diff options
Diffstat (limited to 'testing/tests/ikev2')
6 files changed, 12 insertions, 12 deletions
diff --git a/testing/tests/ikev2/dhcp-dynamic/hosts/moon/etc/iptables.rules b/testing/tests/ikev2/dhcp-dynamic/hosts/moon/etc/iptables.rules index 792fc56bc..2d9a466b0 100644 --- a/testing/tests/ikev2/dhcp-dynamic/hosts/moon/etc/iptables.rules +++ b/testing/tests/ikev2/dhcp-dynamic/hosts/moon/etc/iptables.rules @@ -5,8 +5,8 @@ -P OUTPUT DROP -P FORWARD DROP -# allow bootps (in relay mode also in OUTPUT) --A OUTPUT -p udp --sport bootps --dport bootps -j ACCEPT +# allow bootpc and bootps +-A OUTPUT -p udp --sport bootpc --dport bootps -j ACCEPT -A INPUT -p udp --sport bootps --dport bootps -j ACCEPT # allow broadcasts from eth1 diff --git a/testing/tests/ikev2/dhcp-static-client-id/hosts/moon/etc/iptables.rules b/testing/tests/ikev2/dhcp-static-client-id/hosts/moon/etc/iptables.rules index 792fc56bc..2d9a466b0 100644 --- a/testing/tests/ikev2/dhcp-static-client-id/hosts/moon/etc/iptables.rules +++ b/testing/tests/ikev2/dhcp-static-client-id/hosts/moon/etc/iptables.rules @@ -5,8 +5,8 @@ -P OUTPUT DROP -P FORWARD DROP -# allow bootps (in relay mode also in OUTPUT) --A OUTPUT -p udp --sport bootps --dport bootps -j ACCEPT +# allow bootpc and bootps +-A OUTPUT -p udp --sport bootpc --dport bootps -j ACCEPT -A INPUT -p udp --sport bootps --dport bootps -j ACCEPT # allow broadcasts from eth1 diff --git a/testing/tests/ikev2/dhcp-static-mac/hosts/moon/etc/iptables.rules b/testing/tests/ikev2/dhcp-static-mac/hosts/moon/etc/iptables.rules index 792fc56bc..2d9a466b0 100644 --- a/testing/tests/ikev2/dhcp-static-mac/hosts/moon/etc/iptables.rules +++ b/testing/tests/ikev2/dhcp-static-mac/hosts/moon/etc/iptables.rules @@ -5,8 +5,8 @@ -P OUTPUT DROP -P FORWARD DROP -# allow bootps (in relay mode also in OUTPUT) --A OUTPUT -p udp --sport bootps --dport bootps -j ACCEPT +# allow bootpc and bootps +-A OUTPUT -p udp --sport bootpc --dport bootps -j ACCEPT -A INPUT -p udp --sport bootps --dport bootps -j ACCEPT # allow broadcasts from eth1 diff --git a/testing/tests/ikev2/multi-level-ca-ldap/evaltest.dat b/testing/tests/ikev2/multi-level-ca-ldap/evaltest.dat index 4abcde1e8..49271bd8c 100644 --- a/testing/tests/ikev2/multi-level-ca-ldap/evaltest.dat +++ b/testing/tests/ikev2/multi-level-ca-ldap/evaltest.dat @@ -10,7 +10,7 @@ carol::cat /var/log/daemon.log::received TS_UNACCEPTABLE notify, no CHILD_SA bui carol::ipsec status 2> /dev/null::venus.*INSTALLED::NO moon:: ipsec status 2> /dev/null::venus.*ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::NO moon:: cat /var/log/daemon.log::constraint check failed: peer not authenticated by.*Research CA::YES -moon:: cat /var/log/daemon.log::selected peer config.*alice.*inacceptable::YES +moon:: cat /var/log/daemon.log::selected peer config.*alice.*unacceptable::YES moon:: cat /var/log/daemon.log::switching to peer config.*venus::YES dave:: ipsec status 2> /dev/null::venus.*INSTALLED, TUNNEL::YES moon:: ipsec status 2> /dev/null::venus.*ESTABLISHED.*moon.strongswan.org.*dave@strongswan.org::YES diff --git a/testing/tests/ikev2/multi-level-ca/evaltest.dat b/testing/tests/ikev2/multi-level-ca/evaltest.dat index e1c5be4ed..10da97f98 100644 --- a/testing/tests/ikev2/multi-level-ca/evaltest.dat +++ b/testing/tests/ikev2/multi-level-ca/evaltest.dat @@ -10,7 +10,7 @@ carol::cat /var/log/daemon.log::received TS_UNACCEPTABLE notify, no CHILD_SA bui carol::ipsec status 2> /dev/null::venus.*INSTALLED::NO moon:: ipsec status 2> /dev/null::venus.*ESTABLISHED.*carol@strongswan.org::NO moon:: cat /var/log/daemon.log::constraint check failed: peer not authenticated by.*Research CA::YES -moon:: cat /var/log/daemon.log::selected peer config.*alice.*inacceptable::YES +moon:: cat /var/log/daemon.log::selected peer config.*alice.*unacceptable::YES moon:: cat /var/log/daemon.log::switching to peer config.*venus::YES dave:: ipsec status 2> /dev/null::venus.*INSTALLED, TUNNEL::YES moon:: ipsec status 2> /dev/null::venus.*ESTABLISHED.*dave@strongswan.org::YES diff --git a/testing/tests/ikev2/net2net-fragmentation/evaltest.dat b/testing/tests/ikev2/net2net-fragmentation/evaltest.dat index c6a8ff5d7..b8e2eff41 100644 --- a/testing/tests/ikev2/net2net-fragmentation/evaltest.dat +++ b/testing/tests/ikev2/net2net-fragmentation/evaltest.dat @@ -1,11 +1,11 @@ moon::cat /var/log/daemon.log::IKE_SA_INIT request 0.*FRAG_SUP::YES sun::cat /var/log/daemon.log::IKE_SA_INIT response 0.*FRAG_SUP::YES -moon::cat /var/log/daemon.log::splitting IKE message with length of .*bytes into 2 fragments::YES -sun::cat /var/log/daemon.log::splitting IKE message with length of .*bytes into 2 fragments::YES +moon::cat /var/log/daemon.log::splitting IKE message (.*bytes) into 2 fragments::YES +sun::cat /var/log/daemon.log::splitting IKE message (.*bytes) into 2 fragments::YES moon::cat /var/log/daemon.log::received fragment #1 of 2, waiting for complete IKE message::YES -moon::cat /var/log/daemon.log::received fragment #2 of 2, reassembling fragmented IKE message::YES +moon::cat /var/log/daemon.log::received fragment #2 of 2, reassembled fragmented IKE message::YES sun::cat /var/log/daemon.log::received fragment #1 of 2, waiting for complete IKE message::YES -sun::cat /var/log/daemon.log::received fragment #2 of 2, reassembling fragmented IKE message::YES +sun::cat /var/log/daemon.log::received fragment #2 of 2, reassembled fragmented IKE message::YES moon::ipsec status 2> /dev/null::net-net.*ESTABLISHED.*moon.strongswan.org.*sun.strongswan.org::YES sun:: ipsec status 2> /dev/null::net-net.*ESTABLISHED.*sun.strongswan.org.*moon.strongswan.org::YES moon::ipsec status 2> /dev/null::net-net.*INSTALLED, TUNNEL::YES |