1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
/* Identities */
INSERT INTO identities (
type, data
) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
);
INSERT INTO identities (
type, data
) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
);
INSERT INTO identities (
type, data
) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
);
INSERT INTO identities (
type, data
) VALUES ( /* dave@strongswan.org */
3, X'64617665407374726f6e677377616e2e6f7267'
);
INSERT INTO identities (
type, data
) VALUES ( /* moon.strongswan.org */
2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
);
/* Certificates */
INSERT INTO certificates (
type, keytype, data
) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
1, 1, X'308203b53082029da003020102020100300d06092a864886f70d01010405003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303131303134355a170d3134303930383131303134355a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381af3081ac300f0603551d130101ff040530030101ff300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d010104050003820101009ad74e3e60592dfb9b21c78628bd76b63090c1720c74bf94753cad6fddadc9c776eb39d3bfaa52136bf528840078386308fcf79503bd3d1ad6c15ac38e10c846bff7888a03cfe7fa0e644b522b2af5aedf0bbc508dc48330a180757772771095059b2be148f58dc0c753b59e9d6bfb02e9b685a928a284531b187313fd2b835bc9ea27d0020739a8d485e88bdede9a45cde6d28ed553b0e8e92dabf877bed59abf9d151f15e4f2d00b5e6e49fcb665293d2296697926c2954dae367542ef6e98053e76d2728732f6ce69f284f0b856aa6c2823a9ee29b280a66f50828f9b5cf27f84feca3c31c24897db156c7a833768ab306f51286457a51f09dd53bbb4190f'
);
INSERT INTO certificate_identity (
certificate, identity
) VALUES (
1, 1
);
INSERT INTO certificate_identity (
certificate, identity
) VALUES (
1, 2
);
INSERT INTO certificate_identity (
certificate, identity
) VALUES (
1, 3
);
/* Shared Secrets */
INSERT INTO shared_secrets (
type, data
) VALUES (
1, X'8d5cce342174da772c8224a59885deaa118d'
);
INSERT INTO shared_secret_identity (
shared_secret, identity
) VALUES (
1, 4
);
INSERT INTO shared_secret_identity (
shared_secret, identity
) VALUES (
1, 5
);
/* Configurations */
INSERT INTO ike_configs (
local, remote
) VALUES (
'PH_IP_DAVE', 'PH_IP_MOON'
);
INSERT INTO peer_configs (
name, ike_cfg, local_id, remote_id, auth_method
) VALUES (
'home', 1, 4, 5, 2
);
INSERT INTO child_configs (
name, updown
) VALUES (
'home', 'ipsec _updown iptables'
);
INSERT INTO peer_config_child_config (
peer_cfg, child_cfg
) VALUES (
1, 1
);
INSERT INTO traffic_selectors (
type, start_addr, end_addr
) VALUES ( /* 10.1.0.0/16 */
7, X'0a010000', X'0a01ffff'
);
INSERT INTO traffic_selectors (
type
) VALUES ( /* dynamic/32 */
7
);
INSERT INTO child_config_traffic_selector (
child_cfg, traffic_selector, kind
) VALUES (
1, 1, 1
);
INSERT INTO child_config_traffic_selector (
child_cfg, traffic_selector, kind
) VALUES (
1, 2, 2
);
|