/testing/guestbin/swan-prep --x509 Preparing X.509 files kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-hostpair-03-initial-contact\[root@east ikev2-hostpair-03-initial-contact]# # confirm that the network is alive kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-hostpair-03-initial-contact\[root@east ikev2-hostpair-03-initial-contact]# ipsec start Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Redirecting to: /etc/init.d/ipsec start Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Starting pluto IKE daemon for IPsec: kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-hostpair-03-initial-contact\[root@east ikev2-hostpair-03-initial-contact]# /testing/pluto/bin/wait-until-pluto-started kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-hostpair-03-initial-contact\[root@east ikev2-hostpair-03-initial-contact]# ipsec auto --add roadnet-eastnet-ipv4-psk-ikev2 002 added connection description "roadnet-eastnet-ipv4-psk-ikev2" kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-hostpair-03-initial-contact\[root@east ikev2-hostpair-03-initial-contact]# echo "initdone" initdone kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-hostpair-03-initial-contact\[root@east ikev2-hostpair-03-initial-contact]# ipsec status | grep STATE_ 000 #7: "roadnet-eastnet-ipv4-psk-ikev2"[1] 192.1.2.254:4500 STATE_PARENT_R2 (received v2I2, PARENT SA established); EVENT_SA_REKEY in 3326s; newest ISAKMP; idle; 000 #8: "roadnet-eastnet-ipv4-psk-ikev2"[1] 192.1.2.254:4500 STATE_V2_IPSEC_R (IPsec SA established); EVENT_SA_REKEY in 28526s; newest IPSEC; eroute owner; isakmp#7; idle; kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-hostpair-03-initial-contact\[root@east ikev2-hostpair-03-initial-contact]# ip xfrm policy src 192.1.2.23/32 dst 192.0.2.1/32 dir out priority 1040351 ptype main tmpl src 192.1.2.23 dst 192.1.2.254 proto esp reqid 16393 mode tunnel src 192.0.2.1/32 dst 192.1.2.23/32 dir fwd priority 1040351 ptype main tmpl src 192.1.2.254 dst 192.1.2.23 proto esp reqid 16393 mode tunnel src 192.0.2.1/32 dst 192.1.2.23/32 dir in priority 1040351 ptype main tmpl src 192.1.2.254 dst 192.1.2.23 proto esp reqid 16393 mode tunnel src 0.0.0.0/0 dst 0.0.0.0/0 socket out priority 0 ptype main src 0.0.0.0/0 dst 0.0.0.0/0 socket in priority 0 ptype main src 0.0.0.0/0 dst 0.0.0.0/0 socket out priority 0 ptype main src 0.0.0.0/0 dst 0.0.0.0/0 socket in priority 0 ptype main src 0.0.0.0/0 dst 0.0.0.0/0 socket out priority 0 ptype main src 0.0.0.0/0 dst 0.0.0.0/0 socket in priority 0 ptype main src 0.0.0.0/0 dst 0.0.0.0/0 socket out priority 0 ptype main src 0.0.0.0/0 dst 0.0.0.0/0 socket in priority 0 ptype main src 0.0.0.0/0 dst 0.0.0.0/0 socket out priority 0 ptype main src 0.0.0.0/0 dst 0.0.0.0/0 socket in priority 0 ptype main src 0.0.0.0/0 dst 0.0.0.0/0 socket out priority 0 ptype main src 0.0.0.0/0 dst 0.0.0.0/0 socket in priority 0 ptype main kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-hostpair-03-initial-contact\[root@east ikev2-hostpair-03-initial-contact]# : ==== cut ==== kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-hostpair-03-initial-contact\[root@east ikev2-hostpair-03-initial-contact]# : ==== tuc ==== kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-hostpair-03-initial-contact\[root@east ikev2-hostpair-03-initial-contact]# ../bin/check-for-core.sh kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-hostpair-03-initial-contact\[root@east ikev2-hostpair-03-initial-contact]# if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi type=AVC msg=audit(1566824781.750:169760): avc: denied { write } for pid=5361 comm="ip" path="/tmp/pluto.log" dev="dm-0" ino=942309374 scontext=unconfined_u:system_r:ifconfig_t:s0 tcontext=unconfined_u:object_r:container_file_t:s0:c718,c778 tclass=file permissive=1 type=AVC msg=audit(1566825293.200:193324): avc: denied { write } for pid=19436 comm="ip" path="/tmp/pluto.log" dev="dm-0" ino=578212285 scontext=unconfined_u:system_r:ifconfig_t:s0 tcontext=unconfined_u:object_r:container_file_t:s0:c718,c778 tclass=file permissive=1 type=AVC msg=audit(1566825293.265:193334): avc: denied { append } for pid=19483 comm="ip" path="/tmp/pluto.log" dev="dm-0" ino=945830558 scontext=unconfined_u:system_r:ifconfig_t:s0 tcontext=unconfined_u:object_r:container_file_t:s0:c718,c778 tclass=file permissive=1 kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-hostpair-03-initial-contact\[root@east ikev2-hostpair-03-initial-contact]# : ==== end ==== kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-hostpair-03-initial-contact\[root@east ikev2-hostpair-03-initial-contact]#