||||
moon::ipsec status::rw.*ESTABLISHED.*carol@strongswan.org::YES
|
||||
moon::ipsec status::rw.*ESTABLISHED.*dave@strongswan.org::YES
|
||||
carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
|
||||
carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
|
||||
dave:: cat /var/log/daemon.log::installing new virtual IP 10.3.1.1::YES
|
||||
dave:: ipsec status 2> /dev/null::home.*ESTABLISHED.*dave@strongswan.org.*moon.strongswan.org::YES
|
||||
dave:: ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
|
||||
moon:: cat /var/log/daemon.log::acquired new lease for address 10.3.0.1 in pool.*pool0::YES
|
||||
moon:: cat /var/log/daemon.log::assigning virtual IP 10.3.0.1 to peer::YES
|
||||
moon:: cat /var/log/daemon.log::no available address found in pool.*pool0::YES
|
||||
moon:: cat /var/log/daemon.log::acquired new lease for address 10.3.1.1 in pool.*pool1::YES
|
||||
moon:: cat /var/log/daemon.log::assigning virtual IP 10.3.1.1 to peer::YES
|
||||
moon:: ipsec pool --status 2> /dev/null::pool0.*10.3.0.1.*10.3.0.1.*static.*1 .*1 .*1 ::YES
|
||||
moon:: ipsec pool --status 2> /dev/null::pool1.*10.3.1.1.*10.3.1.1.*static.*1 .*1 .*1 ::YES
|
||||
moon:: ipsec pool --leases --filter pool=pool0,addr=10.3.0.1,id=carol@strongswan.org 2> /dev/null::online::YES
|
||||
moon:: ipsec pool --leases --filter pool=pool1,addr=10.3.1.1,id=dave@strongswan.org 2> /dev/null::online::YES
|
||||
moon:: ipsec status 2> /dev/null::rw\[1]: ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::YES
|
||||
moon:: ipsec status 2> /dev/null::rw\[2]: ESTABLISHED.*moon.strongswan.org.*dave@strongswan.org::YES
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,16 +1,21 @@
|
|||
carol::cat /var/log/daemon.log::sending issuer cert.*CN=Research CA::YES
|
||||
dave::cat /var/log/daemon.log::sending issuer cert.*CN=Sales CA::YES
|
||||
moon::cat /var/log/daemon.log::fetching crl from.*http.*research.crl::YES
|
||||
moon::cat /var/log/daemon.log::crl correctly signed by.*Research CA::YES
|
||||
moon::cat /var/log/daemon.log::fetching crl from.*http.*sales.crl::YES
|
||||
moon::cat /var/log/daemon.log::crl correctly signed by.*Sales CA::YES
|
||||
moon::cat /var/log/daemon.log::fetching crl from.*http.*strongswan.crl::YES
|
||||
moon::cat /var/log/daemon.log::crl correctly signed by.*strongSwan Root CA::YES
|
||||
moon::ipsec statusall::rw.*ESTABLISHED::YES
|
||||
carol::ipsec statusall::home.*ESTABLISHED::YES
|
||||
dave::ipsec statusall::home.*ESTABLISHED::YES
|
||||
dave:: cat /var/log/daemon.log::sending issuer cert.*CN=Sales CA::YES
|
||||
moon:: cat /var/log/daemon.log::fetching crl from.*http.*research.crl::YES
|
||||
moon:: cat /var/log/daemon.log::crl correctly signed by.*Research CA::YES
|
||||
moon:: cat /var/log/daemon.log::fetching crl from.*http.*sales.crl::YES
|
||||
moon:: cat /var/log/daemon.log::crl correctly signed by.*Sales CA::YES
|
||||
moon:: cat /var/log/daemon.log::fetching crl from.*http.*strongswan.crl::YES
|
||||
moon:: cat /var/log/daemon.log::crl correctly signed by.*strongSwan Root CA::YES
|
||||
carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
|
||||
dave:: ipsec status 2> /dev/null::home.*ESTABLISHED.*dave@strongswan.org.*moon.strongswan.org::YES
|
||||
moon:: ipsec status 2> /dev/null::rw\[1]: ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::YES
|
||||
moon:: ipsec status 2> /dev/null::rw\[2]: ESTABLISHED.*moon.strongswan.org.*dave@strongswan.org::YES
|
||||
carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
|
||||
dave:: ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
|
||||
moon:: ipsec status 2> /dev/null::rw[{]1}.*INSTALLED, TUNNEL::YES
|
||||
moon:: ipsec status 2> /dev/null::rw[{]2}.*INSTALLED, TUNNEL::YES
|
||||
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
dave:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
|
||||
moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
strictcrlpolicy=yes
|
||||
strictcrlpolicy=yes
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,5 +1,7 @@
|
|||
moon::ipsec statusall::net-net.*ESTABLISHED::YES
|
||||
sun::ipsec statusall::net-net.*ESTABLISHED::YES
|
||||
moon:: ipsec status 2> /dev/null::net-net.*ESTABLISHED.*moon.strongswan.org.*sun.strongswan.org::YES
|
||||
sun:: ipsec status 2> /dev/null::net-net.*ESTABLISHED.*sun.strongswan.org.*moon.strongswan.org::YES
|
||||
moon:: ipsec status 2> /dev/null::net-net.*INSTALLED, TUNNEL::YES
|
||||
sun:: ipsec status 2> /dev/null::net-net.*INSTALLED, TUNNEL::YES
|
||||
alice::ping -c 1 PH_IP_BOB::64 bytes from PH_IP_BOB: icmp_seq=1::YES
|
||||
sun::tcpdump::IP moon.strongswan.org > sun.strongswan.org: ESP::YES
|
||||
sun::tcpdump::IP sun.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,5 +1,7 @@
|
|||
moon::ipsec statusall::net-net.*ESTABLISHED::YES
|
||||
sun::ipsec statusall::net-net.*ESTABLISHED::YES
|
||||
moon:: ipsec status 2> /dev/null::net-net.*ESTABLISHED.*moon.strongswan.org.*sun.strongswan.org::YES
|
||||
sun:: ipsec status 2> /dev/null::net-net.*ESTABLISHED.*sun.strongswan.org.*moon.strongswan.org::YES
|
||||
moon:: ipsec status 2> /dev/null::net-net.*INSTALLED, TUNNEL::YES
|
||||
sun:: ipsec status 2> /dev/null::net-net.*INSTALLED, TUNNEL::YES
|
||||
alice::ping -c 1 PH_IP_BOB::64 bytes from PH_IP_BOB: icmp_seq=1::YES
|
||||
sun::tcpdump::IP moon.strongswan.org > sun.strongswan.org: ESP::YES
|
||||
sun::tcpdump::IP sun.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,16 +1,16 @@
|
|||
moon::ipsec statusall::net-1.*ROUTED::YES
|
||||
sun::ipsec statusall::net-1.*ROUTED::YES
|
||||
moon::ipsec statusall::net-2.*ROUTED::YES
|
||||
sun::ipsec statusall::net-2.*ROUTED::YES
|
||||
moon::cat /var/log/daemon.log::creating acquire job for policy 10.1.0.10/32\[icmp/8\] === 10.2.0.10/32\[icmp\] with reqid {1}::YES
|
||||
moon::ipsec statusall::net-1.*INSTALLED::YES
|
||||
sun::ipsec statusall::net-1.*INSTALLED::YES
|
||||
sun::cat /var/log/daemon.log::creating acquire job for policy 10.2.0.10/32\[icmp/8\] === 10.1.0.20/32\[icmp\] with reqid {2}::YES
|
||||
moon::ipsec statusall::net-2.*INSTALLED::YES
|
||||
sun::ipsec statusall::net-2.*INSTALLED::YES
|
||||
moon::ipsec statusall::net-net.*ESTABLISHED::YES
|
||||
sun::ipsec statusall::net-net.*ESTABLISHED::YES
|
||||
moon:: ipsec status 2> /dev/null::net-1.*ROUTED, TUNNEL::YES
|
||||
sun:: ipsec status 2> /dev/null::net-1.*ROUTED, TUNNEL::YES
|
||||
moon:: ipsec status 2> /dev/null::net-2.*ROUTED, TUNNEL::YES
|
||||
sun:: ipsec status 2> /dev/null::net-2.*ROUTED, TUNNEL::YES
|
||||
moon:: cat /var/log/daemon.log::creating acquire job for policy 10.1.0.10/32\[icmp/8\] === 10.2.0.10/32\[icmp\] with reqid {1}::YES
|
||||
moon:: ipsec status 2> /dev/null::net-1.*INSTALLED, TUNNEL::YES
|
||||
sun:: ipsec status 2> /dev/null::net-1.*INSTALLED. TUNNEL::YES
|
||||
sun:: cat /var/log/daemon.log::creating acquire job for policy 10.2.0.10/32\[icmp/8\] === 10.1.0.20/32\[icmp\] with reqid {2}::YES
|
||||
moon:: ipsec status 2> /dev/null::net-net.*ESTABLISHED.*moon.strongswan.org.*sun.strongswan.org::YES
|
||||
sun:: ipsec status 2> /dev/null::net-net.*ESTABLISHED.*sun.strongswan.org.*moon.strongswan.org::YES
|
||||
moon:: ipsec status 2> /dev/null::net-2.*INSTALLED, TUNNEL::YES
|
||||
sun:: ipsec status 2> /dev/null::net-2.*INSTALLED, TUNNEL::YES
|
||||
alice::ping -c 1 PH_IP_BOB::64 bytes from PH_IP_BOB: icmp_seq=1::YES
|
||||
bob:: ping -c 1 PH_IP_VENUS::64 bytes from PH_IP_VENUS: icmp_seq=1::YES
|
||||
bob:: ping -c 1 PH_IP_VENUS::64 bytes from PH_IP_VENUS: icmp_seq=1::YES
|
||||
sun::tcpdump::IP moon.strongswan.org > sun.strongswan.org: ESP::YES
|
||||
sun::tcpdump::IP sun.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,12 +1,12 @@
|
|||
moon::ipsec statusall::net-net.*ESTABLISHED::YES
|
||||
sun::ipsec statusall::net-net.*ESTABLISHED::YES
|
||||
moon::ipsec statusall::net-1.*INSTALLED::YES
|
||||
sun::ipsec statusall::net-1.*INSTALLED::YES
|
||||
moon::ipsec statusall::net-2.*INSTALLED::YES
|
||||
sun::ipsec statusall::net-2.*INSTALLED::YES
|
||||
moon::ipsec statusall::net-3.*INSTALLED::YES
|
||||
sun::ipsec statusall::net-3.*INSTALLED::YES
|
||||
moon:: ipsec status 2> /dev/null::net-net.*ESTABLISHED.*moon.strongswan.org.*sun.strongswan.org::YES
|
||||
sun:: ipsec status 2> /dev/null::net-net.*ESTABLISHED.*sun.strongswan.org.*moon.strongswan.org::YES
|
||||
moon:: ipsec status 2> /dev/null::net-1.*INSTALLED, TUNNEL::YES
|
||||
sun:: ipsec status 2> /dev/null::net-1.*INSTALLED, TUNNEL::YES
|
||||
moon:: ipsec status 2> /dev/null::net-2.*INSTALLED, TUNNEL::YES
|
||||
sun:: ipsec status 2> /dev/null::net-2.*INSTALLED, TUNNEL::YES
|
||||
moon:: ipsec status 2> /dev/null::net-3.*INSTALLED, TUNNEL::YES
|
||||
sun:: ipsec status 2> /dev/null::net-3.*INSTALLED, TUNNEL::YES
|
||||
alice::ping -c 1 PH_IP_BOB::64 bytes from PH_IP_BOB: icmp_seq=1::YES
|
||||
bob:: ping -c 1 PH_IP_VENUS::64 bytes from PH_IP_VENUS: icmp_seq=1::YES
|
||||
bob:: ping -c 1 PH_IP_VENUS::64 bytes from PH_IP_VENUS: icmp_seq=1::YES
|
||||
sun::tcpdump::IP moon.strongswan.org > sun.strongswan.org: ESP::YES
|
||||
sun::tcpdump::IP sun.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,10 +1,14 @@
|
|||
moon::ipsec statusall::rw.*ESTABLISHED::YES
|
||||
carol::ipsec statusall::home.*ESTABLISHED::YES
|
||||
dave::ipsec statusall::home.*ESTABLISHED::YES
|
||||
carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
|
||||
dave:: ipsec status 2> /dev/null::home.*ESTABLISHED.*dave@strongswan.org.*moon.strongswan.org::YES
|
||||
moon:: ipsec status 2> /dev/null::rw\[1]: ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::YES
|
||||
moon:: ipsec status 2> /dev/null::rw\[2]: ESTABLISHED.*moon.strongswan.org.*dave@strongswan.org::YES
|
||||
carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
|
||||
dave:: ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
|
||||
moon:: ipsec status 2> /dev/null::rw[{]1}.*INSTALLED, TUNNEL::YES
|
||||
moon:: ipsec status 2> /dev/null::rw[{]2}.*INSTALLED, TUNNEL::YES
|
||||
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
dave:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
|
||||
moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES
|
||||
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,10 @@
|
|||
carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with RSA signature successful::YES
|
||||
carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with EAP successful::YES
|
||||
moon::cat /var/log/daemon.log::authentication of 'carol@strongswan.org' with EAP successful::YES
|
||||
moon::ipsec statusall::rw-eap-aka.*ESTABLISHED::YES
|
||||
carol::ipsec statusall::home.*ESTABLISHED::YES
|
||||
moon:: cat /var/log/daemon.log::authentication of 'carol@strongswan.org' with EAP successful::YES
|
||||
carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
|
||||
moon:: ipsec status 2> /dev/null::rw-eap-aka.*ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::YES
|
||||
carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
|
||||
moon:: ipsec status 2> /dev/null::rw-eap-aka.*INSTALLED, TUNNEL::YES
|
||||
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,13 @@
|
|||
moon::ipsec statusall::rw.*ESTABLISHED::YES
|
||||
carol::ipsec statusall::home.*ESTABLISHED::YES
|
||||
dave::ipsec statusall::home.*ESTABLISHED::YES
|
||||
carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*\[192.168.0.100].*\[192.168.0.1]::YES
|
||||
dave:: ipsec status 2> /dev/null::home.*ESTABLISHED.*\[192.168.0.200].*\[192.168.0.1]::YES
|
||||
moon:: ipsec status 2> /dev/null::rw\[1]: ESTABLISHED.*\[192.168.0.1].*\[192.168.0.100]::YES
|
||||
moon:: ipsec status 2> /dev/null::rw\[2]: ESTABLISHED.*\[192.168.0.1].*\[192.168.0.200]::YES
|
||||
carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
|
||||
dave:: ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
|
||||
moon:: ipsec status 2> /dev/null::rw[{]1}.*INSTALLED, TUNNEL::YES
|
||||
moon:: ipsec status 2> /dev/null::rw[{]2}.*INSTALLED, TUNNEL::YES
|
||||
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
dave:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
|
||||
moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,13 @@
|
|||
moon::ipsec statusall::rw.*ESTABLISHED::YES
|
||||
carol::ipsec statusall::home.*ESTABLISHED::YES
|
||||
dave::ipsec statusall::home.*ESTABLISHED::YES
|
||||
carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*\[fec0.*10].*\[fec0.*1]::YES
|
||||
dave:: ipsec status 2> /dev/null::home.*ESTABLISHED.*\[fec0.*20].*\[fec0.*1]::YES
|
||||
moon:: ipsec status 2> /dev/null::rw\[1]: ESTABLISHED.*\[fec0.*1].*\[fec0.*10]::YES
|
||||
moon:: ipsec status 2> /dev/null::rw\[2]: ESTABLISHED.*\[fec0.*1].*\[fec0.*20]::YES
|
||||
carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
|
||||
dave:: ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
|
||||
moon:: ipsec status 2> /dev/null::rw[{]1}.*INSTALLED, TUNNEL::YES
|
||||
moon:: ipsec status 2> /dev/null::rw[{]2}.*INSTALLED, TUNNEL::YES
|
||||
carol::ping6 -c 1 ip6-alice.strongswan.org::64 bytes from ip6-alice.strongswan.org: icmp_seq=1::YES
|
||||
dave::ping6 -c 1 ip6-alice.strongswan.org::64 bytes from ip6-alice.strongswan.org: icmp_seq=1::YES
|
||||
dave:: ping6 -c 1 ip6-alice.strongswan.org::64 bytes from ip6-alice.strongswan.org: icmp_seq=1::YES
|
||||
moon::tcpdump::IP6 ip6-carol.strongswan.org > ip6-moon.strongswan.org: ESP::YES
|
||||
moon::tcpdump::IP6 ip6-moon.strongswan.org > ip6-carol.strongswan.org: ESP::YES
|
||||
moon::tcpdump::IP6 ip6-dave.strongswan.org > ip6-moon.strongswan.org: ESP::YES
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,11 +1,16 @@
|
|||
moon::cat /var/log/daemon.log::authentication of 'carol@strongswan.org' with pre-shared key successful::YES
|
||||
moon::cat /var/log/daemon.log::authentication of 'dave@strongswan.org' with pre-shared key successful::YES
|
||||
moon::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' (myself) with RSA signature successful::YES
|
||||
moon::ipsec statusall::rw.*INSTALLED::YES
|
||||
carol::ipsec statusall::home.*ESTABLISHED::YES
|
||||
dave::ipsec statusall::home.*ESTABLISHED::YES
|
||||
moon:: cat /var/log/daemon.log::authentication of 'carol@strongswan.org' with pre-shared key successful::YES
|
||||
moon:: cat /var/log/daemon.log::authentication of 'dave@strongswan.org' with pre-shared key successful::YES
|
||||
moon:: cat /var/log/daemon.log::authentication of 'moon.strongswan.org' (myself) with RSA signature successful::YES
|
||||
carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
|
||||
dave:: ipsec status 2> /dev/null::home.*ESTABLISHED.*dave@strongswan.org.*moon.strongswan.org::YES
|
||||
moon:: ipsec status 2> /dev/null::rw\[1]: ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::YES
|
||||
moon:: ipsec status 2> /dev/null::rw\[2]: ESTABLISHED.*moon.strongswan.org.*dave@strongswan.org::YES
|
||||
carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
|
||||
dave:: ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
|
||||
moon:: ipsec status 2> /dev/null::rw[{]1}.*INSTALLED, TUNNEL::YES
|
||||
moon:: ipsec status 2> /dev/null::rw[{]2}.*INSTALLED, TUNNEL::YES
|
||||
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
dave:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
|
||||
moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,11 +1,14 @@
|
|||
moon::ipsec statusall::rw.*ESTABLISHED.*6a:9c:.*:29:2e.*1f:a1:.*:6e:7c::YES
|
||||
moon::ipsec statusall::rw.*ESTABLISHED.*6a:9c:.*:29:2e.*ee:7f:.*:8e:0e::YES
|
||||
carol::ipsec statusall::home.*ESTABLISHED.*1f:a1:.*:6e:7c.*6a:9c:.*:29:2e::YES
|
||||
dave::ipsec statusall::home.*ESTABLISHED.*ee:7f:.*:8e:0e.*6a:9c:.*:29:2e::YES
|
||||
carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*1f:a1:.*:6e:7c.*6a:9c:.*:29:2e::YES
|
||||
dave:: ipsec status 2> /dev/null::home.*ESTABLISHED.*ee:7f:.*:8e:0e.*6a:9c:.*:29:2e::YES
|
||||
moon:: ipsec status 2> /dev/null::rw\[1]: ESTABLISHED.*6a:9c:.*:29:2e.*1f:a1:.*:6e:7c::YES
|
||||
moon:: ipsec status 2> /dev/null::rw\[2]: ESTABLISHED.*6a:9c:.*:29:2e.*ee:7f:.*:8e:0e::YES
|
||||
carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
|
||||
dave:: ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
|
||||
moon:: ipsec status 2> /dev/null::rw[{]1}.*INSTALLED, TUNNEL::YES
|
||||
moon:: ipsec status 2> /dev/null::rw[{]2}.*INSTALLED, TUNNEL::YES
|
||||
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
dave:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
|
||||
moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES
|
||||
|
||||
|
|
|
|||
|
|
@ -1,9 +1,13 @@
|
|||
moon::ipsec statusall::rw.*ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::YES
|
||||
moon::ipsec statusall::rw.*ESTABLISHED.*moon.strongswan.org.*dave@strongswan.org::YES
|
||||
carol::ipsec statusall::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
|
||||
dave::ipsec statusall::home.*ESTABLISHED.*dave@strongswan.org.*moon.strongswan.org::YES
|
||||
carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
|
||||
dave:: ipsec status 2> /dev/null::home.*ESTABLISHED.*dave@strongswan.org.*moon.strongswan.org::YES
|
||||
moon:: ipsec status 2> /dev/null::rw\[1]: ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::YES
|
||||
moon:: ipsec status 2> /dev/null::rw\[2]: ESTABLISHED.*moon.strongswan.org.*dave@strongswan.org::YES
|
||||
carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
|
||||
dave:: ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
|
||||
moon:: ipsec status 2> /dev/null::rw[{]1}.*INSTALLED, TUNNEL::YES
|
||||
moon:: ipsec status 2> /dev/null::rw[{]2}.*INSTALLED, TUNNEL::YES
|
||||
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
dave:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
|
||||
moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||||
|
||||
config setup
|
||||
crlcheckinterval=180
|
||||
strictcrlpolicy=no
|
||||
plutostart=no
|
||||
|
||||
# configuration is read from SQLite database
|
||||
|
|
|
|||
|
|
@ -1,15 +1,19 @@
|
|||
moon::ipsec statusall::net-net.*ESTABLISHED::YES
|
||||
sun::ipsec statusall::net-net.*ESTABLISHED::YES
|
||||
moon:: ipsec status 2> /dev/null::net-net.*ESTABLISHED.*moon.strongswan.org.*sun.strongswan.org::YES
|
||||
sun:: ipsec status 2> /dev/null::net-net.*ESTABLISHED.*sun.strongswan.org.*moon.strongswan.org::YES
|
||||
moon:: ipsec status 2> /dev/null::net-net.*INSTALLED, TUNNEL::YES
|
||||
sun:: ipsec status 2> /dev/null::net-net.*INSTALLED, TUNNEL::YES
|
||||
moon:: ipsec status 2> /dev/null::local-net.*PASS::YES
|
||||
moon:: ipsec status 2> /dev/null::venus-icmp.*DROP::YES
|
||||
alice::ping -c 1 PH_IP_BOB::64 bytes from PH_IP_BOB: icmp_seq=1::YES
|
||||
alice::ping -c 1 PH_IP_MOON1::64 bytes from PH_IP_MOON1: icmp_seq=1::YES
|
||||
venus::ping -c 1 PH_IP_BOB::64 bytes from PH_IP_BOB: icmp_seq=1::NO
|
||||
venus::ping -c 1 PH_IP_MOON1::64 bytes from PH_IP_MOON1: icmp_seq=1::YES
|
||||
moon::ping -c 1 -I PH_IP_MOON1 PH_IP_BOB::64 bytes from PH_IP_BOB: icmp_seq=1::YES
|
||||
moon::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
moon::ping -c 1 PH_IP_VENUS::64 bytes from PH_IP_VENUS: icmp_seq=1::YES
|
||||
bob::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
bob::ping -c 1 PH_IP_MOON1::64 bytes from PH_IP_MOON1: icmp_seq=1::YES
|
||||
bob::ping -c 1 PH_IP_VENUS::64 bytes from PH_IP_VENUS: icmp_seq=1::NO
|
||||
moon:: ping -c 1 -I PH_IP_MOON1 PH_IP_BOB::64 bytes from PH_IP_BOB: icmp_seq=1::YES
|
||||
moon:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
moon:: ping -c 1 PH_IP_VENUS::64 bytes from PH_IP_VENUS: icmp_seq=1::YES
|
||||
bob:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
bob:: ping -c 1 PH_IP_MOON1::64 bytes from PH_IP_MOON1: icmp_seq=1::YES
|
||||
bob:: ping -c 1 PH_IP_VENUS::64 bytes from PH_IP_VENUS: icmp_seq=1::NO
|
||||
sun::tcpdump::IP moon.strongswan.org > sun.strongswan.org: ESP::YES
|
||||
sun::tcpdump::IP sun.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
venus::ssh PH_IP_BOB hostname::bob::YES
|
||||
|
|
|
|||
Loading…
Reference in New Issue