fixed due to new logging concept
This commit is contained in:
parent
ebdddb74d4
commit
ade9743ec4
|
@ -53,12 +53,12 @@ fi
|
|||
|
||||
|
||||
##########################################################################
|
||||
# clear the auth.log where IKE messages are logged
|
||||
# clear auth.log and daemon.log where IKE messages are logged
|
||||
#
|
||||
|
||||
for host in $IPSECHOSTS
|
||||
do
|
||||
eval HOSTLOGIN="root@`echo $HOSTNAMEIPV4 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $1 }' | awk '{ print $1 }'`"
|
||||
ssh $HOSTLOGIN 'rm -f /var/log/auth.log; \
|
||||
ssh $HOSTLOGIN 'rm -f /var/log/auth.log /var/log/daemon.log; \
|
||||
kill -SIGHUP `cat /var/run/syslogd.pid`' > /dev/null 2>&1
|
||||
done
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
moon::cat /var/log/auth.log::certificate was revoked::YES
|
||||
moon::cat /var/log/auth.log::end entity certificate is not trusted::YES
|
||||
carol::cat /var/log/auth.log::AUTHENTICATION_FAILED::YES
|
||||
moon::cat /var/log/daemon.log::certificate was revoked::YES
|
||||
moon::cat /var/log/daemon.log::end entity certificate is not trusted::YES
|
||||
carol::cat /var/log/daemon.log::AUTHENTICATION_FAILED::YES
|
||||
moon::ipsec listcrls:: ok::YES
|
||||
moon::ipsec status::rw.*ESTABLISHED::NO
|
||||
carol::ipsec status::home.*ESTABLISHED::NO
|
||||
|
|
|
@ -1,8 +1,7 @@
|
|||
carol::ipsec statusall::home.*INSTALLED::YES
|
||||
carol::iptables -A INPUT -i eth0 -s PH_IP_MOON -j DROP::no output expected::NO
|
||||
moon::sleep 100::no output expected::NO
|
||||
moon::cat /var/log/auth.log::sending DPD request::YES
|
||||
moon::cat /var/log/auth.log::sending retransmit::YES
|
||||
moon::cat /var/log/auth.log::giving up after 4 retransmits, deleting IKE_SA::YES
|
||||
moon::cat /var/log/auth.log::dpd action for rw is DPD_CLEAR::YES
|
||||
moon::cat /var/log/auth.log::IKE_SA deleted::YES
|
||||
moon::cat /var/log/daemon.log::sending DPD request::YES
|
||||
moon::cat /var/log/daemon.log::sending retransmit::YES
|
||||
moon::cat /var/log/daemon.log::giving up after 4 retransmits, deleting IKE_SA::YES
|
||||
moon::cat /var/log/daemon.log::dpd action for rw is DPD_CLEAR::YES
|
||||
|
|
|
@ -2,4 +2,3 @@ moon::ipsec start
|
|||
carol::ipsec start
|
||||
carol::sleep 2
|
||||
carol::ipsec up home
|
||||
carol::sleep 2
|
||||
|
|
|
@ -3,11 +3,10 @@ moon::ipsec statusall::rw.*INSTALLED::YES
|
|||
moon::iptables -A INPUT -i eth0 -s PH_IP_CAROL -j DROP::no output expected::NO
|
||||
carol::iptables -A INPUT -i eth0 -s PH_IP_MOON -j DROP::no output expected::NO
|
||||
carol::sleep 100::no output expected::NO
|
||||
carol::cat /var/log/auth.log::sending DPD request::YES
|
||||
carol::cat /var/log/auth.log::sending retransmit.*for INFORMATIONAL request::YES
|
||||
carol::cat /var/log/auth.log::giving up after 4 retransmits, deleting IKE_SA::YES
|
||||
carol::cat /var/log/auth.log::dpd action for home is DPD_RESTART::YES
|
||||
carol::cat /var/log/auth.log::IKE_SA deleted::YES
|
||||
carol::cat /var/log/daemon.log::sending DPD request::YES
|
||||
carol::cat /var/log/daemon.log::sending retransmit.*for INFORMATIONAL request::YES
|
||||
carol::cat /var/log/daemon.log::giving up after 4 retransmits, deleting IKE_SA::YES
|
||||
carol::cat /var/log/daemon.log::dpd action for home is DPD_RESTART::YES
|
||||
carol::iptables -D INPUT -i eth0 -s PH_IP_MOON -j DROP::no output expected::NO
|
||||
moon::iptables -D INPUT -i eth0 -s PH_IP_CAROL -j DROP::no output expected::NO
|
||||
carol::sleep 10::no output expected::NO
|
||||
|
|
|
@ -2,4 +2,3 @@ moon::ipsec start
|
|||
carol::ipsec start
|
||||
carol::sleep 2
|
||||
carol::ipsec up home
|
||||
carol::sleep 2
|
||||
|
|
|
@ -6,4 +6,3 @@ moon::ipsec start
|
|||
sun::ipsec start
|
||||
moon::sleep 1
|
||||
moon::ipsec up net-net
|
||||
moon::sleep 1
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
moon::cat /var/log/auth.log::acquiring CHILD_SA.*IKE_SA setup needed::YES
|
||||
moon::cat /var/log/daemon.log::acquiring CHILD_SA.*IKE_SA setup needed::YES
|
||||
moon::ipsec statusall::net-net.*INSTALLED::YES
|
||||
sun::ipsec statusall::net-net.*INSTALLED::YES
|
||||
alice::ping -c 1 PH_IP_BOB::64 bytes from PH_IP_BOB: icmp_seq=1::YES
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq::YES
|
||||
carol::ping -c 1 PH_IP_MOON1::64 bytes from PH_IP_MOON1: icmp_seq::YES
|
||||
carol::ssh PH_IP_ALICE hostname::alice::YES
|
||||
carol::cat /var/log/auth.log::acquiring CHILD_SA::YES
|
||||
carol::cat /var/log/daemon.log::acquiring CHILD_SA::YES
|
||||
carol::ipsec statusall::home-icmp.*INSTALLED::YES
|
||||
carol::ipsec statusall::home-ssh.*INSTALLED::YES
|
||||
moon::ipsec statusall::rw-icmp.*INSTALLED::YES
|
||||
|
|
|
@ -10,4 +10,3 @@ dave::ipsec start
|
|||
carol::sleep 1
|
||||
carol::ipsec up home
|
||||
dave::ipsec up home
|
||||
carol::sleep 1
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
moon::cat /var/log/auth.log::authentication of 'carol@strongswan.org' with pre-shared key successful::YES
|
||||
moon::cat /var/log/auth.log::authentication of 'PH_IP_MOON' with pre-shared key (myself)::YES
|
||||
moon::cat /var/log/daemon.log::authentication of 'carol@strongswan.org' with pre-shared key successful::YES
|
||||
moon::cat /var/log/daemon.log::authentication of 'PH_IP_MOON' with pre-shared key (myself)::YES
|
||||
moon::ipsec statusall::rw-psk.*INSTALLED::YES
|
||||
carol::ipsec statusall::home.*ESTABLISHED::YES
|
||||
moon::cat /var/log/auth.log::authentication of 'dave@strongswan.org' with RSA signature successful::YES
|
||||
moon::cat /var/log/auth.log::authentication of '@moon.strongswan.org' with RSA signature (myself)::YES
|
||||
moon::cat /var/log/daemon.log::authentication of 'dave@strongswan.org' with RSA signature successful::YES
|
||||
moon::cat /var/log/daemon.log::authentication of '@moon.strongswan.org' with RSA signature (myself)::YES
|
||||
moon::ipsec statusall::rw-rsasig.*INSTALLED::YES
|
||||
dave::ipsec statusall::home.*ESTABLISHED::YES
|
||||
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
|
|
|
@ -10,4 +10,3 @@ dave::ipsec start
|
|||
carol::sleep 1
|
||||
carol::ipsec up home
|
||||
dave::ipsec up home
|
||||
carol::sleep 1
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
moon::cat /var/log/auth.log::authentication of 'carol@strongswan.org' with pre-shared key successful::YES
|
||||
moon::cat /var/log/auth.log::authentication of 'dave@strongswan.org' with pre-shared key successful::YES
|
||||
moon::cat /var/log/auth.log::authentication of '@moon.strongswan.org' with RSA signature (myself)::YES
|
||||
moon::cat /var/log/daemon.log::authentication of 'carol@strongswan.org' with pre-shared key successful::YES
|
||||
moon::cat /var/log/daemon.log::authentication of 'dave@strongswan.org' with pre-shared key successful::YES
|
||||
moon::cat /var/log/daemon.log::authentication of '@moon.strongswan.org' with RSA signature (myself)::YES
|
||||
moon::ipsec statusall::rw.*INSTALLED::YES
|
||||
carol::ipsec statusall::home.*ESTABLISHED::YES
|
||||
dave::ipsec statusall::home.*ESTABLISHED::YES
|
||||
|
|
|
@ -10,4 +10,3 @@ dave::ipsec start
|
|||
carol::sleep 1
|
||||
carol::ipsec up home
|
||||
dave::ipsec up home
|
||||
carol::sleep 1
|
||||
|
|
Loading…
Reference in New Issue