/
east.console.txt
61 lines (60 loc) · 3.59 KB
/
east.console.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
/testing/guestbin/swan-prep
east #
ip addr add 192.0.2.111/24 dev eth0
east #
ipsec start
[ 00.00] registered KLIPS /proc/sys/net
[ 00.00] ipsec_3des_init(alg_type=15 alg_id=3 name=3des): ret=0
[ 00.00] KLIPS cryptoapi interface: alg_type=15 alg_id=12 name=cbc(aes) keyminbits=128 keymaxbits=256, found(0)
[ 00.00] KLIPS cryptoapi interface: alg_type=15 alg_id=253 name=cbc(twofish) keyminbits=128 keymaxbits=256, found(0)
[ 00.00] KLIPS cryptoapi interface: alg_type=15 alg_id=252 name=cbc(serpent) keyminbits=128 keymaxbits=256, found(0)
[ 00.00] KLIPS cryptoapi interface: alg_type=15 alg_id=6 name=cbc(cast5) keyminbits=128 keymaxbits=128, found(0)
[ 00.00] KLIPS cryptoapi interface: alg_type=15 alg_id=3 name=cbc(des3_ede) keyminbits=192 keymaxbits=192, found(0)
[ 00.00] KLIPS: lookup for ciphername=cipher_null: not found
[ 00.00] KLIPS cryptoapi interface: alg_type=14 alg_id=2 name=hmac(md5) ctx_size=88 keyminbits=128 keymaxbits=128, found(0)
[ 00.00] KLIPS cryptoapi interface: alg_type=14 alg_id=3 name=hmac(sha1) ctx_size=88 keyminbits=160 keymaxbits=160, found(0)
[ 00.00] KLIPS cryptoapi interface: alg_type=14 alg_id=5 name=hmac(sha256) ctx_size=88 keyminbits=256 keymaxbits=256, found(0)
[ 00.00] KLIPS cryptoapi interface: alg_type=14 alg_id=6 name=hmac(sha384) ctx_size=88 keyminbits=384 keymaxbits=384, found(0)
[ 00.00] KLIPS cryptoapi interface: alg_type=14 alg_id=7 name=hmac(sha512) ctx_size=88 keyminbits=512 keymaxbits=512, found(0)
[ 00.00] KLIPS cryptoapi interface: alg_type=14 alg_id=252 name=hmac(sha256) ctx_size=88 keyminbits=256 keymaxbits=256, found(0)
[ 00.00]
Redirecting to: systemctl start ipsec.service
[ 00.00]
east #
/testing/pluto/bin/wait-until-pluto-started
east #
ipsec auto --add westnet-eastnet-ah-md5
002 added connection description "westnet-eastnet-ah-md5"
east #
ipsec auto --add westnet-eastnet-ah-sha1
002 added connection description "westnet-eastnet-ah-sha1"
east #
echo "initdone"
initdone
east #
../../pluto/bin/ipsec-look.sh
east NOW
192.0.2.0/24 -> 192.0.1.0/24 => tun0xIPIP@192.1.2.45 ah0xAHSPI@192.1.2.45
192.0.2.111/32 -> 192.0.1.111/32 => tun0xIPIP@192.1.2.45 ah0xAHSPI@192.1.2.45
ipsec0->eth1 mtu=16260(9999)->1500
tun0xTUN#@192.1.2.45 IPIP: dir=out src=192.1.2.23 jiffies=0123456789 natencap=none natsport=0 natdport=0 refhim=0
ah0xSPISPI@192.1.2.45 AH_HMAC_SHA1: dir=out src=192.1.2.23 ooowin=32 alen=160 aklen=160 jiffies=0123456789 natencap=none natsport=0 natdport=0 refhim=0
tun0xTUN#@192.1.2.45 IPIP: dir=out src=192.1.2.23 jiffies=0123456789 natencap=none natsport=0 natdport=0 refhim=0
ah0xSPISPI@192.1.2.45 AH_HMAC_MD5: dir=out src=192.1.2.23 ooowin=32 alen=128 aklen=128 jiffies=0123456789 natencap=none natsport=0 natdport=0 refhim=0
ah0xSPISPI@192.1.2.23 AH_HMAC_SHA1: dir=in src=192.1.2.45 ooowin=32 alen=160 aklen=160 jiffies=0123456789 natencap=none natsport=0 natdport=0 refhim=0
tun0xTUN#@192.1.2.23 IPIP: dir=in src=192.1.2.45 policy=192.0.1.0/24->192.0.2.0/24 flags=0x8<> jiffies=0123456789 natencap=none natsport=0 natdport=0 refhim=0
ROUTING TABLES
default via 192.1.2.254 dev eth1
192.0.1.0/24 dev ipsec0 scope link
192.0.1.111 dev ipsec0 scope link
192.0.2.0/24 dev eth0 proto kernel scope link src 192.0.2.254
192.1.2.0/24 dev eth1 proto kernel scope link src 192.1.2.23
192.9.2.0/24 dev eth2 proto kernel scope link src 192.9.2.23
NSS_CERTIFICATES
Certificate Nickname Trust Attributes
SSL,S/MIME,JAR/XPI
east #
east #
../bin/check-for-core.sh
east #
if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi