# confirm that the network is alive
ping -n -c 4 192.0.2.254
# make sure that clear text does not get through
iptables -A INPUT -i eth1 -s 192.0.2.0/24 -j DROP
# confirm with a ping to east-in
ping -n
# confirm that the network is alive
ping -n -c 4 192.0.2.254
# make sure that clear text does not get through
iptables -A INPUT -i eth1 -s 192.0.2.0/24 -j DROP
# confirm with a ping to east-in
ping -n
# confirm that the network is alive
ping -n -c 4 192.0.2.254
# make sure that clear text does not get through
iptables -A INPUT -i eth1 -s 192.0.2.0/24 -j DROP
# confirm with a ping to east-in
ping -n
This test demonstrates the problem that a machine has trying to
be the initiator of two tunnels to two different systems. The combination
is that of having an extrusion of some kind (i.e. wavesec) a
: check out the myid that I concluded with
ipsec auto --status | grep '%myid ='
: ==== cut ====
cat /tmp/pluto.log
ipsec look
ipsec auto --status
: ==== tuc ====
This test demonstrates the problem that a machine has trying to
be the initiator of two tunnels to two different systems. The combination
is that of having an extrusion of some kind (i.e. wavesec) a
TESTNAME=basic-pluto-01
source /testing/pluto/bin/westlocal.sh
# confirm that the network is alive
ping -n -c 4 192.0.2.254
# make sure that clear text does not get through
iptables -A INPUT -i eth1
: we expect that east can ping west
ping -c 1 -n 192.1.2.45
: we expect that this will result no tunnel, as we are not prepared for
: a tunnel, but west will attempt it.
ping -c 2 -n 192.0.1.3
: ma
TESTNAME=fail-x509-09
source /testing/pluto/bin/westlocal.sh
# confirm that the network is alive
ping -n -c 4 192.0.2.254
# make sure that clear text does not get through
iptables -A INPUT -i eth1 -s
