summaryrefslogtreecommitdiff
path: root/testing/tests/p2pnat
diff options
context:
space:
mode:
authorYves-Alexis Perez <corsac@debian.org>2013-01-02 14:18:20 +0100
committerYves-Alexis Perez <corsac@debian.org>2013-01-02 14:18:20 +0100
commitc1343b3278cdf99533b7902744d15969f9d6fdc1 (patch)
treed5ed3dc5677a59260ec41cd39bb284d3e94c91b3 /testing/tests/p2pnat
parentb34738ed08c2227300d554b139e2495ca5da97d6 (diff)
downloadvyos-strongswan-c1343b3278cdf99533b7902744d15969f9d6fdc1.tar.gz
vyos-strongswan-c1343b3278cdf99533b7902744d15969f9d6fdc1.zip
Imported Upstream version 5.0.1
Diffstat (limited to 'testing/tests/p2pnat')
-rw-r--r--testing/tests/p2pnat/behind-same-nat/evaltest.dat16
-rw-r--r--[-rwxr-xr-x]testing/tests/p2pnat/behind-same-nat/hosts/alice/etc/ipsec.conf6
-rw-r--r--testing/tests/p2pnat/behind-same-nat/hosts/alice/etc/strongswan.conf2
-rw-r--r--[-rwxr-xr-x]testing/tests/p2pnat/behind-same-nat/hosts/carol/etc/ipsec.conf5
-rw-r--r--testing/tests/p2pnat/behind-same-nat/hosts/carol/etc/strongswan.conf2
-rw-r--r--[-rwxr-xr-x]testing/tests/p2pnat/behind-same-nat/hosts/venus/etc/ipsec.conf6
-rw-r--r--testing/tests/p2pnat/behind-same-nat/hosts/venus/etc/strongswan.conf2
-rw-r--r--testing/tests/p2pnat/medsrv-psk/evaltest.dat18
-rw-r--r--[-rwxr-xr-x]testing/tests/p2pnat/medsrv-psk/hosts/alice/etc/ipsec.conf6
-rw-r--r--testing/tests/p2pnat/medsrv-psk/hosts/alice/etc/strongswan.conf2
-rw-r--r--[-rwxr-xr-x]testing/tests/p2pnat/medsrv-psk/hosts/bob/etc/ipsec.conf6
-rw-r--r--testing/tests/p2pnat/medsrv-psk/hosts/bob/etc/strongswan.conf2
-rw-r--r--[-rwxr-xr-x]testing/tests/p2pnat/medsrv-psk/hosts/carol/etc/ipsec.conf5
-rw-r--r--testing/tests/p2pnat/medsrv-psk/hosts/carol/etc/strongswan.conf2
14 files changed, 35 insertions, 45 deletions
diff --git a/testing/tests/p2pnat/behind-same-nat/evaltest.dat b/testing/tests/p2pnat/behind-same-nat/evaltest.dat
index e59334db9..8c79a28c1 100644
--- a/testing/tests/p2pnat/behind-same-nat/evaltest.dat
+++ b/testing/tests/p2pnat/behind-same-nat/evaltest.dat
@@ -1,11 +1,11 @@
-alice::ipsec statusall::medsrv.*ESTABLISHED::YES
-venus::ipsec statusall::medsrv.*ESTABLISHED::YES
-carol::ipsec statusall::medsrv.*ESTABLISHED.*PH_IP_MOON.*6cu1UTVw@medsrv.org::YES
-carol::ipsec statusall::medsrv.*ESTABLISHED.*PH_IP_MOON.*F1ubAio8@medsrv.org::YES
+alice::ipsec status 2> /dev/null::medsrv.*ESTABLISHED.*6cu1UTVw@medsrv.org.*carol@strongswan.org::YES
+venus::ipsec status 2> /dev/null::medsrv.*ESTABLISHED.*F1ubAio8@medsrv.org.*carol@strongswan.org::YES
+carol::ipsec status 2> /dev/null::medsrv.*ESTABLISHED.*PH_IP_MOON.*6cu1UTVw@medsrv.org::YES
+carol::ipsec status 2> /dev/null::medsrv.*ESTABLISHED.*PH_IP_MOON.*F1ubAio8@medsrv.org::YES
alice::cat /var/log/daemon.log::received ME_CALLBACK::YES
-alice::ipsec statusall::peer.*ESTABLISHED::YES
-venus::ipsec statusall::peer.*ESTABLISHED::YES
-alice::ipsec statusall::peer.*INSTALLED::YES
-venus::ipsec statusall::peer.*INSTALLED::YES
+alice::ipsec status 2> /dev/null::peer.*ESTABLISHED.*alice@strongswan.org.*venus.strongswan.org::YES
+venus::ipsec status 2> /dev/null::peer.*ESTABLISHED.*venus.strongswan.org.*alice@strongswan.org::YES
+alice::ipsec status 2> /dev/null::peer.*INSTALLED, TUNNEL::YES
+venus::ipsec status 2> /dev/null::peer.*INSTALLED, TUNNEL::YES
alice::ping -c 1 PH_IP_VENUS::64 bytes from PH_IP_VENUS: icmp_seq=1::YES
venus::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
diff --git a/testing/tests/p2pnat/behind-same-nat/hosts/alice/etc/ipsec.conf b/testing/tests/p2pnat/behind-same-nat/hosts/alice/etc/ipsec.conf
index b47f157f6..4e70be4a0 100755..100644
--- a/testing/tests/p2pnat/behind-same-nat/hosts/alice/etc/ipsec.conf
+++ b/testing/tests/p2pnat/behind-same-nat/hosts/alice/etc/ipsec.conf
@@ -1,9 +1,6 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
conn %default
ikelifetime=60m
@@ -19,10 +16,11 @@ conn %default
conn medsrv
leftid=6cu1UTVw@medsrv.org
+ leftauth=psk
right=PH_IP_CAROL
rightid=carol@strongswan.org
+ rightauth=pubkey
mediation=yes
- authby=psk
auto=add
conn peer
diff --git a/testing/tests/p2pnat/behind-same-nat/hosts/alice/etc/strongswan.conf b/testing/tests/p2pnat/behind-same-nat/hosts/alice/etc/strongswan.conf
index 339b56987..dc937641c 100644
--- a/testing/tests/p2pnat/behind-same-nat/hosts/alice/etc/strongswan.conf
+++ b/testing/tests/p2pnat/behind-same-nat/hosts/alice/etc/strongswan.conf
@@ -1,5 +1,5 @@
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac xcbc stroke kernel-netlink socket-default updown
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac xcbc stroke kernel-netlink socket-default updown
}
diff --git a/testing/tests/p2pnat/behind-same-nat/hosts/carol/etc/ipsec.conf b/testing/tests/p2pnat/behind-same-nat/hosts/carol/etc/ipsec.conf
index e38922cf4..4e8a50fb9 100755..100644
--- a/testing/tests/p2pnat/behind-same-nat/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/p2pnat/behind-same-nat/hosts/carol/etc/ipsec.conf
@@ -1,9 +1,6 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
conn %default
ikelifetime=60m
@@ -19,7 +16,9 @@ conn medsrv
left=PH_IP_CAROL
leftcert=carolCert.pem
leftid=carol@strongswan.org
+ leftauth=pubkey
leftfirewall=yes
right=%any
+ rightauth=psk
mediation=yes
auto=add
diff --git a/testing/tests/p2pnat/behind-same-nat/hosts/carol/etc/strongswan.conf b/testing/tests/p2pnat/behind-same-nat/hosts/carol/etc/strongswan.conf
index 339b56987..dc937641c 100644
--- a/testing/tests/p2pnat/behind-same-nat/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/p2pnat/behind-same-nat/hosts/carol/etc/strongswan.conf
@@ -1,5 +1,5 @@
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac xcbc stroke kernel-netlink socket-default updown
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac xcbc stroke kernel-netlink socket-default updown
}
diff --git a/testing/tests/p2pnat/behind-same-nat/hosts/venus/etc/ipsec.conf b/testing/tests/p2pnat/behind-same-nat/hosts/venus/etc/ipsec.conf
index 3943c361e..4baa7b59f 100755..100644
--- a/testing/tests/p2pnat/behind-same-nat/hosts/venus/etc/ipsec.conf
+++ b/testing/tests/p2pnat/behind-same-nat/hosts/venus/etc/ipsec.conf
@@ -1,9 +1,6 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
conn %default
ikelifetime=60m
@@ -19,9 +16,10 @@ conn %default
conn medsrv
leftid=F1ubAio8@medsrv.org
+ leftauth=psk
right=PH_IP_CAROL
rightid=carol@strongswan.org
- authby=psk
+ rightauth=pubkeye
mediation=yes
auto=start
diff --git a/testing/tests/p2pnat/behind-same-nat/hosts/venus/etc/strongswan.conf b/testing/tests/p2pnat/behind-same-nat/hosts/venus/etc/strongswan.conf
index 339b56987..dc937641c 100644
--- a/testing/tests/p2pnat/behind-same-nat/hosts/venus/etc/strongswan.conf
+++ b/testing/tests/p2pnat/behind-same-nat/hosts/venus/etc/strongswan.conf
@@ -1,5 +1,5 @@
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac xcbc stroke kernel-netlink socket-default updown
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac xcbc stroke kernel-netlink socket-default updown
}
diff --git a/testing/tests/p2pnat/medsrv-psk/evaltest.dat b/testing/tests/p2pnat/medsrv-psk/evaltest.dat
index ba14bb858..1b89c7ebe 100644
--- a/testing/tests/p2pnat/medsrv-psk/evaltest.dat
+++ b/testing/tests/p2pnat/medsrv-psk/evaltest.dat
@@ -1,12 +1,12 @@
-alice::ipsec statusall::medsrv.*ESTABLISHED::YES
-bob::ipsec statusall::medsrv.*ESTABLISHED::YES
-carol::ipsec statusall::medsrv.*ESTABLISHED.*PH_IP_MOON.*6cu1UTVw@medsrv.org::YES
-carol::ipsec statusall::medsrv.*ESTABLISHED.*PH_IP_SUN.*v9oEPMz@medsrv.org::YES
-alice::ipsec statusall::peer.*ESTABLISHED::YES
-bob::ipsec statusall::peer.*ESTABLISHED::YES
-alice::ipsec statusall::peer.*INSTALLED::YES
-bob::ipsec statusall::peer.*INSTALLED::YES
+alice::ipsec status 2> /dev/null::medsrv.*ESTABLISHED.*6cu1UTVw@medsrv.org.*carol@strongswan.org::YES
+bob:: ipsec status 2> /dev/null::medsrv.*ESTABLISHED.*av9oEPMz@medsrv.org.*carol@strongswan.org::YES
+carol::ipsec status 2> /dev/null::medsrv.*ESTABLISHED.*PH_IP_MOON.*6cu1UTVw@medsrv.org::YES
+carol::ipsec status 2> /dev/null::medsrv.*ESTABLISHED.*PH_IP_SUN.*v9oEPMz@medsrv.org::YES
+alice::ipsec status 2> /dev/null::peer.*ESTABLISHED.*alice@strongswan.org.*bob@strongswan.org::YES
+bob:: ipsec status 2> /dev/null::peer.*ESTABLISHED.*bob@strongswan.org.*alice@strongswan.org::YES
+alice::ipsec status 2> /dev/null::peer.*INSTALLED, TUNNEL::YES
+bob:: ipsec status 2> /dev/null::peer.*INSTALLED, TUNNEL::YES
alice::ping -c 1 PH_IP_BOB::64 bytes from PH_IP_BOB: icmp_seq=1::YES
-bob::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+bob:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
moon::tcpdump::IP moon.strongswan.org.* > sun.strongswan.org.*: UDP::YES
moon::tcpdump::IP sun.strongswan.org.* > moon.strongswan.org.*: UDP::YES
diff --git a/testing/tests/p2pnat/medsrv-psk/hosts/alice/etc/ipsec.conf b/testing/tests/p2pnat/medsrv-psk/hosts/alice/etc/ipsec.conf
index 99a50d5d8..6ac413a1b 100755..100644
--- a/testing/tests/p2pnat/medsrv-psk/hosts/alice/etc/ipsec.conf
+++ b/testing/tests/p2pnat/medsrv-psk/hosts/alice/etc/ipsec.conf
@@ -1,9 +1,6 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
conn %default
ikelifetime=60m
@@ -19,10 +16,11 @@ conn %default
conn medsrv
leftid=6cu1UTVw@medsrv.org
+ leftauth=psk
right=PH_IP_CAROL
rightid=carol@strongswan.org
+ rightauth=pubkey
mediation=yes
- authby=psk
auto=add
conn peer
diff --git a/testing/tests/p2pnat/medsrv-psk/hosts/alice/etc/strongswan.conf b/testing/tests/p2pnat/medsrv-psk/hosts/alice/etc/strongswan.conf
index 339b56987..dc937641c 100644
--- a/testing/tests/p2pnat/medsrv-psk/hosts/alice/etc/strongswan.conf
+++ b/testing/tests/p2pnat/medsrv-psk/hosts/alice/etc/strongswan.conf
@@ -1,5 +1,5 @@
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac xcbc stroke kernel-netlink socket-default updown
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac xcbc stroke kernel-netlink socket-default updown
}
diff --git a/testing/tests/p2pnat/medsrv-psk/hosts/bob/etc/ipsec.conf b/testing/tests/p2pnat/medsrv-psk/hosts/bob/etc/ipsec.conf
index 39dee8521..fb95f5637 100755..100644
--- a/testing/tests/p2pnat/medsrv-psk/hosts/bob/etc/ipsec.conf
+++ b/testing/tests/p2pnat/medsrv-psk/hosts/bob/etc/ipsec.conf
@@ -1,9 +1,6 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
conn %default
ikelifetime=60m
@@ -19,9 +16,10 @@ conn %default
conn medsrv
leftid=av9oEPMz@medsrv.org
+ leftauth=psk
right=PH_IP_CAROL
rightid=carol@strongswan.org
- authby=psk
+ rightauth=pubkey
mediation=yes
auto=start
diff --git a/testing/tests/p2pnat/medsrv-psk/hosts/bob/etc/strongswan.conf b/testing/tests/p2pnat/medsrv-psk/hosts/bob/etc/strongswan.conf
index 339b56987..dc937641c 100644
--- a/testing/tests/p2pnat/medsrv-psk/hosts/bob/etc/strongswan.conf
+++ b/testing/tests/p2pnat/medsrv-psk/hosts/bob/etc/strongswan.conf
@@ -1,5 +1,5 @@
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac xcbc stroke kernel-netlink socket-default updown
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac xcbc stroke kernel-netlink socket-default updown
}
diff --git a/testing/tests/p2pnat/medsrv-psk/hosts/carol/etc/ipsec.conf b/testing/tests/p2pnat/medsrv-psk/hosts/carol/etc/ipsec.conf
index e38922cf4..4e8a50fb9 100755..100644
--- a/testing/tests/p2pnat/medsrv-psk/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/p2pnat/medsrv-psk/hosts/carol/etc/ipsec.conf
@@ -1,9 +1,6 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
conn %default
ikelifetime=60m
@@ -19,7 +16,9 @@ conn medsrv
left=PH_IP_CAROL
leftcert=carolCert.pem
leftid=carol@strongswan.org
+ leftauth=pubkey
leftfirewall=yes
right=%any
+ rightauth=psk
mediation=yes
auto=add
diff --git a/testing/tests/p2pnat/medsrv-psk/hosts/carol/etc/strongswan.conf b/testing/tests/p2pnat/medsrv-psk/hosts/carol/etc/strongswan.conf
index 339b56987..dc937641c 100644
--- a/testing/tests/p2pnat/medsrv-psk/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/p2pnat/medsrv-psk/hosts/carol/etc/strongswan.conf
@@ -1,5 +1,5 @@
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac xcbc stroke kernel-netlink socket-default updown
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac xcbc stroke kernel-netlink socket-default updown
}