diff options
| author | Yves-Alexis Perez <corsac@debian.org> | 2015-11-18 14:49:27 +0100 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@debian.org> | 2015-11-18 14:49:27 +0100 |
| commit | 1e980d6be0ef0e243c6fe82b5e855454b97e24a4 (patch) | |
| tree | 0d59eec2ce2ed332434ae80fc78a44db9ad293c5 /testing/tests/ikev2/mobike-virtual-ip | |
| parent | 5dca9ea0e2931f0e2a056c7964d311bcc30a01b8 (diff) | |
| download | vyos-strongswan-1e980d6be0ef0e243c6fe82b5e855454b97e24a4.tar.gz vyos-strongswan-1e980d6be0ef0e243c6fe82b5e855454b97e24a4.zip | |
Imported Upstream version 5.3.4
Diffstat (limited to 'testing/tests/ikev2/mobike-virtual-ip')
| -rw-r--r-- | testing/tests/ikev2/mobike-virtual-ip/hosts/alice/etc/iptables.rules | 4 | ||||
| -rw-r--r-- | testing/tests/ikev2/mobike-virtual-ip/pretest.dat | 3 |
2 files changed, 5 insertions, 2 deletions
diff --git a/testing/tests/ikev2/mobike-virtual-ip/hosts/alice/etc/iptables.rules b/testing/tests/ikev2/mobike-virtual-ip/hosts/alice/etc/iptables.rules index a238c8d19..450e7cef6 100644 --- a/testing/tests/ikev2/mobike-virtual-ip/hosts/alice/etc/iptables.rules +++ b/testing/tests/ikev2/mobike-virtual-ip/hosts/alice/etc/iptables.rules @@ -5,6 +5,10 @@ -P OUTPUT DROP -P FORWARD DROP +# allow traffic on lo as ifup/ifdown call bind's rndc which accesses TCP 953 +-A OUTPUT -o lo -j ACCEPT +-A INPUT -i lo -j ACCEPT + # allow IPsec tunnel traffic -A INPUT -m policy --dir in --pol ipsec --proto esp -j ACCEPT -A OUTPUT -m policy --dir out --pol ipsec --proto esp -j ACCEPT diff --git a/testing/tests/ikev2/mobike-virtual-ip/pretest.dat b/testing/tests/ikev2/mobike-virtual-ip/pretest.dat index 067c1a1ec..8197296ee 100644 --- a/testing/tests/ikev2/mobike-virtual-ip/pretest.dat +++ b/testing/tests/ikev2/mobike-virtual-ip/pretest.dat @@ -4,6 +4,5 @@ sun::iptables-restore < /etc/iptables.rules sun::ip route add 10.1.0.0/16 via PH_IP_MOON alice::ipsec start sun::ipsec start -alice::sleep 2 +alice::expect-connection mobike alice::ipsec up mobike -alice::sleep 1 |