: ==== start ====
# confirm that the network is alive
ping -n -c 4 192.0.2.254
# make sure that clear text does not get through
iptables -A INPUT -i eth1 -s 192.0.2.0/24 -j DROP
# confirm with a ping
: check out the myid that I concluded with
ipsec auto --status | grep '%myid ='
: ==== cut ====
cat /tmp/pluto.log
ipsec look
ipsec auto --status
: ==== tuc ====
: check out the myid that I concluded with
ipsec auto --status | grep '%myid ='
: ==== cut ====
cat /tmp/pluto.log
ipsec look
ipsec auto --status
: ==== tuc ====
This is a test of NAT-traversal.
The network is configured as follows:
ROAD
|
NIC---EAST--SUNRISE
A NAT is setup on NIC that does traditional NAPT on the
NORTH network.
This more
This test invokes Opportunistic Encryption for a gateway that performs source
NAPT (aka "IP masquerading") on the packets first.
NOTE, that this test manages *sunset* and *west*, but uses the mechani
: check out the myid that I concluded with
ipsec auto --status | grep '%myid ='
: ==== cut ====
cat /tmp/pluto.log
ipsec look
ipsec auto --status
: ==== tuc ====
This test demonstrates the problem that a machine has trying to
be the initiator of two tunnels to two different systems. The combination
is that of having an extrusion of some kind (i.e. wavesec) a
TESTNAME=fail-x509-07
source /testing/pluto/bin/westlocal.sh
# confirm that the network is alive
ping -n -c 4 192.0.2.254
# make sure that clear text does not get through
iptables -A INPUT -i eth1 -s
This tests the foodgroup "never" - it attempts to send a ping from a host
(east) to a clear node (sunrise), verifying that in fact, no packets ever
actually traverse.
The proof of the lack of packets
#!/bin/sh
#
# This is the nightly build script.
# It does almost nothing since the process itself is kept in CVS.
#
# This causes some bootstrap problems, but we deal with that by understanding
# tha
