summaryrefslogtreecommitdiff
path: root/testing/tests/ikev2/mobike-virtual-ip
diff options
context:
space:
mode:
Diffstat (limited to 'testing/tests/ikev2/mobike-virtual-ip')
-rw-r--r--testing/tests/ikev2/mobike-virtual-ip/hosts/alice/etc/iptables.rules4
-rw-r--r--testing/tests/ikev2/mobike-virtual-ip/pretest.dat3
2 files changed, 5 insertions, 2 deletions
diff --git a/testing/tests/ikev2/mobike-virtual-ip/hosts/alice/etc/iptables.rules b/testing/tests/ikev2/mobike-virtual-ip/hosts/alice/etc/iptables.rules
index a238c8d19..450e7cef6 100644
--- a/testing/tests/ikev2/mobike-virtual-ip/hosts/alice/etc/iptables.rules
+++ b/testing/tests/ikev2/mobike-virtual-ip/hosts/alice/etc/iptables.rules
@@ -5,6 +5,10 @@
-P OUTPUT DROP
-P FORWARD DROP
+# allow traffic on lo as ifup/ifdown call bind's rndc which accesses TCP 953
+-A OUTPUT -o lo -j ACCEPT
+-A INPUT -i lo -j ACCEPT
+
# allow IPsec tunnel traffic
-A INPUT -m policy --dir in --pol ipsec --proto esp -j ACCEPT
-A OUTPUT -m policy --dir out --pol ipsec --proto esp -j ACCEPT
diff --git a/testing/tests/ikev2/mobike-virtual-ip/pretest.dat b/testing/tests/ikev2/mobike-virtual-ip/pretest.dat
index 067c1a1ec..8197296ee 100644
--- a/testing/tests/ikev2/mobike-virtual-ip/pretest.dat
+++ b/testing/tests/ikev2/mobike-virtual-ip/pretest.dat
@@ -4,6 +4,5 @@ sun::iptables-restore < /etc/iptables.rules
sun::ip route add 10.1.0.0/16 via PH_IP_MOON
alice::ipsec start
sun::ipsec start
-alice::sleep 2
+alice::expect-connection mobike
alice::ipsec up mobike
-alice::sleep 1
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-09 12:21:39 +0000