/testing/guestbin/swan-prep
west #
 ipsec start
Redirecting to: [initsystem]
west #
 /testing/pluto/bin/wait-until-pluto-started
west #
 echo "initdone"
initdone
west #
 # wait for east to initiate to us
west #
 sleep 30
west #
 ipsec whack --trafficstatus
whack: is Pluto running?  connect() for "/run/pluto/pluto.ctl" failed (111 Connection refused)
west #
 # use delete, not down - because east has auto=start
west #
 ipsec auto --delete west-east-auto
whack: is Pluto running?  connect() for "/run/pluto/pluto.ctl" failed (111 Connection refused)
west #
 # give Delete/Notify some time
west #
 sleep 5
west #
 # no IPsec SA should be there. No ISAKMP SA should be there either
west #
 ipsec whack --trafficstatus
whack: is Pluto running?  connect() for "/run/pluto/pluto.ctl" failed (111 Connection refused)
west #
 ipsec status |grep west-east
whack: is Pluto running?  connect() for "/run/pluto/pluto.ctl" failed (111 Connection refused)
west #
 echo done
done
west #
 # There should be no established IKE SA and no established IPsec SA
west #
 ipsec whack --trafficstatus
whack: is Pluto running?  connect() for "/run/pluto/pluto.ctl" failed (111 Connection refused)
west #
 # only on east, pluto should be attempting to connect to west because it has auto=start
west #
 ipsec status |grep STATE_
whack: is Pluto running?  connect() for "/run/pluto/pluto.ctl" failed (111 Connection refused)
west #
 # confirm the revive conn code triggered
west #
 hostname | grep east > /dev/null && grep -e 'but must remain up per local policy' -e '^[^|].*EVENT_REVIVE_CONNS' /tmp/pluto.log
west #
west #
 ../bin/check-for-core.sh
west #
 if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi