/testing/guestbin/swan-prep
west #
 ipsec start
Redirecting to: [initsystem]
west #
 /testing/pluto/bin/wait-until-pluto-started
west #
 echo "initdone"
initdone
west #
 # wait for east to initiate to us
west #
 sleep 30
west #
 ipsec whack --trafficstatus
006 #2: "west-east-auto", type=ESP, add_time=1234567890, inBytes=0, outBytes=0, id='@east'
west #
 # use delete, not down - because east has auto=start
west #
 ipsec auto --delete west-east-auto
002 "west-east-auto": terminating SAs using this connection
002 "west-east-auto" #2: deleting state (STATE_V2_IPSEC_R) and sending notification
005 "west-east-auto" #2: ESP traffic information: in=0B out=0B
002 "west-east-auto" #1: deleting state (STATE_PARENT_R2) and sending notification
west #
 # give Delete/Notify some time
west #
 sleep 5
west #
 # no IPsec SA should be there. No ISAKMP SA should be there either
west #
 ipsec whack --trafficstatus
west #
 ipsec status |grep west-east
west #
 echo done
done
west #
 # There should be no established IKE SA and no established IPsec SA
west #
 ipsec whack --trafficstatus
west #
 # only on east, pluto should be attempting to connect to west because it has auto=start
west #
 ipsec status |grep STATE_
west #
 # confirm the revive conn code triggered
west #
 hostname | grep east > /dev/null && grep -e 'but must remain up per local policy' -e '^[^|].*EVENT_REVIVE_CONNS' /tmp/pluto.log
west #
west #
 ../bin/check-for-core.sh
west #
 if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi