Imported Upstream version 5.3.0

author: Yves-Alexis Perez <corsac@debian.org> 2015-04-11 22:03:59 +0200
committer: Yves-Alexis Perez <corsac@debian.org> 2015-04-11 22:03:59 +0200
commit: 83b8aebb19fe6e49e13a05d4e8f5ab9a06177642 (patch)
tree: 51255545ba43b84aa5d673bd0eb557cbd0155c9e /testing/tests/swanctl
parent: 2b8de74ff4c334c25e89988c4a401b24b5bcf03d (diff)
download: vyos-strongswan-83b8aebb19fe6e49e13a05d4e8f5ab9a06177642.tar.gz
vyos-strongswan-83b8aebb19fe6e49e13a05d4e8f5ab9a06177642.zip
9 files changed, 0 insertions, 159 deletions
diff --git a/testing/tests/swanctl/net2net-cert-ipv6/description.txt b/testing/tests/swanctl/net2net-cert-ipv6/description.txt
deleted file mode 100755
index 5952ecc2d..000000000
--- a/testing/tests/swanctl/net2net-cert-ipv6/description.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-An IPv6 ESP tunnel connection between the gateways <b>moon</b> and <b>sun</b> is successfully set up.
-It connects the two subnets hiding behind their respective gateways. The authentication is based on
-X.509 certificates. Upon the successful establishment of the IPsec tunnel, <b>leftfirewall=yes</b>
-automatically inserts ip6tables-based firewall rules that let pass the tunneled traffic.
-In order to test both the net-to-net tunnel and the firewall rules, client <b>alice</b> behind <b>moon</b>
-sends an IPv6 ICMP request to client <b>bob</b> behind <b>sun</b> using the ping6 command.
diff --git a/testing/tests/swanctl/net2net-cert-ipv6/evaltest.dat b/testing/tests/swanctl/net2net-cert-ipv6/evaltest.dat
deleted file mode 100755
index cdbecd553..000000000
--- a/testing/tests/swanctl/net2net-cert-ipv6/evaltest.dat
+++ /dev/null
@@ -1,5 +0,0 @@
-moon::swanctl --list-sas --raw 2> /dev/null::gw-gw.*version=2 state=ESTABLISHED local-host=192.168.0.1 local-id=moon.strongswan.org remote-host=192.168.0.2 remote-id=sun.strongswan.org initiator=yes.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=MODP_2048.*child-sas.*net-net.*state=INSTALLED mode=TUNNEL.*ESP.*encr-alg=AES_GCM_16 encr-keysize=128.*local-ts=\[10.1.0.0/16] remote-ts=\[10.2.0.0/16]::YES
-sun:: swanctl --list-sas --raw 2> /dev/null::gw-gw.*version=2 state=ESTABLISHED local-host=192.168.0.2 local-id=sun.strongswan.org remote-host=192.168.0.1 remote-id=moon.strongswan.org.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=MODP_2048.*child-sas.*net-net.*state=INSTALLED mode=TUNNEL.*ESP.*encr-alg=AES_GCM_16 encr-keysize=128.*local-ts=\[10.2.0.0/16] remote-ts=\[10.1.0.0/16]::YES
-alice::ping -c 1 PH_IP_BOB::64 bytes from PH_IP_BOB: icmp_req=1::YES
-sun::tcpdump::IP moon.strongswan.org > sun.strongswan.org: ESP::YES
-sun::tcpdump::IP sun.strongswan.org > moon.strongswan.org: ESP::YES
diff --git a/testing/tests/swanctl/net2net-cert-ipv6/hosts/moon/etc/strongswan.conf b/testing/tests/swanctl/net2net-cert-ipv6/hosts/moon/etc/strongswan.conf
deleted file mode 100755
index bd131af39..000000000
--- a/testing/tests/swanctl/net2net-cert-ipv6/hosts/moon/etc/strongswan.conf
+++ /dev/null
@@ -1,15 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-swanctl {
-  load = pem pkcs1 x509 revocation constraints pubkey openssl random 
-}
-
-charon {
-  load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 revocation constraints pubkey gmp random nonce curl kernel-netlink socket-default updown vici 
-
-  fragment_size = 1400
-}
-
-libstrongswan {
-  dh_exponent_ansi_x9_42 = no
-}
diff --git a/testing/tests/swanctl/net2net-cert-ipv6/hosts/moon/etc/swanctl/swanctl.conf b/testing/tests/swanctl/net2net-cert-ipv6/hosts/moon/etc/swanctl/swanctl.conf
deleted file mode 100755
index 16e145cd7..000000000
--- a/testing/tests/swanctl/net2net-cert-ipv6/hosts/moon/etc/swanctl/swanctl.conf
+++ /dev/null
@@ -1,35 +0,0 @@
-connections {
-
-   gw-gw {
-      local_addrs  = fec0::1
-      remote_addrs = fec0::2 
-
-      local {
-         auth = pubkey
-         certs = moonCert.pem
-         id = moon.strongswan.org
-      }
-      remote {
-         auth = pubkey
-         id = sun.strongswan.org 
-      }
-      children {
-         net-net {
-            local_ts  = fec1::0/16 
-            remote_ts = fec2::0/16 
-
-            start_action = none
-            updown = /usr/local/libexec/ipsec/_updown iptables
-            rekey_time = 10m 
-            esp_proposals = aes128gcm128-modp2048
-         }
-      }
-
-      version = 2
-      mobike = no
-      fragmentation = yes
-      reauth_time = 60m
-      rekey_time =  20m
-      proposals = aes128-sha256-modp2048
-   }
-}
diff --git a/testing/tests/swanctl/net2net-cert-ipv6/hosts/sun/etc/strongswan.conf b/testing/tests/swanctl/net2net-cert-ipv6/hosts/sun/etc/strongswan.conf
deleted file mode 100755
index bd131af39..000000000
--- a/testing/tests/swanctl/net2net-cert-ipv6/hosts/sun/etc/strongswan.conf
+++ /dev/null
@@ -1,15 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-swanctl {
-  load = pem pkcs1 x509 revocation constraints pubkey openssl random 
-}
-
-charon {
-  load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 revocation constraints pubkey gmp random nonce curl kernel-netlink socket-default updown vici 
-
-  fragment_size = 1400
-}
-
-libstrongswan {
-  dh_exponent_ansi_x9_42 = no
-}
diff --git a/testing/tests/swanctl/net2net-cert-ipv6/hosts/sun/etc/swanctl/swanctl.conf b/testing/tests/swanctl/net2net-cert-ipv6/hosts/sun/etc/swanctl/swanctl.conf
deleted file mode 100755
index 90aa137f0..000000000
--- a/testing/tests/swanctl/net2net-cert-ipv6/hosts/sun/etc/swanctl/swanctl.conf
+++ /dev/null
@@ -1,35 +0,0 @@
-connections {
-
-   gw-gw {
-      local_addrs  = fec0::2
-      remote_addrs = fec0::1 
-
-      local {
-         auth = pubkey
-         certs = sunCert.pem
-         id = sun.strongswan.org
-      }
-      remote {
-         auth = pubkey
-         id = moon.strongswan.org 
-      }
-      children {
-         net-net {
-            local_ts  = fec2::0/16 
-            remote_ts = fec1::0/16 
-
-            start_action = none
-            updown = /usr/local/libexec/ipsec/_updown iptables
-            rekey_time = 10m 
-            esp_proposals = aes128gcm128-modp2048
-         }
-      }
-
-      version = 2
-      mobike = no
-      fragmentation = yes
-      reauth_time = 60m
-      rekey_time =  20m
-      proposals = aes128-sha256-modp2048
-   }
-}
diff --git a/testing/tests/swanctl/net2net-cert-ipv6/posttest.dat b/testing/tests/swanctl/net2net-cert-ipv6/posttest.dat
deleted file mode 100755
index a40a7dd2f..000000000
--- a/testing/tests/swanctl/net2net-cert-ipv6/posttest.dat
+++ /dev/null
@@ -1,11 +0,0 @@
-moon::swanctl --terminate --ike gw-gw 2> /dev/null
-moon::service charon stop 2> /dev/null
-sun::service charon stop 2> /dev/null
-alice::"ip route del fec2:\:/16 via fec1:\:1"
-moon::"ip route del fec2:\:/16 via fec0:\:2"
-sun::"ip route del fec1:\:/16 via fec0:\:1"
-bob::"ip route del fec1:\:/16 via fec2:\:1"
-moon::iptables-restore < /etc/iptables.flush
-sun::iptables-restore < /etc/iptables.flush
-moon::ip6tables-restore < /etc/ip6tables.flush
-sun::ip6tables-restore < /etc/ip6tables.flush
diff --git a/testing/tests/swanctl/net2net-cert-ipv6/pretest.dat b/testing/tests/swanctl/net2net-cert-ipv6/pretest.dat
deleted file mode 100755
index 36e8e1999..000000000
--- a/testing/tests/swanctl/net2net-cert-ipv6/pretest.dat
+++ /dev/null
@@ -1,16 +0,0 @@
-moon::iptables-restore < /etc/iptables.drop
-sun::iptables-restore < /etc/iptables.drop
-moon::ip6tables-restore < /etc/ip6tables.rules
-sun::ip6tables-restore < /etc/ip6tables.rules
-alice::"ip route add fec2:\:/16 via fec1:\:1"
-moon::"ip route add fec2:\:/16 via fec0:\:2"
-sun::"ip route add fec1:\:/16 via fec0:\:1"
-bob::"ip route add fec1:\:/16 via fec2:\:1"
-moon::service charon start 2> /dev/null
-sun::service charon start 2> /dev/null
-moon::sleep 1
-moon::swanctl --load-conns 2> /dev/null
-sun::swanctl --load-conns 2> /dev/null
-moon::swanctl --load-creds 2> /dev/null
-sun::swanctl --load-creds 2> /dev/null
-moon::swanctl --initiate --child net-net 2> /dev/null
diff --git a/testing/tests/swanctl/net2net-cert-ipv6/test.conf b/testing/tests/swanctl/net2net-cert-ipv6/test.conf
deleted file mode 100755
index 646b8b3e6..000000000
--- a/testing/tests/swanctl/net2net-cert-ipv6/test.conf
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/bash
-#
-# This configuration file provides information on the
-# guest instances used for this test
-
-# All guest instances that are required for this test
-#
-VIRTHOSTS="alice moon winnetou sun bob"
-
-# Corresponding block diagram
-#
-DIAGRAM="a-m-w-s-b.png"
- 
-# Guest instances on which tcpdump is to be started
-#
-TCPDUMPHOSTS="sun"
-
-# Guest instances on which IPsec is started
-# Used for IPsec logging purposes
-#
-IPSECHOSTS="moon sun"
author	Yves-Alexis Perez <corsac@debian.org>	2015-04-11 22:03:59 +0200
committer	Yves-Alexis Perez <corsac@debian.org>	2015-04-11 22:03:59 +0200
commit	83b8aebb19fe6e49e13a05d4e8f5ab9a06177642 (patch)
tree	51255545ba43b84aa5d673bd0eb557cbd0155c9e /testing/tests/swanctl
parent	2b8de74ff4c334c25e89988c4a401b24b5bcf03d (diff)
download	vyos-strongswan-83b8aebb19fe6e49e13a05d4e8f5ab9a06177642.tar.gz vyos-strongswan-83b8aebb19fe6e49e13a05d4e8f5ab9a06177642.zip