iptables -t nat -F kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-32-nat-rw-rekey\[root@nic ikev2-32-nat-rw-rekey]# iptables -F kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-32-nat-rw-rekey\[root@nic ikev2-32-nat-rw-rekey]# iptables -t nat -L Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain INPUT (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-32-nat-rw-rekey\[root@nic ikev2-32-nat-rw-rekey]# # NAT kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-32-nat-rw-rekey\[root@nic ikev2-32-nat-rw-rekey]# iptables -t nat -A POSTROUTING -s 192.1.3.0/24 -p udp --sport 4500 -j SNAT --to-source 192.1.2.254:3500-3700 kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-32-nat-rw-rekey\[root@nic ikev2-32-nat-rw-rekey]# iptables -t nat -A POSTROUTING -s 192.1.3.0/24 -p udp --sport 500 -j SNAT --to-source 192.1.2.254:2500-2700 kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-32-nat-rw-rekey\[root@nic ikev2-32-nat-rw-rekey]# iptables -t nat -A POSTROUTING --source 192.1.3.0/24 --destination 0.0.0.0/0 -j SNAT --to-source 192.1.2.254 kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-32-nat-rw-rekey\[root@nic ikev2-32-nat-rw-rekey]# iptables -I FORWARD 1 --proto 50 -j DROP kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-32-nat-rw-rekey\[root@nic ikev2-32-nat-rw-rekey]# echo done done kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-32-nat-rw-rekey\[root@nic ikev2-32-nat-rw-rekey]# : ==== end ==== kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-32-nat-rw-rekey\[root@nic ikev2-32-nat-rw-rekey]# ../../pluto/bin/ipsec-look.sh kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-32-nat-rw-rekey\[root@nic ikev2-32-nat-rw-rekey]# : ==== cut ==== kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-32-nat-rw-rekey\[root@nic ikev2-32-nat-rw-rekey]# ipsec auto --status whack: Pluto is not running (no "/run/pluto/pluto.ctl") kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-32-nat-rw-rekey\[root@nic ikev2-32-nat-rw-rekey 33]# >>>>>>>>>>cutnonzeroexit>>>>>>>>>> exit status 33 final.sh 'ipsec auto --status' <<<<<<<<<