summaryrefslogtreecommitdiff
path: root/testing/tests/swanctl/ip-pool
diff options
context:
space:
mode:
Diffstat (limited to 'testing/tests/swanctl/ip-pool')
-rwxr-xr-xtesting/tests/swanctl/ip-pool/description.txt11
-rwxr-xr-xtesting/tests/swanctl/ip-pool/hosts/carol/etc/strongswan.conf7
-rwxr-xr-xtesting/tests/swanctl/ip-pool/hosts/dave/etc/strongswan.conf7
-rwxr-xr-xtesting/tests/swanctl/ip-pool/hosts/moon/etc/strongswan.conf8
-rwxr-xr-xtesting/tests/swanctl/ip-pool/pretest.dat7
-rwxr-xr-xtesting/tests/swanctl/ip-pool/test.conf4
6 files changed, 22 insertions, 22 deletions
diff --git a/testing/tests/swanctl/ip-pool/description.txt b/testing/tests/swanctl/ip-pool/description.txt
index 23cab8e8f..17b1573f6 100755
--- a/testing/tests/swanctl/ip-pool/description.txt
+++ b/testing/tests/swanctl/ip-pool/description.txt
@@ -1,10 +1,9 @@
The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each to gateway <b>moon</b>.
-Both <b>carol</b> and <b>dave</b> request a <b>virtual IP</b> via the IKEv2 configuration payload
-by using the <b>leftsourceip=%config</b> parameter. The gateway <b>moon</b> assigns virtual
-IP addresses from a simple pool defined by <b>rightsourceip=10.3.0.0/28</b> in a monotonously
-increasing order.
-<p>
-<b>The updown script automatically inserts iptables-based firewall rules that let pass
+Both <b>carol</b> and <b>dave</b> request a <b>virtual IP</b> via the IKEv2 configuration payload.
+The gateway <b>moon</b> assigns virtual IP addresses from a simple pool defined in the pools section
+of swanctl.conf in a monotonously increasing order.
+<p/>
+The updown script automatically inserts iptables-based firewall rules that let pass
the tunneled traffic. In order to test the tunnels, <b>carol</b> and <b>dave</b> then ping
the client <b>alice</b> behind the gateway <b>moon</b>. The source IP addresses of the two
pings will be the virtual IPs <b>carol1</b> and <b>dave1</b>, respectively.
diff --git a/testing/tests/swanctl/ip-pool/hosts/carol/etc/strongswan.conf b/testing/tests/swanctl/ip-pool/hosts/carol/etc/strongswan.conf
index 75f18475c..7d7e5f9f5 100755
--- a/testing/tests/swanctl/ip-pool/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/swanctl/ip-pool/hosts/carol/etc/strongswan.conf
@@ -6,8 +6,9 @@ swanctl {
charon {
load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 revocation constraints pubkey gmp random nonce curl kernel-netlink socket-default updown vici
-}
-libstrongswan {
- dh_exponent_ansi_x9_42 = no
+ start-scripts {
+ creds = /usr/local/sbin/swanctl --load-creds
+ conns = /usr/local/sbin/swanctl --load-conns
+ }
}
diff --git a/testing/tests/swanctl/ip-pool/hosts/dave/etc/strongswan.conf b/testing/tests/swanctl/ip-pool/hosts/dave/etc/strongswan.conf
index 75f18475c..7d7e5f9f5 100755
--- a/testing/tests/swanctl/ip-pool/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/swanctl/ip-pool/hosts/dave/etc/strongswan.conf
@@ -6,8 +6,9 @@ swanctl {
charon {
load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 revocation constraints pubkey gmp random nonce curl kernel-netlink socket-default updown vici
-}
-libstrongswan {
- dh_exponent_ansi_x9_42 = no
+ start-scripts {
+ creds = /usr/local/sbin/swanctl --load-creds
+ conns = /usr/local/sbin/swanctl --load-conns
+ }
}
diff --git a/testing/tests/swanctl/ip-pool/hosts/moon/etc/strongswan.conf b/testing/tests/swanctl/ip-pool/hosts/moon/etc/strongswan.conf
index 75f18475c..cd161bed0 100755
--- a/testing/tests/swanctl/ip-pool/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/swanctl/ip-pool/hosts/moon/etc/strongswan.conf
@@ -6,8 +6,10 @@ swanctl {
charon {
load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 revocation constraints pubkey gmp random nonce curl kernel-netlink socket-default updown vici
-}
-libstrongswan {
- dh_exponent_ansi_x9_42 = no
+ start-scripts {
+ creds = /usr/local/sbin/swanctl --load-creds
+ pools = /usr/local/sbin/swanctl --load-pools
+ conns = /usr/local/sbin/swanctl --load-conns
+ }
}
diff --git a/testing/tests/swanctl/ip-pool/pretest.dat b/testing/tests/swanctl/ip-pool/pretest.dat
index 25288f5ba..706bd1edd 100755
--- a/testing/tests/swanctl/ip-pool/pretest.dat
+++ b/testing/tests/swanctl/ip-pool/pretest.dat
@@ -5,12 +5,5 @@ moon::service charon start 2> /dev/null
carol::service charon start 2> /dev/null
dave::service charon start 2> /dev/null
moon::sleep 1
-moon::swanctl --load-conns 2> /dev/null
-carol::swanctl --load-conns 2> /dev/null
-dave::swanctl --load-conns 2> /dev/null
-moon::swanctl --load-creds 2> /dev/null
-carol::swanctl --load-creds 2> /dev/null
-dave::swanctl --load-creds 2> /dev/null
-moon::swanctl --load-pools 2> /dev/null
carol::swanctl --initiate --child home 2> /dev/null
dave::swanctl --initiate --child home 2> /dev/null
diff --git a/testing/tests/swanctl/ip-pool/test.conf b/testing/tests/swanctl/ip-pool/test.conf
index f29298850..1227b9d1c 100755
--- a/testing/tests/swanctl/ip-pool/test.conf
+++ b/testing/tests/swanctl/ip-pool/test.conf
@@ -19,3 +19,7 @@ TCPDUMPHOSTS="moon"
# Used for IPsec logging purposes
#
IPSECHOSTS="moon carol dave"
+
+# charon controlled by swanctl
+#
+SWANCTL=1
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-08 13:14:44 +0000