/testing/guestbin/swan-prep
west #
 ipsec start
Redirecting to: [initsystem]
west #
 /testing/pluto/bin/wait-until-pluto-started
west #
 echo "initdone"
initdone
west #
 # wait for east to initiate to us
west #
 sleep 30
west #
 ipsec whack --trafficstatus
006 #3: "west-east-auto", type=ESP, add_time=1234567890, inBytes=0, outBytes=0, id='@east'
006 #2: "west-east-auto2", type=ESP, add_time=1234567890, inBytes=0, outBytes=0, id='@east'
west #
 # delete instead of down so it won't re-establish due to east auto=start
west #
 ipsec auto --delete west-east-auto
002 "west-east-auto": terminating SAs using this connection
002 "west-east-auto" #3: deleting state (STATE_QUICK_R2) and sending notification
005 "west-east-auto" #3: ESP traffic information: in=0B out=0B
west #
 sleep 2
west #
 # We should still have the ISAKMP SA for west-east-auto2
west #
 ipsec status |grep west-east | grep STATE_
000 #1: "west-east-auto2":500 STATE_MAIN_R3 (sent MR3, ISAKMP SA established); EVENT_SA_REPLACE in XXs; newest ISAKMP; lastdpd=-1s(seq in:0 out:0); idle;
000 #2: "west-east-auto2":500 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_REPLACE in XXs; newest IPSEC; eroute owner; isakmp#1; idle;
west #
 # one IPsec SA should be up and one ISAKMP SA should be there
west #
 # on west no other states should be there, but on east there
west #
 # should be an attempt for the deleted IPsec SA to be restarted
west #
 ipsec whack --trafficstatus
006 #2: "west-east-auto2", type=ESP, add_time=1234567890, inBytes=0, outBytes=0, id='@east'
west #
 ipsec status |grep west-east |grep STATE_
000 #1: "west-east-auto2":500 STATE_MAIN_R3 (sent MR3, ISAKMP SA established); EVENT_SA_REPLACE in XXs; newest ISAKMP; lastdpd=-1s(seq in:0 out:0); idle;
000 #2: "west-east-auto2":500 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_REPLACE in XXs; newest IPSEC; eroute owner; isakmp#1; idle;
west #
west #
 ../bin/check-for-core.sh
west #
 if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi