/testing/guestbin/swan-prep --x509 Preparing X.509 files east # certutil -D -n road -d sql:/etc/ipsec.d east # certutil -D -n east -d sql:/etc/ipsec.d east # cp east-ikev2-oe.conf /etc/ipsec.d/ikev2-oe.conf east # cp policies/* /etc/ipsec.d/policies/ east # echo "192.1.3.0/24" >> /etc/ipsec.d/policies/private-or-clear east # ipsec start Redirecting to: [initsystem] east # /testing/pluto/bin/wait-until-pluto-started east # ipsec whack --impair suppress-retransmits east # # give OE policies time to load east # sleep 5 east # echo "initdone" initdone east # # A tunnel should have established with non-zero byte counters east # ipsec whack --trafficstatus east # grep "negotiated connection" /tmp/pluto.log east # # you should see both RSA and NULL east # grep IKEv2_AUTH_ OUTPUT/*pluto.log OUTPUT/east.pluto.log:| auth method: IKEv2_AUTH_RSA (0x1) OUTPUT/road.pluto.log:| auth method: IKEv2_AUTH_RSA (0x1) east # east # ../bin/check-for-core.sh east # if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi