diff options
| author | Yves-Alexis Perez <corsac@debian.org> | 2015-11-18 15:19:06 +0100 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@debian.org> | 2015-11-18 15:19:06 +0100 |
| commit | fb6324eb165d1577bc4541bc2fc6758c56da2a95 (patch) | |
| tree | afbc98168e056e7839ac0dc434db8f88ffb34833 /testing/tests/ikev2/mobike-virtual-ip | |
| parent | ea6a577e967da0ee954b06b7bdc6796e97eb9b2b (diff) | |
| parent | 1e980d6be0ef0e243c6fe82b5e855454b97e24a4 (diff) | |
| download | vyos-strongswan-fb6324eb165d1577bc4541bc2fc6758c56da2a95.tar.gz vyos-strongswan-fb6324eb165d1577bc4541bc2fc6758c56da2a95.zip | |
Merge tag 'upstream/5.3.4'
Upstream version 5.3.4
Diffstat (limited to 'testing/tests/ikev2/mobike-virtual-ip')
| -rw-r--r-- | testing/tests/ikev2/mobike-virtual-ip/hosts/alice/etc/iptables.rules | 4 | ||||
| -rw-r--r-- | testing/tests/ikev2/mobike-virtual-ip/pretest.dat | 3 |
2 files changed, 5 insertions, 2 deletions
diff --git a/testing/tests/ikev2/mobike-virtual-ip/hosts/alice/etc/iptables.rules b/testing/tests/ikev2/mobike-virtual-ip/hosts/alice/etc/iptables.rules index a238c8d19..450e7cef6 100644 --- a/testing/tests/ikev2/mobike-virtual-ip/hosts/alice/etc/iptables.rules +++ b/testing/tests/ikev2/mobike-virtual-ip/hosts/alice/etc/iptables.rules @@ -5,6 +5,10 @@ -P OUTPUT DROP -P FORWARD DROP +# allow traffic on lo as ifup/ifdown call bind's rndc which accesses TCP 953 +-A OUTPUT -o lo -j ACCEPT +-A INPUT -i lo -j ACCEPT + # allow IPsec tunnel traffic -A INPUT -m policy --dir in --pol ipsec --proto esp -j ACCEPT -A OUTPUT -m policy --dir out --pol ipsec --proto esp -j ACCEPT diff --git a/testing/tests/ikev2/mobike-virtual-ip/pretest.dat b/testing/tests/ikev2/mobike-virtual-ip/pretest.dat index 067c1a1ec..8197296ee 100644 --- a/testing/tests/ikev2/mobike-virtual-ip/pretest.dat +++ b/testing/tests/ikev2/mobike-virtual-ip/pretest.dat @@ -4,6 +4,5 @@ sun::iptables-restore < /etc/iptables.rules sun::ip route add 10.1.0.0/16 via PH_IP_MOON alice::ipsec start sun::ipsec start -alice::sleep 2 +alice::expect-connection mobike alice::ipsec up mobike -alice::sleep 1 |