testing: Use include statement in swanctl/rw-pubkey-keyid scenario
This commit is contained in:
parent
9492e12e61
commit
e7b5171e43
|
@ -1,48 +1,20 @@
|
|||
connections {
|
||||
|
||||
rw-carol {
|
||||
local_addrs = 192.168.0.1
|
||||
include swanctl_base.conf
|
||||
|
||||
local {
|
||||
auth = pubkey
|
||||
pubkeys = moonPub.pem
|
||||
}
|
||||
remote {
|
||||
auth = pubkey
|
||||
pubkeys = carolPub.pem
|
||||
}
|
||||
children {
|
||||
net {
|
||||
local_ts = 10.1.0.0/16
|
||||
|
||||
updown = /usr/local/libexec/ipsec/_updown iptables
|
||||
esp_proposals = aes128gcm128-ecp256
|
||||
}
|
||||
}
|
||||
version = 2
|
||||
proposals = aes128-sha256-ecp256
|
||||
}
|
||||
|
||||
rw-dave {
|
||||
local_addrs = 192.168.0.1
|
||||
include swanctl_base.conf
|
||||
|
||||
local {
|
||||
auth = pubkey
|
||||
pubkeys = moonPub.pem
|
||||
}
|
||||
remote {
|
||||
auth = pubkey
|
||||
pubkeys = davePub.pem
|
||||
}
|
||||
children {
|
||||
net {
|
||||
local_ts = 10.1.0.0/16
|
||||
|
||||
updown = /usr/local/libexec/ipsec/_updown iptables
|
||||
esp_proposals = aes128gcm128-ecp256
|
||||
}
|
||||
}
|
||||
version = 2
|
||||
proposals = aes128-sha256-ecp256
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,16 @@
|
|||
local_addrs = 192.168.0.1
|
||||
|
||||
local {
|
||||
auth = pubkey
|
||||
pubkeys = moonPub.pem
|
||||
}
|
||||
children {
|
||||
net {
|
||||
local_ts = 10.1.0.0/16
|
||||
|
||||
updown = /usr/local/libexec/ipsec/_updown iptables
|
||||
esp_proposals = aes128gcm128-ecp256
|
||||
}
|
||||
}
|
||||
version = 2
|
||||
proposals = aes128-sha256-ecp256
|
|
@ -4,6 +4,7 @@ dave::iptables-restore < /etc/iptables.rules
|
|||
moon::cd /etc/swanctl; rm x509/* x509ca/*
|
||||
carol::cd /etc/swanctl; rm x509/* x509ca/*
|
||||
dave::cd /etc/swanctl; rm x509/* x509ca/*
|
||||
moon::cat /etc/swanctl/swanctl_base.conf
|
||||
moon::service charon start 2> /dev/null
|
||||
carol::service charon start 2> /dev/null
|
||||
dave::service charon start 2> /dev/null
|
||||
|
|
Loading…
Reference in New Issue