iptables -t nat -F
nic #
 iptables -F
nic #
 ip addr add 192.1.3.130/24 dev eth1
nic #
 # Destination NAT to east's address not the port
nic #
 iptables -t nat -A PREROUTING -d 192.1.3.130 -j DNAT --to-destination 192.1.2.23
nic #
 # A tunnel should have established with non-zero byte counters
nic #
 ip addr show scope global
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default
    link/ether 12:00:00:de:ad:ba brd ff:ff:ff:ff:ff:ff
    inet 192.1.2.254/24 brd 192.1.2.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet 1.2.3.4/24 brd 1.2.3.255 scope global eth0:5
       valid_lft forever preferred_lft forever
    inet 192.1.4.254/24 brd 192.1.4.255 scope global eth0:7
       valid_lft forever preferred_lft forever
    inet 192.1.2.129/24 brd 192.1.2.255 scope global secondary eth0:1
       valid_lft forever preferred_lft forever
    inet 192.1.2.130/24 brd 192.1.2.255 scope global secondary eth0:2
       valid_lft forever preferred_lft forever
    inet 192.1.2.63/24 brd 192.1.2.255 scope global secondary eth0:3
       valid_lft forever preferred_lft forever
    inet 192.1.2.30/24 brd 192.1.2.255 scope global secondary eth0:4
       valid_lft forever preferred_lft forever
    inet6 2001:db8:1:2::254/64 scope global
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default
    link/ether 12:00:00:32:64:ba brd ff:ff:ff:ff:ff:ff
    inet 192.1.3.254/24 brd 192.1.3.255 scope global eth1
       valid_lft forever preferred_lft forever
    inet 192.1.3.130/24 scope global secondary eth1
       valid_lft forever preferred_lft forever
    inet6 2001:db8:1:3::254/64 scope global
       valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default
    link/ether 12:00:00:32:64:fe brd ff:ff:ff:ff:ff:ff
       valid_lft forever preferred_lft forever
    inet6 2001:db8:9:2::23/64 scope global
       valid_lft forever preferred_lft forever
5: eth3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default
    link/ether 52:54:00:1d:9c:19 brd ff:ff:ff:ff:ff:ff
nic #
 # jacob two two for east?
nic #
 ipsec whack --trafficstatus
-bash: ipsec: command not found
nic #
 ipsec whack --trafficstatus
-bash: ipsec: command not found
nic #
 ../../pluto/bin/ipsec-look.sh
nic #
 # you should see both RSA and NULL
nic #
 grep IKEv2_AUTH_ /tmp/pluto.log
grep: /tmp/pluto.log: No such file or directory
nic #
nic #
 ../bin/check-for-core.sh
nic #
 if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi