iptables -t nat -F
kroot@swantest:/home/build/libreswan/testing/pluto/rawrsaoe-asymmetric-nat\[root@nic rawrsaoe-asymmetric-nat]# iptables -F
kroot@swantest:/home/build/libreswan/testing/pluto/rawrsaoe-asymmetric-nat\[root@nic rawrsaoe-asymmetric-nat]# # NAT to NIC's address
kroot@swantest:/home/build/libreswan/testing/pluto/rawrsaoe-asymmetric-nat\[root@nic rawrsaoe-asymmetric-nat]# # NAT UDP 500,4500 to NICs address with sport
kroot@swantest:/home/build/libreswan/testing/pluto/rawrsaoe-asymmetric-nat\[root@nic rawrsaoe-asymmetric-nat]# iptables -t nat -A POSTROUTING -s 192.1.3.0/24 -p udp --sport 4500  -j SNAT --to-source 192.1.2.254:2500-2700
kroot@swantest:/home/build/libreswan/testing/pluto/rawrsaoe-asymmetric-nat\[root@nic rawrsaoe-asymmetric-nat]# iptables -t nat -A POSTROUTING -s 192.1.3.0/24 -p udp --sport 500  -j SNAT --to-source 192.1.2.254:3500-3700
kroot@swantest:/home/build/libreswan/testing/pluto/rawrsaoe-asymmetric-nat\[root@nic rawrsaoe-asymmetric-nat]# iptables -t nat -A POSTROUTING -s 192.1.3.0/24 -j SNAT --to-source 192.1.2.254
kroot@swantest:/home/build/libreswan/testing/pluto/rawrsaoe-asymmetric-nat\[root@nic rawrsaoe-asymmetric-nat]# echo done
done
kroot@swantest:/home/build/libreswan/testing/pluto/rawrsaoe-asymmetric-nat\[root@nic rawrsaoe-asymmetric-nat]# : ==== end ====
kroot@swantest:/home/build/libreswan/testing/pluto/rawrsaoe-asymmetric-nat\[root@nic rawrsaoe-asymmetric-nat]# # A tunnel should have established with non-zero byte counters
kroot@swantest:/home/build/libreswan/testing/pluto/rawrsaoe-asymmetric-nat\[root@nic rawrsaoe-asymmetric-nat]# grep "negotiated connection" /tmp/pluto.log
kroot@swantest:/home/build/libreswan/testing/pluto/rawrsaoe-asymmetric-nat\[root@nic rawrsaoe-asymmetric-nat 1]# >>>>>>>>>>cutnonzeroexit>>>>>>>>>> exit status 1 final.sh 'grep "negotiated connection" /tmp/pluto.log' <<<<<<<<<<tuc<<<<<<<<<<# you should RSA and NULL
kroot@swantest:/home/build/libreswan/testing/pluto/rawrsaoe-asymmetric-nat\[root@nic rawrsaoe-asymmetric-nat 1]# >>>>>>>>>>cutnonzeroexit>>>>>>>>>> exit status 1 final.sh '# you should RSA and NULL' <<<<<<<<<<tuc<<<<<<<<<<grep IKEv2_AUTH_ /tmp/pluto.log
kroot@swantest:/home/build/libreswan/testing/pluto/rawrsaoe-asymmetric-nat\[root@nic rawrsaoe-asymmetric-nat 1]# >>>>>>>>>>cutnonzeroexit>>>>>>>>>> exit status 1 final.sh 'grep IKEv2_AUTH_ /tmp/pluto.log' <<<<<<<<<<tuc<<<<<<<<<<: ==== cut ====
kroot@swantest:/home/build/libreswan/testing/pluto/rawrsaoe-asymmetric-nat\[root@nic rawrsaoe-asymmetric-nat]# ipsec auto --status
whack: Pluto is not running (no "/run/pluto/pluto.ctl")
kroot@swantest:/home/build/libreswan/testing/pluto/rawrsaoe-asymmetric-nat\[root@nic rawrsaoe-asymmetric-nat 33]# >>>>>>>>>>cutnonzeroexit>>>>>>>>>> exit status 33 final.sh 'ipsec auto --status' <<<<<<<<<<tuc<<<<<<<<<<: ==== tuc ====
kroot@swantest:/home/build/libreswan/testing/pluto/rawrsaoe-asymmetric-nat\[root@nic rawrsaoe-asymmetric-nat]# ../bin/check-for-core.sh
kroot@swantest:/home/build/libreswan/testing/pluto/rawrsaoe-asymmetric-nat\[root@nic rawrsaoe-asymmetric-nat]# if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi
kroot@swantest:/home/build/libreswan/testing/pluto/rawrsaoe-asymmetric-nat\[root@nic rawrsaoe-asymmetric-nat 1]# >>>>>>>>>>cutnonzeroexit>>>>>>>>>> exit status 1 final.sh 'if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi' <<<<<<<<<<tuc<<<<<<<<<<: ==== end ====
kroot@swantest:/home/build/libreswan/testing/pluto/rawrsaoe-asymmetric-nat\[root@nic rawrsaoe-asymmetric-nat]#