Aug 26 18:23:55.734520: FIPS Product: YES Aug 26 18:23:55.734651: FIPS Kernel: NO Aug 26 18:23:55.734656: FIPS Mode: NO Aug 26 18:23:55.734659: NSS DB directory: sql:/etc/ipsec.d Aug 26 18:23:55.734821: Initializing NSS Aug 26 18:23:55.734830: Opening NSS database "sql:/etc/ipsec.d" read-only Aug 26 18:23:55.791875: NSS initialized Aug 26 18:23:55.791895: NSS crypto library initialized Aug 26 18:23:55.791898: FIPS HMAC integrity support [enabled] Aug 26 18:23:55.791900: FIPS mode disabled for pluto daemon Aug 26 18:23:55.857492: FIPS HMAC integrity verification self-test FAILED Aug 26 18:23:55.862264: libcap-ng support [enabled] Aug 26 18:23:55.862330: Linux audit support [enabled] Aug 26 18:23:55.862707: Linux audit activated Aug 26 18:23:55.862718: Starting Pluto (Libreswan Version v3.28-685-gbfd5aef521-master-s2 XFRM(netkey) esp-hw-offload FORK PTHREAD_SETSCHEDPRIO NSS (IPsec profile) DNSSEC FIPS_CHECK LABELED_IPSEC SECCOMP LIBCAP_NG LINUX_AUDIT XAUTH_PAM NETWORKMANAGER CURL(non-NSS)) pid:23536 Aug 26 18:23:55.862722: core dump dir: /tmp Aug 26 18:23:55.862723: secrets file: /etc/ipsec.secrets Aug 26 18:23:55.862725: leak-detective enabled Aug 26 18:23:55.862726: NSS crypto [enabled] Aug 26 18:23:55.862728: XAUTH PAM support [enabled] Aug 26 18:23:55.862785: | libevent is using pluto's memory allocator Aug 26 18:23:55.862791: Initializing libevent in pthreads mode: headers: 2.1.8-stable (2010800); library: 2.1.8-stable (2010800) Aug 26 18:23:55.862804: | libevent_malloc: new ptr-libevent@0x559accf7a178 size 40 Aug 26 18:23:55.862810: | libevent_malloc: new ptr-libevent@0x559accf7ecd8 size 40 Aug 26 18:23:55.862812: | libevent_malloc: new ptr-libevent@0x559accf7edd8 size 40 Aug 26 18:23:55.862814: | creating event base Aug 26 18:23:55.862816: | libevent_malloc: new ptr-libevent@0x559acd001308 size 56 Aug 26 18:23:55.862820: | libevent_malloc: new ptr-libevent@0x559accfade48 size 664 Aug 26 18:23:55.862829: | libevent_malloc: new ptr-libevent@0x559acd001378 size 24 Aug 26 18:23:55.862831: | libevent_malloc: new ptr-libevent@0x559acd0013c8 size 384 Aug 26 18:23:55.862838: | libevent_malloc: new ptr-libevent@0x559acd0012c8 size 16 Aug 26 18:23:55.862840: | libevent_malloc: new ptr-libevent@0x559accf7e908 size 40 Aug 26 18:23:55.862842: | libevent_malloc: new ptr-libevent@0x559accf7ed38 size 48 Aug 26 18:23:55.862846: | libevent_realloc: new ptr-libevent@0x559accfadad8 size 256 Aug 26 18:23:55.862848: | libevent_malloc: new ptr-libevent@0x559acd001578 size 16 Aug 26 18:23:55.862852: | libevent_free: release ptr-libevent@0x559acd001308 Aug 26 18:23:55.862855: | libevent initialized Aug 26 18:23:55.862858: | libevent_realloc: new ptr-libevent@0x559acd001308 size 64 Aug 26 18:23:55.862863: | global periodic timer EVENT_RESET_LOG_RATE_LIMIT enabled with interval of 3600 seconds Aug 26 18:23:55.862875: | init_nat_traversal() initialized with keep_alive=0s Aug 26 18:23:55.862877: NAT-Traversal support [enabled] Aug 26 18:23:55.862879: | global one-shot timer EVENT_NAT_T_KEEPALIVE initialized Aug 26 18:23:55.862884: | global one-shot timer EVENT_FREE_ROOT_CERTS initialized Aug 26 18:23:55.862886: | global periodic timer EVENT_REINIT_SECRET enabled with interval of 3600 seconds Aug 26 18:23:55.862914: | global one-shot timer EVENT_REVIVE_CONNS initialized Aug 26 18:23:55.862917: | global periodic timer EVENT_PENDING_DDNS enabled with interval of 60 seconds Aug 26 18:23:55.862919: | global periodic timer EVENT_PENDING_PHASE2 enabled with interval of 120 seconds Aug 26 18:23:55.862953: Encryption algorithms: Aug 26 18:23:55.862960: AES_CCM_16 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm, aes_ccm_c Aug 26 18:23:55.862963: AES_CCM_12 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_b Aug 26 18:23:55.862965: AES_CCM_8 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_a Aug 26 18:23:55.862968: 3DES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS [*192] 3des Aug 26 18:23:55.862970: CAMELLIA_CTR IKEv1: ESP IKEv2: ESP {256,192,*128} Aug 26 18:23:55.862979: CAMELLIA_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} camellia Aug 26 18:23:55.862982: AES_GCM_16 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm, aes_gcm_c Aug 26 18:23:55.862984: AES_GCM_12 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_b Aug 26 18:23:55.862986: AES_GCM_8 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_a Aug 26 18:23:55.862989: AES_CTR IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aesctr Aug 26 18:23:55.862991: AES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aes Aug 26 18:23:55.862993: SERPENT_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} serpent Aug 26 18:23:55.862996: TWOFISH_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} twofish Aug 26 18:23:55.862998: TWOFISH_SSH IKEv1: IKE IKEv2: IKE ESP {256,192,*128} twofish_cbc_ssh Aug 26 18:23:55.863001: NULL_AUTH_AES_GMAC IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_gmac Aug 26 18:23:55.863003: NULL IKEv1: ESP IKEv2: ESP [] Aug 26 18:23:55.863005: CHACHA20_POLY1305 IKEv1: IKEv2: IKE ESP [*256] chacha20poly1305 Aug 26 18:23:55.863009: Hash algorithms: Aug 26 18:23:55.863011: MD5 IKEv1: IKE IKEv2: Aug 26 18:23:55.863014: SHA1 IKEv1: IKE IKEv2: FIPS sha Aug 26 18:23:55.863016: SHA2_256 IKEv1: IKE IKEv2: FIPS sha2, sha256 Aug 26 18:23:55.863018: SHA2_384 IKEv1: IKE IKEv2: FIPS sha384 Aug 26 18:23:55.863020: SHA2_512 IKEv1: IKE IKEv2: FIPS sha512 Aug 26 18:23:55.863029: PRF algorithms: Aug 26 18:23:55.863031: HMAC_MD5 IKEv1: IKE IKEv2: IKE md5 Aug 26 18:23:55.863033: HMAC_SHA1 IKEv1: IKE IKEv2: IKE FIPS sha, sha1 Aug 26 18:23:55.863035: HMAC_SHA2_256 IKEv1: IKE IKEv2: IKE FIPS sha2, sha256, sha2_256 Aug 26 18:23:55.863037: HMAC_SHA2_384 IKEv1: IKE IKEv2: IKE FIPS sha384, sha2_384 Aug 26 18:23:55.863039: HMAC_SHA2_512 IKEv1: IKE IKEv2: IKE FIPS sha512, sha2_512 Aug 26 18:23:55.863041: AES_XCBC IKEv1: IKEv2: IKE aes128_xcbc Aug 26 18:23:55.863058: Integrity algorithms: Aug 26 18:23:55.863060: HMAC_MD5_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH md5, hmac_md5 Aug 26 18:23:55.863063: HMAC_SHA1_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha, sha1, sha1_96, hmac_sha1 Aug 26 18:23:55.863065: HMAC_SHA2_512_256 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha512, sha2_512, sha2_512_256, hmac_sha2_512 Aug 26 18:23:55.863068: HMAC_SHA2_384_192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha384, sha2_384, sha2_384_192, hmac_sha2_384 Aug 26 18:23:55.863070: HMAC_SHA2_256_128 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha2, sha256, sha2_256, sha2_256_128, hmac_sha2_256 Aug 26 18:23:55.863072: HMAC_SHA2_256_TRUNCBUG IKEv1: ESP AH IKEv2: AH Aug 26 18:23:55.863075: AES_XCBC_96 IKEv1: ESP AH IKEv2: IKE ESP AH aes_xcbc, aes128_xcbc, aes128_xcbc_96 Aug 26 18:23:55.863077: AES_CMAC_96 IKEv1: ESP AH IKEv2: ESP AH FIPS aes_cmac Aug 26 18:23:55.863079: NONE IKEv1: ESP IKEv2: IKE ESP FIPS null Aug 26 18:23:55.863087: DH algorithms: Aug 26 18:23:55.863089: NONE IKEv1: IKEv2: IKE ESP AH FIPS null, dh0 Aug 26 18:23:55.863091: MODP1536 IKEv1: IKE ESP AH IKEv2: IKE ESP AH dh5 Aug 26 18:23:55.863093: MODP2048 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh14 Aug 26 18:23:55.863097: MODP3072 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh15 Aug 26 18:23:55.863099: MODP4096 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh16 Aug 26 18:23:55.863101: MODP6144 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh17 Aug 26 18:23:55.863103: MODP8192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh18 Aug 26 18:23:55.863105: DH19 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_256, ecp256 Aug 26 18:23:55.863107: DH20 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_384, ecp384 Aug 26 18:23:55.863109: DH21 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_521, ecp521 Aug 26 18:23:55.863111: DH31 IKEv1: IKE IKEv2: IKE ESP AH curve25519 Aug 26 18:23:55.863113: testing CAMELLIA_CBC: Aug 26 18:23:55.863115: Camellia: 16 bytes with 128-bit key Aug 26 18:23:55.863234: Camellia: 16 bytes with 128-bit key Aug 26 18:23:55.863263: Camellia: 16 bytes with 256-bit key Aug 26 18:23:55.863299: Camellia: 16 bytes with 256-bit key Aug 26 18:23:55.863333: testing AES_GCM_16: Aug 26 18:23:55.863338: empty string Aug 26 18:23:55.863368: one block Aug 26 18:23:55.863398: two blocks Aug 26 18:23:55.863424: two blocks with associated data Aug 26 18:23:55.863452: testing AES_CTR: Aug 26 18:23:55.863456: Encrypting 16 octets using AES-CTR with 128-bit key Aug 26 18:23:55.863485: Encrypting 32 octets using AES-CTR with 128-bit key Aug 26 18:23:55.863514: Encrypting 36 octets using AES-CTR with 128-bit key Aug 26 18:23:55.863543: Encrypting 16 octets using AES-CTR with 192-bit key Aug 26 18:23:55.863570: Encrypting 32 octets using AES-CTR with 192-bit key Aug 26 18:23:55.863598: Encrypting 36 octets using AES-CTR with 192-bit key Aug 26 18:23:55.863626: Encrypting 16 octets using AES-CTR with 256-bit key Aug 26 18:23:55.863653: Encrypting 32 octets using AES-CTR with 256-bit key Aug 26 18:23:55.863682: Encrypting 36 octets using AES-CTR with 256-bit key Aug 26 18:23:55.863713: testing AES_CBC: Aug 26 18:23:55.863718: Encrypting 16 bytes (1 block) using AES-CBC with 128-bit key Aug 26 18:23:55.863750: Encrypting 32 bytes (2 blocks) using AES-CBC with 128-bit key Aug 26 18:23:55.863784: Encrypting 48 bytes (3 blocks) using AES-CBC with 128-bit key Aug 26 18:23:55.863816: Encrypting 64 bytes (4 blocks) using AES-CBC with 128-bit key Aug 26 18:23:55.863855: testing AES_XCBC: Aug 26 18:23:55.863859: RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input Aug 26 18:23:55.863985: RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input Aug 26 18:23:55.864123: RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input Aug 26 18:23:55.864261: RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input Aug 26 18:23:55.864408: RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input Aug 26 18:23:55.864541: RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input Aug 26 18:23:55.864676: RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input Aug 26 18:23:55.864963: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16) Aug 26 18:23:55.865100: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10) Aug 26 18:23:55.865249: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18) Aug 26 18:23:55.865517: testing HMAC_MD5: Aug 26 18:23:55.865529: RFC 2104: MD5_HMAC test 1 Aug 26 18:23:55.865716: RFC 2104: MD5_HMAC test 2 Aug 26 18:23:55.865878: RFC 2104: MD5_HMAC test 3 Aug 26 18:23:55.866075: 8 CPU cores online Aug 26 18:23:55.866082: starting up 7 crypto helpers Aug 26 18:23:55.866121: started thread for crypto helper 0 Aug 26 18:23:55.866126: | starting up helper thread 0 Aug 26 18:23:55.866144: | status value returned by setting the priority of this thread (crypto helper 0) 22 Aug 26 18:23:55.866148: | crypto helper 0 waiting (nothing to do) Aug 26 18:23:55.866192: started thread for crypto helper 1 Aug 26 18:23:55.866197: | starting up helper thread 1 Aug 26 18:23:55.866213: | status value returned by setting the priority of this thread (crypto helper 1) 22 Aug 26 18:23:55.866216: | crypto helper 1 waiting (nothing to do) Aug 26 18:23:55.866224: started thread for crypto helper 2 Aug 26 18:23:55.866226: | starting up helper thread 2 Aug 26 18:23:55.866232: | status value returned by setting the priority of this thread (crypto helper 2) 22 Aug 26 18:23:55.866235: | crypto helper 2 waiting (nothing to do) Aug 26 18:23:55.866247: started thread for crypto helper 3 Aug 26 18:23:55.866249: | starting up helper thread 3 Aug 26 18:23:55.866255: | status value returned by setting the priority of this thread (crypto helper 3) 22 Aug 26 18:23:55.866258: | crypto helper 3 waiting (nothing to do) Aug 26 18:23:55.866267: started thread for crypto helper 4 Aug 26 18:23:55.866268: | starting up helper thread 4 Aug 26 18:23:55.866274: | status value returned by setting the priority of this thread (crypto helper 4) 22 Aug 26 18:23:55.866277: | crypto helper 4 waiting (nothing to do) Aug 26 18:23:55.866284: started thread for crypto helper 5 Aug 26 18:23:55.866319: started thread for crypto helper 6 Aug 26 18:23:55.866336: | checking IKEv1 state table Aug 26 18:23:55.866344: | MAIN_R0: category: half-open IKE SA flags: 0: Aug 26 18:23:55.866347: | -> MAIN_R1 EVENT_SO_DISCARD Aug 26 18:23:55.866350: | MAIN_I1: category: half-open IKE SA flags: 0: Aug 26 18:23:55.866353: | -> MAIN_I2 EVENT_RETRANSMIT Aug 26 18:23:55.866356: | MAIN_R1: category: open IKE SA flags: 200: Aug 26 18:23:55.866358: | -> MAIN_R2 EVENT_RETRANSMIT Aug 26 18:23:55.866361: | -> UNDEFINED EVENT_RETRANSMIT Aug 26 18:23:55.866363: | -> UNDEFINED EVENT_RETRANSMIT Aug 26 18:23:55.866367: | MAIN_I2: category: open IKE SA flags: 0: Aug 26 18:23:55.866369: | -> MAIN_I3 EVENT_RETRANSMIT Aug 26 18:23:55.866372: | -> UNDEFINED EVENT_RETRANSMIT Aug 26 18:23:55.866374: | -> UNDEFINED EVENT_RETRANSMIT Aug 26 18:23:55.866377: | MAIN_R2: category: open IKE SA flags: 0: Aug 26 18:23:55.866380: | -> MAIN_R3 EVENT_SA_REPLACE Aug 26 18:23:55.866382: | -> MAIN_R3 EVENT_SA_REPLACE Aug 26 18:23:55.866385: | -> UNDEFINED EVENT_SA_REPLACE Aug 26 18:23:55.866387: | MAIN_I3: category: open IKE SA flags: 0: Aug 26 18:23:55.866390: | -> MAIN_I4 EVENT_SA_REPLACE Aug 26 18:23:55.866392: | -> MAIN_I4 EVENT_SA_REPLACE Aug 26 18:23:55.866395: | -> UNDEFINED EVENT_SA_REPLACE Aug 26 18:23:55.866398: | MAIN_R3: category: established IKE SA flags: 200: Aug 26 18:23:55.866400: | -> UNDEFINED EVENT_NULL Aug 26 18:23:55.866403: | MAIN_I4: category: established IKE SA flags: 0: Aug 26 18:23:55.866406: | -> UNDEFINED EVENT_NULL Aug 26 18:23:55.866409: | AGGR_R0: category: half-open IKE SA flags: 0: Aug 26 18:23:55.866411: | -> AGGR_R1 EVENT_SO_DISCARD Aug 26 18:23:55.866414: | AGGR_I1: category: half-open IKE SA flags: 0: Aug 26 18:23:55.866417: | -> AGGR_I2 EVENT_SA_REPLACE Aug 26 18:23:55.866419: | -> AGGR_I2 EVENT_SA_REPLACE Aug 26 18:23:55.866422: | AGGR_R1: category: open IKE SA flags: 200: Aug 26 18:23:55.866425: | -> AGGR_R2 EVENT_SA_REPLACE Aug 26 18:23:55.866427: | -> AGGR_R2 EVENT_SA_REPLACE Aug 26 18:23:55.866430: | AGGR_I2: category: established IKE SA flags: 200: Aug 26 18:23:55.866433: | -> UNDEFINED EVENT_NULL Aug 26 18:23:55.866436: | AGGR_R2: category: established IKE SA flags: 0: Aug 26 18:23:55.866438: | -> UNDEFINED EVENT_NULL Aug 26 18:23:55.866441: | QUICK_R0: category: established CHILD SA flags: 0: Aug 26 18:23:55.866444: | -> QUICK_R1 EVENT_RETRANSMIT Aug 26 18:23:55.866447: | QUICK_I1: category: established CHILD SA flags: 0: Aug 26 18:23:55.866449: | -> QUICK_I2 EVENT_SA_REPLACE Aug 26 18:23:55.866452: | QUICK_R1: category: established CHILD SA flags: 0: Aug 26 18:23:55.866455: | -> QUICK_R2 EVENT_SA_REPLACE Aug 26 18:23:55.866458: | QUICK_I2: category: established CHILD SA flags: 200: Aug 26 18:23:55.866460: | -> UNDEFINED EVENT_NULL Aug 26 18:23:55.866466: | QUICK_R2: category: established CHILD SA flags: 0: Aug 26 18:23:55.866469: | -> UNDEFINED EVENT_NULL Aug 26 18:23:55.866472: | INFO: category: informational flags: 0: Aug 26 18:23:55.866475: | -> UNDEFINED EVENT_NULL Aug 26 18:23:55.866478: | INFO_PROTECTED: category: informational flags: 0: Aug 26 18:23:55.866480: | -> UNDEFINED EVENT_NULL Aug 26 18:23:55.866483: | XAUTH_R0: category: established IKE SA flags: 0: Aug 26 18:23:55.866286: | starting up helper thread 5 Aug 26 18:23:55.866491: | status value returned by setting the priority of this thread (crypto helper 5) 22 Aug 26 18:23:55.866493: | crypto helper 5 waiting (nothing to do) Aug 26 18:23:55.866485: | -> XAUTH_R1 EVENT_NULL Aug 26 18:23:55.866503: | XAUTH_R1: category: established IKE SA flags: 0: Aug 26 18:23:55.866506: | -> MAIN_R3 EVENT_SA_REPLACE Aug 26 18:23:55.866510: | MODE_CFG_R0: category: informational flags: 0: Aug 26 18:23:55.866512: | -> MODE_CFG_R1 EVENT_SA_REPLACE Aug 26 18:23:55.866515: | MODE_CFG_R1: category: established IKE SA flags: 0: Aug 26 18:23:55.866518: | -> MODE_CFG_R2 EVENT_SA_REPLACE Aug 26 18:23:55.866521: | MODE_CFG_R2: category: established IKE SA flags: 0: Aug 26 18:23:55.866523: | -> UNDEFINED EVENT_NULL Aug 26 18:23:55.866526: | MODE_CFG_I1: category: established IKE SA flags: 0: Aug 26 18:23:55.866529: | -> MAIN_I4 EVENT_SA_REPLACE Aug 26 18:23:55.866532: | XAUTH_I0: category: established IKE SA flags: 0: Aug 26 18:23:55.866534: | -> XAUTH_I1 EVENT_RETRANSMIT Aug 26 18:23:55.866537: | XAUTH_I1: category: established IKE SA flags: 0: Aug 26 18:23:55.866540: | -> MAIN_I4 EVENT_RETRANSMIT Aug 26 18:23:55.866546: | checking IKEv2 state table Aug 26 18:23:55.866553: | PARENT_I0: category: ignore flags: 0: Aug 26 18:23:55.866556: | -> PARENT_I1 EVENT_RETRANSMIT send-request (initiate IKE_SA_INIT) Aug 26 18:23:55.866559: | PARENT_I1: category: half-open IKE SA flags: 0: Aug 26 18:23:55.866562: | -> PARENT_I1 EVENT_RETAIN send-request (Initiator: process SA_INIT reply notification) Aug 26 18:23:55.866565: | -> PARENT_I2 EVENT_RETRANSMIT send-request (Initiator: process IKE_SA_INIT reply, initiate IKE_AUTH) Aug 26 18:23:55.866568: | PARENT_I2: category: open IKE SA flags: 0: Aug 26 18:23:55.866571: | -> PARENT_I2 EVENT_NULL (Initiator: process INVALID_SYNTAX AUTH notification) Aug 26 18:23:55.866574: | -> PARENT_I2 EVENT_NULL (Initiator: process AUTHENTICATION_FAILED AUTH notification) Aug 26 18:23:55.866577: | -> PARENT_I2 EVENT_NULL (Initiator: process UNSUPPORTED_CRITICAL_PAYLOAD AUTH notification) Aug 26 18:23:55.866580: | -> V2_IPSEC_I EVENT_SA_REPLACE (Initiator: process IKE_AUTH response) Aug 26 18:23:55.866583: | -> PARENT_I2 EVENT_NULL (IKE SA: process IKE_AUTH response containing unknown notification) Aug 26 18:23:55.866586: | PARENT_I3: category: established IKE SA flags: 0: Aug 26 18:23:55.866589: | -> PARENT_I3 EVENT_RETAIN (I3: Informational Request) Aug 26 18:23:55.866592: | -> PARENT_I3 EVENT_RETAIN (I3: Informational Response) Aug 26 18:23:55.866594: | -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Request) Aug 26 18:23:55.866597: | -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Response) Aug 26 18:23:55.866600: | PARENT_R0: category: half-open IKE SA flags: 0: Aug 26 18:23:55.866603: | -> PARENT_R1 EVENT_SO_DISCARD send-request (Respond to IKE_SA_INIT) Aug 26 18:23:55.866605: | PARENT_R1: category: half-open IKE SA flags: 0: Aug 26 18:23:55.866608: | -> PARENT_R1 EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request (no SKEYSEED)) Aug 26 18:23:55.866610: | -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request) Aug 26 18:23:55.866613: | PARENT_R2: category: established IKE SA flags: 0: Aug 26 18:23:55.866615: | -> PARENT_R2 EVENT_RETAIN (R2: process Informational Request) Aug 26 18:23:55.866618: | -> PARENT_R2 EVENT_RETAIN (R2: process Informational Response) Aug 26 18:23:55.866621: | -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Request) Aug 26 18:23:55.866628: | -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Response) Aug 26 18:23:55.866632: | V2_CREATE_I0: category: established IKE SA flags: 0: Aug 26 18:23:55.866636: | -> V2_CREATE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec SA) Aug 26 18:23:55.866640: | V2_CREATE_I: category: established IKE SA flags: 0: Aug 26 18:23:55.866643: | -> V2_IPSEC_I EVENT_SA_REPLACE (Process CREATE_CHILD_SA IPsec SA Response) Aug 26 18:23:55.866647: | V2_REKEY_IKE_I0: category: established IKE SA flags: 0: Aug 26 18:23:55.866650: | -> V2_REKEY_IKE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IKE Rekey) Aug 26 18:23:55.866654: | V2_REKEY_IKE_I: category: established IKE SA flags: 0: Aug 26 18:23:55.866657: | -> PARENT_I3 EVENT_SA_REPLACE (Process CREATE_CHILD_SA IKE Rekey Response) Aug 26 18:23:55.866661: | V2_REKEY_CHILD_I0: category: established IKE SA flags: 0: Aug 26 18:23:55.866664: | -> V2_REKEY_CHILD_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec Rekey SA) Aug 26 18:23:55.866668: | V2_REKEY_CHILD_I: category: established IKE SA flags: 0: Aug 26 18:23:55.866671: | V2_CREATE_R: category: established IKE SA flags: 0: Aug 26 18:23:55.866675: | -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IPsec SA Request) Aug 26 18:23:55.866678: | V2_REKEY_IKE_R: category: established IKE SA flags: 0: Aug 26 18:23:55.866682: | -> PARENT_R2 EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IKE Rekey) Aug 26 18:23:55.866685: | V2_REKEY_CHILD_R: category: established IKE SA flags: 0: Aug 26 18:23:55.866689: | V2_IPSEC_I: category: established CHILD SA flags: 0: Aug 26 18:23:55.866693: | V2_IPSEC_R: category: established CHILD SA flags: 0: Aug 26 18:23:55.866696: | IKESA_DEL: category: established IKE SA flags: 0: Aug 26 18:23:55.866700: | -> IKESA_DEL EVENT_RETAIN (IKE_SA_DEL: process INFORMATIONAL) Aug 26 18:23:55.866703: | CHILDSA_DEL: category: informational flags: 0: Aug 26 18:23:55.866729: Using Linux XFRM/NETKEY IPsec interface code on 5.1.18-200.fc29.x86_64 Aug 26 18:23:55.866795: | Hard-wiring algorithms Aug 26 18:23:55.866800: | adding AES_CCM_16 to kernel algorithm db Aug 26 18:23:55.866804: | adding AES_CCM_12 to kernel algorithm db Aug 26 18:23:55.866807: | adding AES_CCM_8 to kernel algorithm db Aug 26 18:23:55.866810: | adding 3DES_CBC to kernel algorithm db Aug 26 18:23:55.866813: | adding CAMELLIA_CBC to kernel algorithm db Aug 26 18:23:55.866815: | adding AES_GCM_16 to kernel algorithm db Aug 26 18:23:55.866818: | adding AES_GCM_12 to kernel algorithm db Aug 26 18:23:55.866820: | adding AES_GCM_8 to kernel algorithm db Aug 26 18:23:55.866823: | adding AES_CTR to kernel algorithm db Aug 26 18:23:55.866826: | adding AES_CBC to kernel algorithm db Aug 26 18:23:55.866829: | adding SERPENT_CBC to kernel algorithm db Aug 26 18:23:55.866832: | adding TWOFISH_CBC to kernel algorithm db Aug 26 18:23:55.866835: | adding NULL_AUTH_AES_GMAC to kernel algorithm db Aug 26 18:23:55.866838: | adding NULL to kernel algorithm db Aug 26 18:23:55.866840: | adding CHACHA20_POLY1305 to kernel algorithm db Aug 26 18:23:55.866843: | adding HMAC_MD5_96 to kernel algorithm db Aug 26 18:23:55.866846: | adding HMAC_SHA1_96 to kernel algorithm db Aug 26 18:23:55.866849: | adding HMAC_SHA2_512_256 to kernel algorithm db Aug 26 18:23:55.866852: | adding HMAC_SHA2_384_192 to kernel algorithm db Aug 26 18:23:55.866855: | adding HMAC_SHA2_256_128 to kernel algorithm db Aug 26 18:23:55.866858: | adding HMAC_SHA2_256_TRUNCBUG to kernel algorithm db Aug 26 18:23:55.866860: | adding AES_XCBC_96 to kernel algorithm db Aug 26 18:23:55.866863: | adding AES_CMAC_96 to kernel algorithm db Aug 26 18:23:55.866866: | adding NONE to kernel algorithm db Aug 26 18:23:55.866896: | net.ipv6.conf.all.disable_ipv6=1 ignore ipv6 holes Aug 26 18:23:55.866903: | global periodic timer EVENT_SHUNT_SCAN enabled with interval of 20 seconds Aug 26 18:23:55.866906: | setup kernel fd callback Aug 26 18:23:55.866917: | add_fd_read_event_handler: new KERNEL_XRM_FD-pe@0x559acd006b88 Aug 26 18:23:55.866922: | libevent_malloc: new ptr-libevent@0x559accfea3f8 size 128 Aug 26 18:23:55.866925: | libevent_malloc: new ptr-libevent@0x559acd0060e8 size 16 Aug 26 18:23:55.866932: | add_fd_read_event_handler: new KERNEL_ROUTE_FD-pe@0x559acd005fd8 Aug 26 18:23:55.866936: | libevent_malloc: new ptr-libevent@0x559accfb0d48 size 128 Aug 26 18:23:55.866939: | libevent_malloc: new ptr-libevent@0x559acd006ad8 size 16 Aug 26 18:23:55.867178: | global one-shot timer EVENT_CHECK_CRLS initialized Aug 26 18:23:55.867188: selinux support is enabled. Aug 26 18:23:55.868429: | unbound context created - setting debug level to 5 Aug 26 18:23:55.868467: | /etc/hosts lookups activated Aug 26 18:23:55.868483: | /etc/resolv.conf usage activated Aug 26 18:23:55.868546: | outgoing-port-avoid set 0-65535 Aug 26 18:23:55.868575: | outgoing-port-permit set 32768-60999 Aug 26 18:23:55.868579: | Loading dnssec root key from:/var/lib/unbound/root.key Aug 26 18:23:55.868582: | No additional dnssec trust anchors defined via dnssec-trusted= option Aug 26 18:23:55.868586: | Setting up events, loop start Aug 26 18:23:55.868590: | add_fd_read_event_handler: new PLUTO_CTL_FD-pe@0x559acd006b18 Aug 26 18:23:55.868594: | libevent_malloc: new ptr-libevent@0x559acd012dd8 size 128 Aug 26 18:23:55.868598: | libevent_malloc: new ptr-libevent@0x559acd01e0e8 size 16 Aug 26 18:23:55.868606: | libevent_realloc: new ptr-libevent@0x559acd01e128 size 256 Aug 26 18:23:55.868609: | libevent_malloc: new ptr-libevent@0x559acd01e258 size 8 Aug 26 18:23:55.868613: | libevent_realloc: new ptr-libevent@0x559accfb0778 size 144 Aug 26 18:23:55.868616: | libevent_malloc: new ptr-libevent@0x559accfb2028 size 152 Aug 26 18:23:55.868619: | libevent_malloc: new ptr-libevent@0x559acd01e298 size 16 Aug 26 18:23:55.868624: | signal event handler PLUTO_SIGCHLD installed Aug 26 18:23:55.868627: | libevent_malloc: new ptr-libevent@0x559acd01e2d8 size 8 Aug 26 18:23:55.868630: | libevent_malloc: new ptr-libevent@0x559acd01e318 size 152 Aug 26 18:23:55.868633: | signal event handler PLUTO_SIGTERM installed Aug 26 18:23:55.868636: | libevent_malloc: new ptr-libevent@0x559acd01e3e8 size 8 Aug 26 18:23:55.868639: | libevent_malloc: new ptr-libevent@0x559acd01e428 size 152 Aug 26 18:23:55.868642: | signal event handler PLUTO_SIGHUP installed Aug 26 18:23:55.868645: | libevent_malloc: new ptr-libevent@0x559acd01e4f8 size 8 Aug 26 18:23:55.868648: | libevent_realloc: release ptr-libevent@0x559accfb0778 Aug 26 18:23:55.868651: | libevent_realloc: new ptr-libevent@0x559acd01e538 size 256 Aug 26 18:23:55.868654: | libevent_malloc: new ptr-libevent@0x559acd01e668 size 152 Aug 26 18:23:55.868657: | signal event handler PLUTO_SIGSYS installed Aug 26 18:23:55.869017: | created addconn helper (pid:23884) using fork+execve Aug 26 18:23:55.869032: | forked child 23884 Aug 26 18:23:55.869080: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) Aug 26 18:23:55.869098: listening for IKE messages Aug 26 18:23:55.869203: | Inspecting interface lo Aug 26 18:23:55.869211: | found lo with address 127.0.0.1 Aug 26 18:23:55.869214: | Inspecting interface eth0 Aug 26 18:23:55.869218: | found eth0 with address 192.0.1.254 Aug 26 18:23:55.869223: | Inspecting interface eth1 Aug 26 18:23:55.869227: | found eth1 with address 192.1.2.45 Aug 26 18:23:55.870580: Kernel supports NIC esp-hw-offload Aug 26 18:23:55.870626: adding interface eth1/eth1 (esp-hw-offload not supported by kernel) 192.1.2.45:500 Aug 26 18:23:55.870721: | NAT-Traversal: Trying sockopt style NAT-T Aug 26 18:23:55.870730: | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 Aug 26 18:23:55.870735: adding interface eth1/eth1 192.1.2.45:4500 Aug 26 18:23:55.878345: adding interface eth0/eth0 (esp-hw-offload not supported by kernel) 192.0.1.254:500 Aug 26 18:23:55.878405: | NAT-Traversal: Trying sockopt style NAT-T Aug 26 18:23:55.878412: | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 Aug 26 18:23:55.878423: adding interface eth0/eth0 192.0.1.254:4500 Aug 26 18:23:55.878455: adding interface lo/lo (esp-hw-offload not supported by kernel) 127.0.0.1:500 Aug 26 18:23:55.878631: | NAT-Traversal: Trying sockopt style NAT-T Aug 26 18:23:55.878638: | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 Aug 26 18:23:55.878643: adding interface lo/lo 127.0.0.1:4500 Aug 26 18:23:55.878734: | no interfaces to sort Aug 26 18:23:55.878740: | FOR_EACH_UNORIENTED_CONNECTION_... in check_orientations Aug 26 18:23:55.878749: | add_fd_read_event_handler: new ethX-pe@0x559acd01ebb8 Aug 26 18:23:55.878753: | libevent_malloc: new ptr-libevent@0x559acd012d28 size 128 Aug 26 18:23:55.878758: | libevent_malloc: new ptr-libevent@0x559acd01ec28 size 16 Aug 26 18:23:55.878766: | setup callback for interface lo 127.0.0.1:4500 fd 22 Aug 26 18:23:55.878769: | add_fd_read_event_handler: new ethX-pe@0x559acd01ec68 Aug 26 18:23:55.878774: | libevent_malloc: new ptr-libevent@0x559accfb0f48 size 128 Aug 26 18:23:55.878777: | libevent_malloc: new ptr-libevent@0x559acd01ecd8 size 16 Aug 26 18:23:55.878782: | setup callback for interface lo 127.0.0.1:500 fd 21 Aug 26 18:23:55.878785: | add_fd_read_event_handler: new ethX-pe@0x559acd01ed18 Aug 26 18:23:55.878788: | libevent_malloc: new ptr-libevent@0x559accfb0e48 size 128 Aug 26 18:23:55.878791: | libevent_malloc: new ptr-libevent@0x559acd01ed88 size 16 Aug 26 18:23:55.878796: | setup callback for interface eth0 192.0.1.254:4500 fd 20 Aug 26 18:23:55.878799: | add_fd_read_event_handler: new ethX-pe@0x559acd01edc8 Aug 26 18:23:55.878802: | libevent_malloc: new ptr-libevent@0x559accfb0678 size 128 Aug 26 18:23:55.878804: | libevent_malloc: new ptr-libevent@0x559acd01ee38 size 16 Aug 26 18:23:55.878809: | setup callback for interface eth0 192.0.1.254:500 fd 19 Aug 26 18:23:55.878812: | add_fd_read_event_handler: new ethX-pe@0x559acd01ee78 Aug 26 18:23:55.878816: | libevent_malloc: new ptr-libevent@0x559accf7f4e8 size 128 Aug 26 18:23:55.878819: | libevent_malloc: new ptr-libevent@0x559acd01eee8 size 16 Aug 26 18:23:55.878824: | setup callback for interface eth1 192.1.2.45:4500 fd 18 Aug 26 18:23:55.878827: | add_fd_read_event_handler: new ethX-pe@0x559acd01ef28 Aug 26 18:23:55.878830: | libevent_malloc: new ptr-libevent@0x559accf7f1d8 size 128 Aug 26 18:23:55.878833: | libevent_malloc: new ptr-libevent@0x559acd01ef98 size 16 Aug 26 18:23:55.878838: | setup callback for interface eth1 192.1.2.45:500 fd 17 Aug 26 18:23:55.878843: | certs and keys locked by 'free_preshared_secrets' Aug 26 18:23:55.878846: | certs and keys unlocked by 'free_preshared_secrets' Aug 26 18:23:55.878865: loading secrets from "/etc/ipsec.secrets" Aug 26 18:23:55.879043: | saving Modulus Aug 26 18:23:55.879050: | saving PublicExponent Aug 26 18:23:55.879054: | ignoring PrivateExponent Aug 26 18:23:55.879057: | ignoring Prime1 Aug 26 18:23:55.879060: | ignoring Prime2 Aug 26 18:23:55.879063: | ignoring Exponent1 Aug 26 18:23:55.879066: | ignoring Exponent2 Aug 26 18:23:55.879070: | ignoring Coefficient Aug 26 18:23:55.879073: | ignoring CKAIDNSS Aug 26 18:23:55.879112: | computed rsa CKAID b4 9f 1a ac 9e 45 6e 79 29 c8 81 97 3a 0c 6a d3 Aug 26 18:23:55.879116: | computed rsa CKAID 7f 0f 03 50 Aug 26 18:23:55.879120: loaded private key for keyid: PKK_RSA:AQOm9dY/4 Aug 26 18:23:55.879136: | certs and keys locked by 'process_secret' Aug 26 18:23:55.879140: | certs and keys unlocked by 'process_secret' Aug 26 18:23:55.879232: | close_any(fd@16) (in whack_process() at rcv_whack.c:700) Aug 26 18:23:55.879244: | spent 0.964 milliseconds in whack Aug 26 18:23:55.866485: | starting up helper thread 6 Aug 26 18:23:55.879262: | status value returned by setting the priority of this thread (crypto helper 6) 22 Aug 26 18:23:55.879268: | crypto helper 6 waiting (nothing to do) Aug 26 18:23:55.960262: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) Aug 26 18:23:55.960294: | FOR_EACH_CONNECTION_... in conn_by_name Aug 26 18:23:55.960306: | FOR_EACH_CONNECTION_... in foreach_connection_by_alias Aug 26 18:23:55.960310: | FOR_EACH_CONNECTION_... in conn_by_name Aug 26 18:23:55.960312: | FOR_EACH_CONNECTION_... in foreach_connection_by_alias Aug 26 18:23:55.960318: | FOR_EACH_CONNECTION_... in conn_by_name Aug 26 18:23:55.960326: | Added new connection good with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO Aug 26 18:23:55.960353: Failed to add connection "good": ike string error: IKE DH algorithm 'modp1024' is not supported Aug 26 18:23:55.960361: | flush revival: connection 'good' wasn't on the list Aug 26 18:23:55.960365: | processing: STOP connection NULL (in discard_connection() at connections.c:249) Aug 26 18:23:55.960377: | close_any(fd@16) (in whack_process() at rcv_whack.c:700) Aug 26 18:23:55.960385: | spent 0.12 milliseconds in whack Aug 26 18:23:55.960431: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) Aug 26 18:23:55.960446: listening for IKE messages Aug 26 18:23:55.960477: | Inspecting interface lo Aug 26 18:23:55.960484: | found lo with address 127.0.0.1 Aug 26 18:23:55.960487: | Inspecting interface eth0 Aug 26 18:23:55.960491: | found eth0 with address 192.0.1.254 Aug 26 18:23:55.960494: | Inspecting interface eth1 Aug 26 18:23:55.960498: | found eth1 with address 192.1.2.45 Aug 26 18:23:55.960556: | no interfaces to sort Aug 26 18:23:55.960566: | libevent_free: release ptr-libevent@0x559acd012d28 Aug 26 18:23:55.960571: | free_event_entry: release EVENT_NULL-pe@0x559acd01ebb8 Aug 26 18:23:55.960574: | add_fd_read_event_handler: new ethX-pe@0x559acd01ebb8 Aug 26 18:23:55.960577: | libevent_malloc: new ptr-libevent@0x559acd012d28 size 128 Aug 26 18:23:55.960585: | setup callback for interface lo 127.0.0.1:4500 fd 22 Aug 26 18:23:55.960590: | libevent_free: release ptr-libevent@0x559accfb0f48 Aug 26 18:23:55.960594: | free_event_entry: release EVENT_NULL-pe@0x559acd01ec68 Aug 26 18:23:55.960597: | add_fd_read_event_handler: new ethX-pe@0x559acd01ec68 Aug 26 18:23:55.960599: | libevent_malloc: new ptr-libevent@0x559accfb0f48 size 128 Aug 26 18:23:55.960605: | setup callback for interface lo 127.0.0.1:500 fd 21 Aug 26 18:23:55.960609: | libevent_free: release ptr-libevent@0x559accfb0e48 Aug 26 18:23:55.960611: | free_event_entry: release EVENT_NULL-pe@0x559acd01ed18 Aug 26 18:23:55.960614: | add_fd_read_event_handler: new ethX-pe@0x559acd01ed18 Aug 26 18:23:55.960617: | libevent_malloc: new ptr-libevent@0x559accfb0e48 size 128 Aug 26 18:23:55.960623: | setup callback for interface eth0 192.0.1.254:4500 fd 20 Aug 26 18:23:55.960628: | libevent_free: release ptr-libevent@0x559accfb0678 Aug 26 18:23:55.960631: | free_event_entry: release EVENT_NULL-pe@0x559acd01edc8 Aug 26 18:23:55.960634: | add_fd_read_event_handler: new ethX-pe@0x559acd01edc8 Aug 26 18:23:55.960637: | libevent_malloc: new ptr-libevent@0x559accfb0678 size 128 Aug 26 18:23:55.960642: | setup callback for interface eth0 192.0.1.254:500 fd 19 Aug 26 18:23:55.960646: | libevent_free: release ptr-libevent@0x559accf7f4e8 Aug 26 18:23:55.960649: | free_event_entry: release EVENT_NULL-pe@0x559acd01ee78 Aug 26 18:23:55.960652: | add_fd_read_event_handler: new ethX-pe@0x559acd01ee78 Aug 26 18:23:55.960655: | libevent_malloc: new ptr-libevent@0x559accf7f4e8 size 128 Aug 26 18:23:55.960660: | setup callback for interface eth1 192.1.2.45:4500 fd 18 Aug 26 18:23:55.960664: | libevent_free: release ptr-libevent@0x559accf7f1d8 Aug 26 18:23:55.960667: | free_event_entry: release EVENT_NULL-pe@0x559acd01ef28 Aug 26 18:23:55.960670: | add_fd_read_event_handler: new ethX-pe@0x559acd01ef28 Aug 26 18:23:55.960672: | libevent_malloc: new ptr-libevent@0x559accf7f1d8 size 128 Aug 26 18:23:55.960677: | setup callback for interface eth1 192.1.2.45:500 fd 17 Aug 26 18:23:55.960681: | certs and keys locked by 'free_preshared_secrets' Aug 26 18:23:55.960684: forgetting secrets Aug 26 18:23:55.960692: | certs and keys unlocked by 'free_preshared_secrets' Aug 26 18:23:55.960712: loading secrets from "/etc/ipsec.secrets" Aug 26 18:23:55.960727: | saving Modulus Aug 26 18:23:55.960731: | saving PublicExponent Aug 26 18:23:55.960735: | ignoring PrivateExponent Aug 26 18:23:55.960738: | ignoring Prime1 Aug 26 18:23:55.960742: | ignoring Prime2 Aug 26 18:23:55.960745: | ignoring Exponent1 Aug 26 18:23:55.960748: | ignoring Exponent2 Aug 26 18:23:55.960751: | ignoring Coefficient Aug 26 18:23:55.960755: | ignoring CKAIDNSS Aug 26 18:23:55.960780: | computed rsa CKAID b4 9f 1a ac 9e 45 6e 79 29 c8 81 97 3a 0c 6a d3 Aug 26 18:23:55.960784: | computed rsa CKAID 7f 0f 03 50 Aug 26 18:23:55.960788: loaded private key for keyid: PKK_RSA:AQOm9dY/4 Aug 26 18:23:55.960793: | certs and keys locked by 'process_secret' Aug 26 18:23:55.960796: | certs and keys unlocked by 'process_secret' Aug 26 18:23:55.960805: | close_any(fd@16) (in whack_process() at rcv_whack.c:700) Aug 26 18:23:55.960811: | spent 0.379 milliseconds in whack Aug 26 18:23:55.961971: | processing signal PLUTO_SIGCHLD Aug 26 18:23:55.961994: | waitpid returned pid 23884 (exited with status 0) Aug 26 18:23:55.962000: | reaped addconn helper child (status 0) Aug 26 18:23:55.962007: | waitpid returned ECHILD (no child processes left) Aug 26 18:23:55.962013: | spent 0.0245 milliseconds in signal handler PLUTO_SIGCHLD Aug 26 18:24:01.183473: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) Aug 26 18:24:01.183686: | FOR_EACH_CONNECTION_... in show_connections_status Aug 26 18:24:01.183702: | FOR_EACH_STATE_... in show_states_status (sort_states) Aug 26 18:24:01.183710: | close_any(fd@16) (in whack_process() at rcv_whack.c:700) Aug 26 18:24:01.183716: | spent 0.254 milliseconds in whack Aug 26 18:24:02.784606: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) Aug 26 18:24:02.784823: | FOR_EACH_CONNECTION_... in show_connections_status Aug 26 18:24:02.784841: | FOR_EACH_STATE_... in show_states_status (sort_states) Aug 26 18:24:02.784853: | close_any(fd@16) (in whack_process() at rcv_whack.c:700) Aug 26 18:24:02.784862: | spent 0.266 milliseconds in whack Aug 26 18:24:04.054715: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) Aug 26 18:24:04.054746: shutting down Aug 26 18:24:04.054756: | processing: RESET whack log_fd (was fd@16) (in exit_pluto() at plutomain.c:1825) Aug 26 18:24:04.054761: | certs and keys locked by 'free_preshared_secrets' Aug 26 18:24:04.054764: forgetting secrets Aug 26 18:24:04.054770: | certs and keys unlocked by 'free_preshared_secrets' Aug 26 18:24:04.054774: | crl fetch request list locked by 'free_crl_fetch' Aug 26 18:24:04.054777: | crl fetch request list unlocked by 'free_crl_fetch' Aug 26 18:24:04.054788: shutting down interface lo/lo 127.0.0.1:4500 Aug 26 18:24:04.054792: shutting down interface lo/lo 127.0.0.1:500 Aug 26 18:24:04.054795: shutting down interface eth0/eth0 192.0.1.254:4500 Aug 26 18:24:04.054799: shutting down interface eth0/eth0 192.0.1.254:500 Aug 26 18:24:04.054803: shutting down interface eth1/eth1 192.1.2.45:4500 Aug 26 18:24:04.054806: shutting down interface eth1/eth1 192.1.2.45:500 Aug 26 18:24:04.054811: | FOR_EACH_STATE_... in delete_states_dead_interfaces Aug 26 18:24:04.054819: | libevent_free: release ptr-libevent@0x559acd012d28 Aug 26 18:24:04.054823: | free_event_entry: release EVENT_NULL-pe@0x559acd01ebb8 Aug 26 18:24:04.054836: | libevent_free: release ptr-libevent@0x559accfb0f48 Aug 26 18:24:04.054839: | free_event_entry: release EVENT_NULL-pe@0x559acd01ec68 Aug 26 18:24:04.054848: | libevent_free: release ptr-libevent@0x559accfb0e48 Aug 26 18:24:04.054851: | free_event_entry: release EVENT_NULL-pe@0x559acd01ed18 Aug 26 18:24:04.054858: | libevent_free: release ptr-libevent@0x559accfb0678 Aug 26 18:24:04.054862: | free_event_entry: release EVENT_NULL-pe@0x559acd01edc8 Aug 26 18:24:04.054869: | libevent_free: release ptr-libevent@0x559accf7f4e8 Aug 26 18:24:04.054878: | free_event_entry: release EVENT_NULL-pe@0x559acd01ee78 Aug 26 18:24:04.054886: | libevent_free: release ptr-libevent@0x559accf7f1d8 Aug 26 18:24:04.054889: | free_event_entry: release EVENT_NULL-pe@0x559acd01ef28 Aug 26 18:24:04.054896: | FOR_EACH_UNORIENTED_CONNECTION_... in check_orientations Aug 26 18:24:04.055329: | libevent_free: release ptr-libevent@0x559acd012dd8 Aug 26 18:24:04.055337: | free_event_entry: release EVENT_NULL-pe@0x559acd006b18 Aug 26 18:24:04.055342: | libevent_free: release ptr-libevent@0x559accfb0d48 Aug 26 18:24:04.055345: | free_event_entry: release EVENT_NULL-pe@0x559acd005fd8 Aug 26 18:24:04.055349: | libevent_free: release ptr-libevent@0x559accfea3f8 Aug 26 18:24:04.055351: | free_event_entry: release EVENT_NULL-pe@0x559acd006b88 Aug 26 18:24:04.055353: | global timer EVENT_REINIT_SECRET uninitialized Aug 26 18:24:04.055355: | global timer EVENT_SHUNT_SCAN uninitialized Aug 26 18:24:04.055357: | global timer EVENT_PENDING_DDNS uninitialized Aug 26 18:24:04.055359: | global timer EVENT_PENDING_PHASE2 uninitialized Aug 26 18:24:04.055360: | global timer EVENT_CHECK_CRLS uninitialized Aug 26 18:24:04.055362: | global timer EVENT_REVIVE_CONNS uninitialized Aug 26 18:24:04.055364: | global timer EVENT_FREE_ROOT_CERTS uninitialized Aug 26 18:24:04.055366: | global timer EVENT_RESET_LOG_RATE_LIMIT uninitialized Aug 26 18:24:04.055367: | global timer EVENT_NAT_T_KEEPALIVE uninitialized Aug 26 18:24:04.055372: | libevent_free: release ptr-libevent@0x559accfb2028 Aug 26 18:24:04.055374: | signal event handler PLUTO_SIGCHLD uninstalled Aug 26 18:24:04.055376: | libevent_free: release ptr-libevent@0x559acd01e318 Aug 26 18:24:04.055378: | signal event handler PLUTO_SIGTERM uninstalled Aug 26 18:24:04.055380: | libevent_free: release ptr-libevent@0x559acd01e428 Aug 26 18:24:04.055382: | signal event handler PLUTO_SIGHUP uninstalled Aug 26 18:24:04.055384: | libevent_free: release ptr-libevent@0x559acd01e668 Aug 26 18:24:04.055386: | signal event handler PLUTO_SIGSYS uninstalled Aug 26 18:24:04.055387: | releasing event base Aug 26 18:24:04.055397: | libevent_free: release ptr-libevent@0x559acd01e538 Aug 26 18:24:04.055399: | libevent_free: release ptr-libevent@0x559acd0013c8 Aug 26 18:24:04.055402: | libevent_free: release ptr-libevent@0x559acd001378 Aug 26 18:24:04.055404: | libevent_free: release ptr-libevent@0x559acd001308 Aug 26 18:24:04.055406: | libevent_free: release ptr-libevent@0x559acd0012c8 Aug 26 18:24:04.055408: | libevent_free: release ptr-libevent@0x559acd01e0e8 Aug 26 18:24:04.055409: | libevent_free: release ptr-libevent@0x559acd01e298 Aug 26 18:24:04.055411: | libevent_free: release ptr-libevent@0x559acd001578 Aug 26 18:24:04.055413: | libevent_free: release ptr-libevent@0x559acd0060e8 Aug 26 18:24:04.055415: | libevent_free: release ptr-libevent@0x559acd006ad8 Aug 26 18:24:04.055416: | libevent_free: release ptr-libevent@0x559acd01ef98 Aug 26 18:24:04.055418: | libevent_free: release ptr-libevent@0x559acd01eee8 Aug 26 18:24:04.055420: | libevent_free: release ptr-libevent@0x559acd01ee38 Aug 26 18:24:04.055423: | libevent_free: release ptr-libevent@0x559acd01ed88 Aug 26 18:24:04.055425: | libevent_free: release ptr-libevent@0x559acd01ecd8 Aug 26 18:24:04.055428: | libevent_free: release ptr-libevent@0x559acd01ec28 Aug 26 18:24:04.055430: | libevent_free: release ptr-libevent@0x559accfadad8 Aug 26 18:24:04.055433: | libevent_free: release ptr-libevent@0x559acd01e3e8 Aug 26 18:24:04.055436: | libevent_free: release ptr-libevent@0x559acd01e2d8 Aug 26 18:24:04.055439: | libevent_free: release ptr-libevent@0x559acd01e258 Aug 26 18:24:04.055442: | libevent_free: release ptr-libevent@0x559acd01e4f8 Aug 26 18:24:04.055445: | libevent_free: release ptr-libevent@0x559acd01e128 Aug 26 18:24:04.055448: | libevent_free: release ptr-libevent@0x559accf7e908 Aug 26 18:24:04.055451: | libevent_free: release ptr-libevent@0x559accf7ed38 Aug 26 18:24:04.055454: | libevent_free: release ptr-libevent@0x559accfade48 Aug 26 18:24:04.055456: | releasing global libevent data Aug 26 18:24:04.055460: | libevent_free: release ptr-libevent@0x559accf7a178 Aug 26 18:24:04.055467: | libevent_free: release ptr-libevent@0x559accf7ecd8 Aug 26 18:24:04.055471: | libevent_free: release ptr-libevent@0x559accf7edd8 Aug 26 18:24:04.055521: leak detective found no leaks