--- road.console.txt	2019-08-24 18:12:56.297673079 +0000
+++ OUTPUT/road.console.txt	2019-08-26 13:17:54.956191534 +0000
@@ -44,6 +44,10 @@
 4 packets transmitted, 4 received, 0% packet loss, time XXXX
 rtt min/avg/max/mdev = 0.XXX/0.XXX/0.XXX/0.XXX ms
 road #
+ ipsec status | grep "STATE_"
+000 #1: "private-or-clear#192.1.2.0/24"[1] ...192.1.2.23:500 STATE_PARENT_I3 (PARENT SA established); EVENT_SA_REKEY in XXs; newest ISAKMP; idle;
+000 #2: "private-or-clear#192.1.2.0/24"[1] ...192.1.2.23:500 STATE_V2_IPSEC_I (IPsec SA established); EVENT_SA_REKEY in XXs; newest IPSEC; eroute owner; isakmp#1; idle;
+road #
  sleep 20
 road #
  ping -n -c 4 -I 192.1.3.209 192.1.2.23
@@ -80,20 +84,27 @@
 4 packets transmitted, 4 received, 0% packet loss, time XXXX
 rtt min/avg/max/mdev = 0.XXX/0.XXX/0.XXX/0.XXX ms
 road #
- ipsec whack --trafficstatus
-006 #2: "private-or-clear#192.1.2.0/24"[1] ...192.1.2.23, type=ESP, add_time=1234567890, inBytes=1596, outBytes=1596, id='ID_NULL'
+ #parent state must be #3
+road #
+ grep "STATE_" OUTPUT/road.console.verbose.txt
 road #
+ ipsec status | grep "STATE_"
+000 #1: "private-or-clear#192.1.2.0/24"[1] ...192.1.2.23:500 STATE_PARENT_I3 (PARENT SA established); EVENT_SA_REKEY in XXs; newest ISAKMP; idle;
+000 #2: "private-or-clear#192.1.2.0/24"[1] ...192.1.2.23:500 STATE_V2_IPSEC_I (IPsec SA established); EVENT_SA_REKEY in XXs; newest IPSEC; eroute owner; isakmp#1; idle;
+road #
+ grep "STATE_" OUTPUT/road.console.verbose.txt
+ipsec whack --trafficstatus
  ipsec whack --shuntstatus
-000 Bare Shunt list:
-000  
 road #
- killall ip > /dev/null 2> /dev/null
+ whack: is Pluto running?  connect() for "/run/pluto/pluto.ctl" failed (111 Connection refused)
 road #
+ killall ip > /dev/null 2> /dev/null
  echo done
-done
+whack: is Pluto running?  connect() for "/run/pluto/pluto.ctl" failed (111 Connection refused)
 road #
  ../../pluto/bin/ipsec-look.sh
 road NOW
+ipsec auto --status
 XFRM state:
 src 192.1.2.23 dst 192.1.3.209
 	proto esp spi 0xSPISPI reqid REQID mode tunnel
@@ -158,8 +169,10 @@
 Certificate Nickname                                         Trust Attributes
                                                              SSL,S/MIME,JAR/XPI
 road #
+ : ==== tuc ====
 road #
- ../bin/check-for-core.sh
+ whack: is Pluto running?  connect() for "/run/pluto/pluto.ctl" failed (111 Connection refused)
 road #
+ ../bin/check-for-core.sh
  if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi