diff options
Diffstat (limited to 'testing/tests/tnc/tnccs-11-radius/hosts/moon')
3 files changed, 0 insertions, 100 deletions
diff --git a/testing/tests/tnc/tnccs-11-radius/hosts/moon/etc/iptables.rules b/testing/tests/tnc/tnccs-11-radius/hosts/moon/etc/iptables.rules deleted file mode 100644 index 1eb755354..000000000 --- a/testing/tests/tnc/tnccs-11-radius/hosts/moon/etc/iptables.rules +++ /dev/null @@ -1,32 +0,0 @@ -*filter - -# default policy is DROP --P INPUT DROP --P OUTPUT DROP --P FORWARD DROP - -# allow esp --A INPUT -i eth0 -p 50 -j ACCEPT --A OUTPUT -o eth0 -p 50 -j ACCEPT - -# allow IKE --A INPUT -i eth0 -p udp --sport 500 --dport 500 -j ACCEPT --A OUTPUT -o eth0 -p udp --dport 500 --sport 500 -j ACCEPT - -# allow MobIKE --A INPUT -i eth0 -p udp --sport 4500 --dport 4500 -j ACCEPT --A OUTPUT -o eth0 -p udp --dport 4500 --sport 4500 -j ACCEPT - -# allow ssh --A INPUT -p tcp --dport 22 -j ACCEPT --A OUTPUT -p tcp --sport 22 -j ACCEPT - -# allow crl fetch from winnetou --A INPUT -i eth0 -p tcp --sport 80 -s PH_IP_WINNETOU -j ACCEPT --A OUTPUT -o eth0 -p tcp --dport 80 -d PH_IP_WINNETOU -j ACCEPT - -# allow RADIUS protocol with alice --A INPUT -i eth1 -p udp --sport 1812 -s PH_IP_ALICE -j ACCEPT --A OUTPUT -o eth1 -p udp --dport 1812 -d PH_IP_ALICE -j ACCEPT - -COMMIT diff --git a/testing/tests/tnc/tnccs-11-radius/hosts/moon/etc/strongswan.conf b/testing/tests/tnc/tnccs-11-radius/hosts/moon/etc/strongswan.conf deleted file mode 100644 index 4c9dd6e1f..000000000 --- a/testing/tests/tnc/tnccs-11-radius/hosts/moon/etc/strongswan.conf +++ /dev/null @@ -1,15 +0,0 @@ -# /etc/strongswan.conf - strongSwan configuration file - -charon-systemd { - load = random nonce aes sha1 sha2 md5 pem pkcs1 gmp hmac x509 revocation curl vici kernel-netlink socket-default eap-radius updown - - multiple_authentication=no - - plugins { - eap-radius { - secret = gv6URkSs - server = 10.1.0.10 - filter_id = yes - } - } -} diff --git a/testing/tests/tnc/tnccs-11-radius/hosts/moon/etc/swanctl/swanctl.conf b/testing/tests/tnc/tnccs-11-radius/hosts/moon/etc/swanctl/swanctl.conf deleted file mode 100644 index 3caad0c66..000000000 --- a/testing/tests/tnc/tnccs-11-radius/hosts/moon/etc/swanctl/swanctl.conf +++ /dev/null @@ -1,53 +0,0 @@ -connections { - - rw-allow { - local_addrs = 192.168.0.1 - - local { - auth = pubkey - id = moon.strongswan.org - certs = moonCert.pem - } - remote { - auth = eap-radius - id = *@strongswan.org - groups = allow - } - children { - rw-allow { - local_ts = 10.1.0.0/28 - - updown = /usr/local/libexec/ipsec/_updown iptables - esp_proposals = aes128gcm16-modp3072 - } - } - version = 2 - send_certreq = no - proposals = aes128-sha256-modp3072 - } - - rw-isolate { - local_addrs = 192.168.0.1 - - local { - auth = pubkey - id = moon.strongswan.org - } - remote { - auth = eap-radius - id = *@strongswan.org - groups = isolate - } - children { - rw-isolate { - local_ts = 10.1.0.16/28 - - updown = /usr/local/libexec/ipsec/_updown iptables - esp_proposals = aes128gcm16-modp3072 - } - } - version = 2 - send_certreq = no - proposals = aes128-sha256-modp3072 - } -} |