Aug 26 18:32:52.180629: FIPS Product: YES
Aug 26 18:32:52.180746: FIPS Kernel: NO
Aug 26 18:32:52.180749: FIPS Mode: NO
Aug 26 18:32:52.180752: NSS DB directory: sql:/etc/ipsec.d
Aug 26 18:32:52.180899: Initializing NSS
Aug 26 18:32:52.180906: Opening NSS database "sql:/etc/ipsec.d" read-only
Aug 26 18:32:52.213116: NSS initialized
Aug 26 18:32:52.213133: NSS crypto library initialized
Aug 26 18:32:52.213136: FIPS HMAC integrity support [enabled]
Aug 26 18:32:52.213138: FIPS mode disabled for pluto daemon
Aug 26 18:32:52.247491: FIPS HMAC integrity verification self-test FAILED
Aug 26 18:32:52.247599: libcap-ng support [enabled]
Aug 26 18:32:52.247609: Linux audit support [enabled]
Aug 26 18:32:52.247634: Linux audit activated
Aug 26 18:32:52.247639: Starting Pluto (Libreswan Version v3.28-685-gbfd5aef521-master-s2 XFRM(netkey) esp-hw-offload FORK PTHREAD_SETSCHEDPRIO NSS (IPsec profile) DNSSEC FIPS_CHECK LABELED_IPSEC SECCOMP LIBCAP_NG LINUX_AUDIT XAUTH_PAM NETWORKMANAGER CURL(non-NSS)) pid:17892
Aug 26 18:32:52.247642: core dump dir: /tmp
Aug 26 18:32:52.247644: secrets file: /etc/ipsec.secrets
Aug 26 18:32:52.247646: leak-detective enabled
Aug 26 18:32:52.247648: NSS crypto [enabled]
Aug 26 18:32:52.247651: XAUTH PAM support [enabled]
Aug 26 18:32:52.247721: | libevent is using pluto's memory allocator
Aug 26 18:32:52.247729: Initializing libevent in pthreads mode: headers: 2.1.8-stable (2010800); library: 2.1.8-stable (2010800)
Aug 26 18:32:52.247745: | libevent_malloc: new ptr-libevent@0x55c66d8f06d8 size 40
Aug 26 18:32:52.247752: | libevent_malloc: new ptr-libevent@0x55c66d8f0658 size 40
Aug 26 18:32:52.247755: | libevent_malloc: new ptr-libevent@0x55c66d8f05d8 size 40
Aug 26 18:32:52.247758: | creating event base
Aug 26 18:32:52.247762: | libevent_malloc: new ptr-libevent@0x55c66d8e2208 size 56
Aug 26 18:32:52.247766: | libevent_malloc: new ptr-libevent@0x55c66d863538 size 664
Aug 26 18:32:52.247777: | libevent_malloc: new ptr-libevent@0x55c66d92ace8 size 24
Aug 26 18:32:52.247780: | libevent_malloc: new ptr-libevent@0x55c66d92ad38 size 384
Aug 26 18:32:52.247790: | libevent_malloc: new ptr-libevent@0x55c66d92aca8 size 16
Aug 26 18:32:52.247793: | libevent_malloc: new ptr-libevent@0x55c66d8f0558 size 40
Aug 26 18:32:52.247796: | libevent_malloc: new ptr-libevent@0x55c66d8f04d8 size 48
Aug 26 18:32:52.247801: | libevent_realloc: new ptr-libevent@0x55c66d8631c8 size 256
Aug 26 18:32:52.247803: | libevent_malloc: new ptr-libevent@0x55c66d92aee8 size 16
Aug 26 18:32:52.247809: | libevent_free: release ptr-libevent@0x55c66d8e2208
Aug 26 18:32:52.247813: | libevent initialized
Aug 26 18:32:52.247817: | libevent_realloc: new ptr-libevent@0x55c66d8e2208 size 64
Aug 26 18:32:52.247820: | global periodic timer EVENT_RESET_LOG_RATE_LIMIT enabled with interval of 3600 seconds
Aug 26 18:32:52.247835: | init_nat_traversal() initialized with keep_alive=0s
Aug 26 18:32:52.247838: NAT-Traversal support [enabled]
Aug 26 18:32:52.247841: | global one-shot timer EVENT_NAT_T_KEEPALIVE initialized
Aug 26 18:32:52.247860: | global one-shot timer EVENT_FREE_ROOT_CERTS initialized
Aug 26 18:32:52.247863: | global periodic timer EVENT_REINIT_SECRET enabled with interval of 3600 seconds
Aug 26 18:32:52.247898: | global one-shot timer EVENT_REVIVE_CONNS initialized
Aug 26 18:32:52.247902: | global periodic timer EVENT_PENDING_DDNS enabled with interval of 60 seconds
Aug 26 18:32:52.247905: | global periodic timer EVENT_PENDING_PHASE2 enabled with interval of 120 seconds
Aug 26 18:32:52.247950: Encryption algorithms:
Aug 26 18:32:52.247959: AES_CCM_16 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm, aes_ccm_c
Aug 26 18:32:52.247963: AES_CCM_12 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_b
Aug 26 18:32:52.247967: AES_CCM_8 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_a
Aug 26 18:32:52.247971: 3DES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS [*192] 3des
Aug 26 18:32:52.247974: CAMELLIA_CTR IKEv1: ESP IKEv2: ESP {256,192,*128}
Aug 26 18:32:52.247982: CAMELLIA_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} camellia
Aug 26 18:32:52.247986: AES_GCM_16 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm, aes_gcm_c
Aug 26 18:32:52.247990: AES_GCM_12 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_b
Aug 26 18:32:52.247994: AES_GCM_8 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_a
Aug 26 18:32:52.247997: AES_CTR IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aesctr
Aug 26 18:32:52.248001: AES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aes
Aug 26 18:32:52.248005: SERPENT_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} serpent
Aug 26 18:32:52.248008: TWOFISH_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} twofish
Aug 26 18:32:52.248012: TWOFISH_SSH IKEv1: IKE IKEv2: IKE ESP {256,192,*128} twofish_cbc_ssh
Aug 26 18:32:52.248016: NULL_AUTH_AES_GMAC IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_gmac
Aug 26 18:32:52.248019: NULL IKEv1: ESP IKEv2: ESP []
Aug 26 18:32:52.248022: CHACHA20_POLY1305 IKEv1: IKEv2: IKE ESP [*256] chacha20poly1305
Aug 26 18:32:52.248030: Hash algorithms:
Aug 26 18:32:52.248032: MD5 IKEv1: IKE IKEv2:
Aug 26 18:32:52.248036: SHA1 IKEv1: IKE IKEv2: FIPS sha
Aug 26 18:32:52.248039: SHA2_256 IKEv1: IKE IKEv2: FIPS sha2, sha256
Aug 26 18:32:52.248042: SHA2_384 IKEv1: IKE IKEv2: FIPS sha384
Aug 26 18:32:52.248045: SHA2_512 IKEv1: IKE IKEv2: FIPS sha512
Aug 26 18:32:52.248058: PRF algorithms:
Aug 26 18:32:52.248061: HMAC_MD5 IKEv1: IKE IKEv2: IKE md5
Aug 26 18:32:52.248064: HMAC_SHA1 IKEv1: IKE IKEv2: IKE FIPS sha, sha1
Aug 26 18:32:52.248068: HMAC_SHA2_256 IKEv1: IKE IKEv2: IKE FIPS sha2, sha256, sha2_256
Aug 26 18:32:52.248071: HMAC_SHA2_384 IKEv1: IKE IKEv2: IKE FIPS sha384, sha2_384
Aug 26 18:32:52.248074: HMAC_SHA2_512 IKEv1: IKE IKEv2: IKE FIPS sha512, sha2_512
Aug 26 18:32:52.248077: AES_XCBC IKEv1: IKEv2: IKE aes128_xcbc
Aug 26 18:32:52.248104: Integrity algorithms:
Aug 26 18:32:52.248107: HMAC_MD5_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH md5, hmac_md5
Aug 26 18:32:52.248111: HMAC_SHA1_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha, sha1, sha1_96, hmac_sha1
Aug 26 18:32:52.248115: HMAC_SHA2_512_256 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha512, sha2_512, sha2_512_256, hmac_sha2_512
Aug 26 18:32:52.248119: HMAC_SHA2_384_192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha384, sha2_384, sha2_384_192, hmac_sha2_384
Aug 26 18:32:52.248124: HMAC_SHA2_256_128 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha2, sha256, sha2_256, sha2_256_128, hmac_sha2_256
Aug 26 18:32:52.248126: HMAC_SHA2_256_TRUNCBUG IKEv1: ESP AH IKEv2: AH
Aug 26 18:32:52.248130: AES_XCBC_96 IKEv1: ESP AH IKEv2: IKE ESP AH aes_xcbc, aes128_xcbc, aes128_xcbc_96
Aug 26 18:32:52.248133: AES_CMAC_96 IKEv1: ESP AH IKEv2: ESP AH FIPS aes_cmac
Aug 26 18:32:52.248136: NONE IKEv1: ESP IKEv2: IKE ESP FIPS null
Aug 26 18:32:52.248148: DH algorithms:
Aug 26 18:32:52.248152: NONE IKEv1: IKEv2: IKE ESP AH FIPS null, dh0
Aug 26 18:32:52.248155: MODP1536 IKEv1: IKE ESP AH IKEv2: IKE ESP AH dh5
Aug 26 18:32:52.248158: MODP2048 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh14
Aug 26 18:32:52.248163: MODP3072 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh15
Aug 26 18:32:52.248166: MODP4096 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh16
Aug 26 18:32:52.248169: MODP6144 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh17
Aug 26 18:32:52.248172: MODP8192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh18
Aug 26 18:32:52.248175: DH19 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_256, ecp256
Aug 26 18:32:52.248192: DH20 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_384, ecp384
Aug 26 18:32:52.248195: DH21 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_521, ecp521
Aug 26 18:32:52.248198: DH31 IKEv1: IKE IKEv2: IKE ESP AH curve25519
Aug 26 18:32:52.248201: testing CAMELLIA_CBC:
Aug 26 18:32:52.248204: Camellia: 16 bytes with 128-bit key
Aug 26 18:32:52.248336: Camellia: 16 bytes with 128-bit key
Aug 26 18:32:52.248372: Camellia: 16 bytes with 256-bit key
Aug 26 18:32:52.248404: Camellia: 16 bytes with 256-bit key
Aug 26 18:32:52.248432: testing AES_GCM_16:
Aug 26 18:32:52.248435: empty string
Aug 26 18:32:52.248461: one block
Aug 26 18:32:52.248492: two blocks
Aug 26 18:32:52.248522: two blocks with associated data
Aug 26 18:32:52.248553: testing AES_CTR:
Aug 26 18:32:52.248557: Encrypting 16 octets using AES-CTR with 128-bit key
Aug 26 18:32:52.248589: Encrypting 32 octets using AES-CTR with 128-bit key
Aug 26 18:32:52.248623: Encrypting 36 octets using AES-CTR with 128-bit key
Aug 26 18:32:52.248657: Encrypting 16 octets using AES-CTR with 192-bit key
Aug 26 18:32:52.248689: Encrypting 32 octets using AES-CTR with 192-bit key
Aug 26 18:32:52.248722: Encrypting 36 octets using AES-CTR with 192-bit key
Aug 26 18:32:52.248755: Encrypting 16 octets using AES-CTR with 256-bit key
Aug 26 18:32:52.248785: Encrypting 32 octets using AES-CTR with 256-bit key
Aug 26 18:32:52.248819: Encrypting 36 octets using AES-CTR with 256-bit key
Aug 26 18:32:52.248852: testing AES_CBC:
Aug 26 18:32:52.248855: Encrypting 16 bytes (1 block) using AES-CBC with 128-bit key
Aug 26 18:32:52.248887: Encrypting 32 bytes (2 blocks) using AES-CBC with 128-bit key
Aug 26 18:32:52.248921: Encrypting 48 bytes (3 blocks) using AES-CBC with 128-bit key
Aug 26 18:32:52.248953: Encrypting 64 bytes (4 blocks) using AES-CBC with 128-bit key
Aug 26 18:32:52.248985: testing AES_XCBC:
Aug 26 18:32:52.248990: RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input
Aug 26 18:32:52.249104: RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input
Aug 26 18:32:52.249236: RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input
Aug 26 18:32:52.249364: RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input
Aug 26 18:32:52.249496: RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input
Aug 26 18:32:52.249623: RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input
Aug 26 18:32:52.249757: RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input
Aug 26 18:32:52.250065: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16)
Aug 26 18:32:52.250203: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10)
Aug 26 18:32:52.250365: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18)
Aug 26 18:32:52.250602: testing HMAC_MD5:
Aug 26 18:32:52.250608: RFC 2104: MD5_HMAC test 1
Aug 26 18:32:52.250782: RFC 2104: MD5_HMAC test 2
Aug 26 18:32:52.250930: RFC 2104: MD5_HMAC test 3
Aug 26 18:32:52.251106: 8 CPU cores online
Aug 26 18:32:52.251111: starting up 7 crypto helpers
Aug 26 18:32:52.251143: started thread for crypto helper 0
Aug 26 18:32:52.251148: | starting up helper thread 0
Aug 26 18:32:52.251168: started thread for crypto helper 1
Aug 26 18:32:52.251170: | status value returned by setting the priority of this thread (crypto helper 0) 22
Aug 26 18:32:52.251175: | crypto helper 0 waiting (nothing to do)
Aug 26 18:32:52.251191: started thread for crypto helper 2
Aug 26 18:32:52.251193: | starting up helper thread 2
Aug 26 18:32:52.251203: | status value returned by setting the priority of this thread (crypto helper 2) 22
Aug 26 18:32:52.251206: | crypto helper 2 waiting (nothing to do)
Aug 26 18:32:52.251222: started thread for crypto helper 3
Aug 26 18:32:52.251241: started thread for crypto helper 4
Aug 26 18:32:52.251243: | starting up helper thread 4
Aug 26 18:32:52.251248: | starting up helper thread 3
Aug 26 18:32:52.251255: | status value returned by setting the priority of this thread (crypto helper 4) 22
Aug 26 18:32:52.251267: | status value returned by setting the priority of this thread (crypto helper 3) 22
Aug 26 18:32:52.251267: | crypto helper 4 waiting (nothing to do)
Aug 26 18:32:52.251277: | crypto helper 3 waiting (nothing to do)
Aug 26 18:32:52.251279: started thread for crypto helper 5
Aug 26 18:32:52.251316: started thread for crypto helper 6
Aug 26 18:32:52.251325: | starting up helper thread 1
Aug 26 18:32:52.251328: | checking IKEv1 state table
Aug 26 18:32:52.251331: | status value returned by setting the priority of this thread (crypto helper 1) 22
Aug 26 18:32:52.251334: | crypto helper 1 waiting (nothing to do)
Aug 26 18:32:52.251318: | starting up helper thread 6
Aug 26 18:32:52.251338: | MAIN_R0: category: half-open IKE SA flags: 0:
Aug 26 18:32:52.251342: | starting up helper thread 5
Aug 26 18:32:52.251344: | status value returned by setting the priority of this thread (crypto helper 6) 22
Aug 26 18:32:52.251347: | -> MAIN_R1 EVENT_SO_DISCARD
Aug 26 18:32:52.251358: | crypto helper 6 waiting (nothing to do)
Aug 26 18:32:52.251362: | MAIN_I1: category: half-open IKE SA flags: 0:
Aug 26 18:32:52.251366: | status value returned by setting the priority of this thread (crypto helper 5) 22
Aug 26 18:32:52.251370: | -> MAIN_I2 EVENT_RETRANSMIT
Aug 26 18:32:52.251376: | crypto helper 5 waiting (nothing to do)
Aug 26 18:32:52.251381: | MAIN_R1: category: open IKE SA flags: 200:
Aug 26 18:32:52.251388: | -> MAIN_R2 EVENT_RETRANSMIT
Aug 26 18:32:52.251391: | -> UNDEFINED EVENT_RETRANSMIT
Aug 26 18:32:52.251394: | -> UNDEFINED EVENT_RETRANSMIT
Aug 26 18:32:52.251396: | MAIN_I2: category: open IKE SA flags: 0:
Aug 26 18:32:52.251398: | -> MAIN_I3 EVENT_RETRANSMIT
Aug 26 18:32:52.251400: | -> UNDEFINED EVENT_RETRANSMIT
Aug 26 18:32:52.251403: | -> UNDEFINED EVENT_RETRANSMIT
Aug 26 18:32:52.251405: | MAIN_R2: category: open IKE SA flags: 0:
Aug 26 18:32:52.251407: | -> MAIN_R3 EVENT_SA_REPLACE
Aug 26 18:32:52.251409: | -> MAIN_R3 EVENT_SA_REPLACE
Aug 26 18:32:52.251411: | -> UNDEFINED EVENT_SA_REPLACE
Aug 26 18:32:52.251414: | MAIN_I3: category: open IKE SA flags: 0:
Aug 26 18:32:52.251416: | -> MAIN_I4 EVENT_SA_REPLACE
Aug 26 18:32:52.251418: | -> MAIN_I4 EVENT_SA_REPLACE
Aug 26 18:32:52.251420: | -> UNDEFINED EVENT_SA_REPLACE
Aug 26 18:32:52.251423: | MAIN_R3: category: established IKE SA flags: 200:
Aug 26 18:32:52.251425: | -> UNDEFINED EVENT_NULL
Aug 26 18:32:52.251427: | MAIN_I4: category: established IKE SA flags: 0:
Aug 26 18:32:52.251429: | -> UNDEFINED EVENT_NULL
Aug 26 18:32:52.251432: | AGGR_R0: category: half-open IKE SA flags: 0:
Aug 26 18:32:52.251434: | -> AGGR_R1 EVENT_SO_DISCARD
Aug 26 18:32:52.251437: | AGGR_I1: category: half-open IKE SA flags: 0:
Aug 26 18:32:52.251439: | -> AGGR_I2 EVENT_SA_REPLACE
Aug 26 18:32:52.251441: | -> AGGR_I2 EVENT_SA_REPLACE
Aug 26 18:32:52.251443: | AGGR_R1: category: open IKE SA flags: 200:
Aug 26 18:32:52.251445: | -> AGGR_R2 EVENT_SA_REPLACE
Aug 26 18:32:52.251448: | -> AGGR_R2 EVENT_SA_REPLACE
Aug 26 18:32:52.251450: | AGGR_I2: category: established IKE SA flags: 200:
Aug 26 18:32:52.251452: | -> UNDEFINED EVENT_NULL
Aug 26 18:32:52.251455: | AGGR_R2: category: established IKE SA flags: 0:
Aug 26 18:32:52.251457: | -> UNDEFINED EVENT_NULL
Aug 26 18:32:52.251460: | QUICK_R0: category: established CHILD SA flags: 0:
Aug 26 18:32:52.251462: | -> QUICK_R1 EVENT_RETRANSMIT
Aug 26 18:32:52.251468: | QUICK_I1: category: established CHILD SA flags: 0:
Aug 26 18:32:52.251471: | -> QUICK_I2 EVENT_SA_REPLACE
Aug 26 18:32:52.251473: | QUICK_R1: category: established CHILD SA flags: 0:
Aug 26 18:32:52.251475: | -> QUICK_R2 EVENT_SA_REPLACE
Aug 26 18:32:52.251478: | QUICK_I2: category: established CHILD SA flags: 200:
Aug 26 18:32:52.251480: | -> UNDEFINED EVENT_NULL
Aug 26 18:32:52.251483: | QUICK_R2: category: established CHILD SA flags: 0:
Aug 26 18:32:52.251485: | -> UNDEFINED EVENT_NULL
Aug 26 18:32:52.251487: | INFO: category: informational flags: 0:
Aug 26 18:32:52.251489: | -> UNDEFINED EVENT_NULL
Aug 26 18:32:52.251492: | INFO_PROTECTED: category: informational flags: 0:
Aug 26 18:32:52.251494: | -> UNDEFINED EVENT_NULL
Aug 26 18:32:52.251496: | XAUTH_R0: category: established IKE SA flags: 0:
Aug 26 18:32:52.251498: | -> XAUTH_R1 EVENT_NULL
Aug 26 18:32:52.251501: | XAUTH_R1: category: established IKE SA flags: 0:
Aug 26 18:32:52.251503: | -> MAIN_R3 EVENT_SA_REPLACE
Aug 26 18:32:52.251506: | MODE_CFG_R0: category: informational flags: 0:
Aug 26 18:32:52.251508: | -> MODE_CFG_R1 EVENT_SA_REPLACE
Aug 26 18:32:52.251510: | MODE_CFG_R1: category: established IKE SA flags: 0:
Aug 26 18:32:52.251513: | -> MODE_CFG_R2 EVENT_SA_REPLACE
Aug 26 18:32:52.251515: | MODE_CFG_R2: category: established IKE SA flags: 0:
Aug 26 18:32:52.251517: | -> UNDEFINED EVENT_NULL
Aug 26 18:32:52.251520: | MODE_CFG_I1: category: established IKE SA flags: 0:
Aug 26 18:32:52.251522: | -> MAIN_I4 EVENT_SA_REPLACE
Aug 26 18:32:52.251524: | XAUTH_I0: category: established IKE SA flags: 0:
Aug 26 18:32:52.251527: | -> XAUTH_I1 EVENT_RETRANSMIT
Aug 26 18:32:52.251529: | XAUTH_I1: category: established IKE SA flags: 0:
Aug 26 18:32:52.251531: | -> MAIN_I4 EVENT_RETRANSMIT
Aug 26 18:32:52.251537: | checking IKEv2 state table
Aug 26 18:32:52.251544: | PARENT_I0: category: ignore flags: 0:
Aug 26 18:32:52.251547: | -> PARENT_I1 EVENT_RETRANSMIT send-request (initiate IKE_SA_INIT)
Aug 26 18:32:52.251550: | PARENT_I1: category: half-open IKE SA flags: 0:
Aug 26 18:32:52.251552: | -> PARENT_I1 EVENT_RETAIN send-request (Initiator: process SA_INIT reply notification)
Aug 26 18:32:52.251555: | -> PARENT_I2 EVENT_RETRANSMIT send-request (Initiator: process IKE_SA_INIT reply, initiate IKE_AUTH)
Aug 26 18:32:52.251558: | PARENT_I2: category: open IKE SA flags: 0:
Aug 26 18:32:52.251561: | -> PARENT_I2 EVENT_NULL (Initiator: process INVALID_SYNTAX AUTH notification)
Aug 26 18:32:52.251564: | -> PARENT_I2 EVENT_NULL (Initiator: process AUTHENTICATION_FAILED AUTH notification)
Aug 26 18:32:52.251567: | -> PARENT_I2 EVENT_NULL (Initiator: process UNSUPPORTED_CRITICAL_PAYLOAD AUTH notification)
Aug 26 18:32:52.251570: | -> V2_IPSEC_I EVENT_SA_REPLACE (Initiator: process IKE_AUTH response)
Aug 26 18:32:52.251573: | -> PARENT_I2 EVENT_NULL (IKE SA: process IKE_AUTH response containing unknown notification)
Aug 26 18:32:52.251576: | PARENT_I3: category: established IKE SA flags: 0:
Aug 26 18:32:52.251579: | -> PARENT_I3 EVENT_RETAIN (I3: Informational Request)
Aug 26 18:32:52.251581: | -> PARENT_I3 EVENT_RETAIN (I3: Informational Response)
Aug 26 18:32:52.251583: | -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Request)
Aug 26 18:32:52.251586: | -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Response)
Aug 26 18:32:52.251588: | PARENT_R0: category: half-open IKE SA flags: 0:
Aug 26 18:32:52.251591: | -> PARENT_R1 EVENT_SO_DISCARD send-request (Respond to IKE_SA_INIT)
Aug 26 18:32:52.251593: | PARENT_R1: category: half-open IKE SA flags: 0:
Aug 26 18:32:52.251596: | -> PARENT_R1 EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request (no SKEYSEED))
Aug 26 18:32:52.251598: | -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request)
Aug 26 18:32:52.251601: | PARENT_R2: category: established IKE SA flags: 0:
Aug 26 18:32:52.251603: | -> PARENT_R2 EVENT_RETAIN (R2: process Informational Request)
Aug 26 18:32:52.251608: | -> PARENT_R2 EVENT_RETAIN (R2: process Informational Response)
Aug 26 18:32:52.251612: | -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Request)
Aug 26 18:32:52.251614: | -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Response)
Aug 26 18:32:52.251617: | V2_CREATE_I0: category: established IKE SA flags: 0:
Aug 26 18:32:52.251619: | -> V2_CREATE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec SA)
Aug 26 18:32:52.251622: | V2_CREATE_I: category: established IKE SA flags: 0:
Aug 26 18:32:52.251624: | -> V2_IPSEC_I EVENT_SA_REPLACE (Process CREATE_CHILD_SA IPsec SA Response)
Aug 26 18:32:52.251627: | V2_REKEY_IKE_I0: category: established IKE SA flags: 0:
Aug 26 18:32:52.251629: | -> V2_REKEY_IKE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IKE Rekey)
Aug 26 18:32:52.251632: | V2_REKEY_IKE_I: category: established IKE SA flags: 0:
Aug 26 18:32:52.251635: | -> PARENT_I3 EVENT_SA_REPLACE (Process CREATE_CHILD_SA IKE Rekey Response)
Aug 26 18:32:52.251637: | V2_REKEY_CHILD_I0: category: established IKE SA flags: 0:
Aug 26 18:32:52.251640: | -> V2_REKEY_CHILD_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec Rekey SA)
Aug 26 18:32:52.251643: | V2_REKEY_CHILD_I: category: established IKE SA flags: 0: <none>
Aug 26 18:32:52.251645: | V2_CREATE_R: category: established IKE SA flags: 0:
Aug 26 18:32:52.251648: | -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IPsec SA Request)
Aug 26 18:32:52.251650: | V2_REKEY_IKE_R: category: established IKE SA flags: 0:
Aug 26 18:32:52.251653: | -> PARENT_R2 EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IKE Rekey)
Aug 26 18:32:52.251656: | V2_REKEY_CHILD_R: category: established IKE SA flags: 0: <none>
Aug 26 18:32:52.251658: | V2_IPSEC_I: category: established CHILD SA flags: 0: <none>
Aug 26 18:32:52.251661: | V2_IPSEC_R: category: established CHILD SA flags: 0: <none>
Aug 26 18:32:52.251664: | IKESA_DEL: category: established IKE SA flags: 0:
Aug 26 18:32:52.251666: | -> IKESA_DEL EVENT_RETAIN (IKE_SA_DEL: process INFORMATIONAL)
Aug 26 18:32:52.251668: | CHILDSA_DEL: category: informational flags: 0: <none>
Aug 26 18:32:52.251682: Using Linux XFRM/NETKEY IPsec interface code on 5.1.18-200.fc29.x86_64
Aug 26 18:32:52.251749: | Hard-wiring algorithms
Aug 26 18:32:52.251753: | adding AES_CCM_16 to kernel algorithm db
Aug 26 18:32:52.251757: | adding AES_CCM_12 to kernel algorithm db
Aug 26 18:32:52.251760: | adding AES_CCM_8 to kernel algorithm db
Aug 26 18:32:52.251762: | adding 3DES_CBC to kernel algorithm db
Aug 26 18:32:52.251765: | adding CAMELLIA_CBC to kernel algorithm db
Aug 26 18:32:52.251767: | adding AES_GCM_16 to kernel algorithm db
Aug 26 18:32:52.251769: | adding AES_GCM_12 to kernel algorithm db
Aug 26 18:32:52.251771: | adding AES_GCM_8 to kernel algorithm db
Aug 26 18:32:52.251774: | adding AES_CTR to kernel algorithm db
Aug 26 18:32:52.251776: | adding AES_CBC to kernel algorithm db
Aug 26 18:32:52.251778: | adding SERPENT_CBC to kernel algorithm db
Aug 26 18:32:52.251781: | adding TWOFISH_CBC to kernel algorithm db
Aug 26 18:32:52.251783: | adding NULL_AUTH_AES_GMAC to kernel algorithm db
Aug 26 18:32:52.251786: | adding NULL to kernel algorithm db
Aug 26 18:32:52.251789: | adding CHACHA20_POLY1305 to kernel algorithm db
Aug 26 18:32:52.251791: | adding HMAC_MD5_96 to kernel algorithm db
Aug 26 18:32:52.251793: | adding HMAC_SHA1_96 to kernel algorithm db
Aug 26 18:32:52.251796: | adding HMAC_SHA2_512_256 to kernel algorithm db
Aug 26 18:32:52.251798: | adding HMAC_SHA2_384_192 to kernel algorithm db
Aug 26 18:32:52.251801: | adding HMAC_SHA2_256_128 to kernel algorithm db
Aug 26 18:32:52.251803: | adding HMAC_SHA2_256_TRUNCBUG to kernel algorithm db
Aug 26 18:32:52.251805: | adding AES_XCBC_96 to kernel algorithm db
Aug 26 18:32:52.251807: | adding AES_CMAC_96 to kernel algorithm db
Aug 26 18:32:52.251810: | adding NONE to kernel algorithm db
Aug 26 18:32:52.251832: | net.ipv6.conf.all.disable_ipv6=1 ignore ipv6 holes
Aug 26 18:32:52.251840: | global periodic timer EVENT_SHUNT_SCAN enabled with interval of 20 seconds
Aug 26 18:32:52.251842: | setup kernel fd callback
Aug 26 18:32:52.251845: | add_fd_read_event_handler: new KERNEL_XRM_FD-pe@0x55c66d8ea3f8
Aug 26 18:32:52.251849: | libevent_malloc: new ptr-libevent@0x55c66d929368 size 128
Aug 26 18:32:52.251852: | libevent_malloc: new ptr-libevent@0x55c66d9304e8 size 16
Aug 26 18:32:52.251858: | add_fd_read_event_handler: new KERNEL_ROUTE_FD-pe@0x55c66d930478
Aug 26 18:32:52.251861: | libevent_malloc: new ptr-libevent@0x55c66d929418 size 128
Aug 26 18:32:52.251863: | libevent_malloc: new ptr-libevent@0x55c66d930148 size 16
Aug 26 18:32:52.252077: | global one-shot timer EVENT_CHECK_CRLS initialized
Aug 26 18:32:52.252086: selinux support is enabled.
Aug 26 18:32:52.252320: | unbound context created - setting debug level to 5
Aug 26 18:32:52.252362: | /etc/hosts lookups activated
Aug 26 18:32:52.252391: | /etc/resolv.conf usage activated
Aug 26 18:32:52.252455: | outgoing-port-avoid set 0-65535
Aug 26 18:32:52.252484: | outgoing-port-permit set 32768-60999
Aug 26 18:32:52.252488: | Loading dnssec root key from:/var/lib/unbound/root.key
Aug 26 18:32:52.252491: | No additional dnssec trust anchors defined via dnssec-trusted= option
Aug 26 18:32:52.252494: | Setting up events, loop start
Aug 26 18:32:52.252497: | add_fd_read_event_handler: new PLUTO_CTL_FD-pe@0x55c66d930918
Aug 26 18:32:52.252501: | libevent_malloc: new ptr-libevent@0x55c66d93c778 size 128
Aug 26 18:32:52.252504: | libevent_malloc: new ptr-libevent@0x55c66d947a68 size 16
Aug 26 18:32:52.252509: | libevent_realloc: new ptr-libevent@0x55c66d947aa8 size 256
Aug 26 18:32:52.252512: | libevent_malloc: new ptr-libevent@0x55c66d947bd8 size 8
Aug 26 18:32:52.252515: | libevent_realloc: new ptr-libevent@0x55c66d947c18 size 144
Aug 26 18:32:52.252518: | libevent_malloc: new ptr-libevent@0x55c66d8ee9c8 size 152
Aug 26 18:32:52.252521: | libevent_malloc: new ptr-libevent@0x55c66d947cd8 size 16
Aug 26 18:32:52.252525: | signal event handler PLUTO_SIGCHLD installed
Aug 26 18:32:52.252528: | libevent_malloc: new ptr-libevent@0x55c66d947d18 size 8
Aug 26 18:32:52.252530: | libevent_malloc: new ptr-libevent@0x55c66d864c58 size 152
Aug 26 18:32:52.252533: | signal event handler PLUTO_SIGTERM installed
Aug 26 18:32:52.252536: | libevent_malloc: new ptr-libevent@0x55c66d947d58 size 8
Aug 26 18:32:52.252540: | libevent_malloc: new ptr-libevent@0x55c66d868038 size 152
Aug 26 18:32:52.252543: | signal event handler PLUTO_SIGHUP installed
Aug 26 18:32:52.252545: | libevent_malloc: new ptr-libevent@0x55c66d947d98 size 8
Aug 26 18:32:52.252548: | libevent_realloc: release ptr-libevent@0x55c66d947c18
Aug 26 18:32:52.252550: | libevent_realloc: new ptr-libevent@0x55c66d947dd8 size 256
Aug 26 18:32:52.252553: | libevent_malloc: new ptr-libevent@0x55c66d947f08 size 152
Aug 26 18:32:52.252556: | signal event handler PLUTO_SIGSYS installed
Aug 26 18:32:52.252938: | created addconn helper (pid:18065) using fork+execve
Aug 26 18:32:52.252959: | forked child 18065
Aug 26 18:32:52.253006: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722)
Aug 26 18:32:52.253026: listening for IKE messages
Aug 26 18:32:52.253066: | Inspecting interface lo
Aug 26 18:32:52.253074: | found lo with address 127.0.0.1
Aug 26 18:32:52.253082: | Inspecting interface eth0
Aug 26 18:32:52.253088: | found eth0 with address 192.0.3.254
Aug 26 18:32:52.253093: | Inspecting interface eth1
Aug 26 18:32:52.253098: | found eth1 with address 192.1.3.33
Aug 26 18:32:52.253199: Kernel supports NIC esp-hw-offload
Aug 26 18:32:52.253213: adding interface eth1/eth1 (esp-hw-offload not supported by kernel) 192.1.3.33:500
Aug 26 18:32:52.253306: | NAT-Traversal: Trying sockopt style NAT-T
Aug 26 18:32:52.253317: | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4
Aug 26 18:32:52.253322: adding interface eth1/eth1 192.1.3.33:4500
Aug 26 18:32:52.253358: adding interface eth0/eth0 (esp-hw-offload not supported by kernel) 192.0.3.254:500
Aug 26 18:32:52.253381: | NAT-Traversal: Trying sockopt style NAT-T
Aug 26 18:32:52.253386: | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4
Aug 26 18:32:52.253390: adding interface eth0/eth0 192.0.3.254:4500
Aug 26 18:32:52.253417: adding interface lo/lo (esp-hw-offload not supported by kernel) 127.0.0.1:500
Aug 26 18:32:52.253441: | NAT-Traversal: Trying sockopt style NAT-T
Aug 26 18:32:52.253445: | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4
Aug 26 18:32:52.253450: adding interface lo/lo 127.0.0.1:4500
Aug 26 18:32:52.253517: | no interfaces to sort
Aug 26 18:32:52.253522: | FOR_EACH_UNORIENTED_CONNECTION_... in check_orientations
Aug 26 18:32:52.253532: | add_fd_read_event_handler: new ethX-pe@0x55c66d9484e8
Aug 26 18:32:52.253536: | libevent_malloc: new ptr-libevent@0x55c66d93c6c8 size 128
Aug 26 18:32:52.253539: | libevent_malloc: new ptr-libevent@0x55c66d948558 size 16
Aug 26 18:32:52.253545: | setup callback for interface lo 127.0.0.1:4500 fd 22
Aug 26 18:32:52.253549: | add_fd_read_event_handler: new ethX-pe@0x55c66d948598
Aug 26 18:32:52.253553: | libevent_malloc: new ptr-libevent@0x55c66d8e2f08 size 128
Aug 26 18:32:52.253556: | libevent_malloc: new ptr-libevent@0x55c66d948608 size 16
Aug 26 18:32:52.253562: | setup callback for interface lo 127.0.0.1:500 fd 21
Aug 26 18:32:52.253565: | add_fd_read_event_handler: new ethX-pe@0x55c66d948648
Aug 26 18:32:52.253570: | libevent_malloc: new ptr-libevent@0x55c66d8e2fb8 size 128
Aug 26 18:32:52.253573: | libevent_malloc: new ptr-libevent@0x55c66d9486b8 size 16
Aug 26 18:32:52.253578: | setup callback for interface eth0 192.0.3.254:4500 fd 20
Aug 26 18:32:52.253581: | add_fd_read_event_handler: new ethX-pe@0x55c66d9486f8
Aug 26 18:32:52.253585: | libevent_malloc: new ptr-libevent@0x55c66d8e1f28 size 128
Aug 26 18:32:52.253588: | libevent_malloc: new ptr-libevent@0x55c66d948768 size 16
Aug 26 18:32:52.253593: | setup callback for interface eth0 192.0.3.254:500 fd 19
Aug 26 18:32:52.253597: | add_fd_read_event_handler: new ethX-pe@0x55c66d9487a8
Aug 26 18:32:52.253600: | libevent_malloc: new ptr-libevent@0x55c66d8ea238 size 128
Aug 26 18:32:52.253604: | libevent_malloc: new ptr-libevent@0x55c66d948818 size 16
Aug 26 18:32:52.253609: | setup callback for interface eth1 192.1.3.33:4500 fd 18
Aug 26 18:32:52.253612: | add_fd_read_event_handler: new ethX-pe@0x55c66d948858
Aug 26 18:32:52.253615: | libevent_malloc: new ptr-libevent@0x55c66d8ead58 size 128
Aug 26 18:32:52.253618: | libevent_malloc: new ptr-libevent@0x55c66d9488c8 size 16
Aug 26 18:32:52.253623: | setup callback for interface eth1 192.1.3.33:500 fd 17
Aug 26 18:32:52.253628: | certs and keys locked by 'free_preshared_secrets'
Aug 26 18:32:52.253631: | certs and keys unlocked by 'free_preshared_secrets'
Aug 26 18:32:52.253651: loading secrets from "/etc/ipsec.secrets"
Aug 26 18:32:52.253668: | saving Modulus
Aug 26 18:32:52.253672: | saving PublicExponent
Aug 26 18:32:52.253676: | ignoring PrivateExponent
Aug 26 18:32:52.253680: | ignoring Prime1
Aug 26 18:32:52.253684: | ignoring Prime2
Aug 26 18:32:52.253687: | ignoring Exponent1
Aug 26 18:32:52.253691: | ignoring Exponent2
Aug 26 18:32:52.253694: | ignoring Coefficient
Aug 26 18:32:52.253698: | ignoring CKAIDNSS
Aug 26 18:32:52.253733: | computed rsa CKAID 90 5d fc a1 08 68 74 7c 6f 20 d3 1b 2d 20 4b 8f
Aug 26 18:32:52.253737: | computed rsa CKAID 88 aa 7c 5d
Aug 26 18:32:52.253741: loaded private key for keyid: PKK_RSA:AQPl33O2P
Aug 26 18:32:52.253748: | certs and keys locked by 'process_secret'
Aug 26 18:32:52.253752: | certs and keys unlocked by 'process_secret'
Aug 26 18:32:52.253762: | close_any(fd@16) (in whack_process() at rcv_whack.c:700)
Aug 26 18:32:52.253770: | spent 0.76 milliseconds in whack
Aug 26 18:32:52.276617: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722)
Aug 26 18:32:52.276640: listening for IKE messages
Aug 26 18:32:52.276711: | Inspecting interface lo
Aug 26 18:32:52.276717: | found lo with address 127.0.0.1
Aug 26 18:32:52.276719: | Inspecting interface eth0
Aug 26 18:32:52.276722: | found eth0 with address 192.0.3.254
Aug 26 18:32:52.276724: | Inspecting interface eth1
Aug 26 18:32:52.276726: | found eth1 with address 192.1.3.33
Aug 26 18:32:52.276777: | no interfaces to sort
Aug 26 18:32:52.276784: | libevent_free: release ptr-libevent@0x55c66d93c6c8
Aug 26 18:32:52.276786: | free_event_entry: release EVENT_NULL-pe@0x55c66d9484e8
Aug 26 18:32:52.276788: | add_fd_read_event_handler: new ethX-pe@0x55c66d9484e8
Aug 26 18:32:52.276791: | libevent_malloc: new ptr-libevent@0x55c66d93c6c8 size 128
Aug 26 18:32:52.276796: | setup callback for interface lo 127.0.0.1:4500 fd 22
Aug 26 18:32:52.276799: | libevent_free: release ptr-libevent@0x55c66d8e2f08
Aug 26 18:32:52.276800: | free_event_entry: release EVENT_NULL-pe@0x55c66d948598
Aug 26 18:32:52.276802: | add_fd_read_event_handler: new ethX-pe@0x55c66d948598
Aug 26 18:32:52.276804: | libevent_malloc: new ptr-libevent@0x55c66d8e2f08 size 128
Aug 26 18:32:52.276807: | setup callback for interface lo 127.0.0.1:500 fd 21
Aug 26 18:32:52.276810: | libevent_free: release ptr-libevent@0x55c66d8e2fb8
Aug 26 18:32:52.276811: | free_event_entry: release EVENT_NULL-pe@0x55c66d948648
Aug 26 18:32:52.276813: | add_fd_read_event_handler: new ethX-pe@0x55c66d948648
Aug 26 18:32:52.276815: | libevent_malloc: new ptr-libevent@0x55c66d8e2fb8 size 128
Aug 26 18:32:52.276818: | setup callback for interface eth0 192.0.3.254:4500 fd 20
Aug 26 18:32:52.276820: | libevent_free: release ptr-libevent@0x55c66d8e1f28
Aug 26 18:32:52.276822: | free_event_entry: release EVENT_NULL-pe@0x55c66d9486f8
Aug 26 18:32:52.276824: | add_fd_read_event_handler: new ethX-pe@0x55c66d9486f8
Aug 26 18:32:52.276826: | libevent_malloc: new ptr-libevent@0x55c66d8e1f28 size 128
Aug 26 18:32:52.276829: | setup callback for interface eth0 192.0.3.254:500 fd 19
Aug 26 18:32:52.276831: | libevent_free: release ptr-libevent@0x55c66d8ea238
Aug 26 18:32:52.276833: | free_event_entry: release EVENT_NULL-pe@0x55c66d9487a8
Aug 26 18:32:52.276834: | add_fd_read_event_handler: new ethX-pe@0x55c66d9487a8
Aug 26 18:32:52.276836: | libevent_malloc: new ptr-libevent@0x55c66d8ea238 size 128
Aug 26 18:32:52.276839: | setup callback for interface eth1 192.1.3.33:4500 fd 18
Aug 26 18:32:52.276842: | libevent_free: release ptr-libevent@0x55c66d8ead58
Aug 26 18:32:52.276843: | free_event_entry: release EVENT_NULL-pe@0x55c66d948858
Aug 26 18:32:52.276845: | add_fd_read_event_handler: new ethX-pe@0x55c66d948858
Aug 26 18:32:52.276847: | libevent_malloc: new ptr-libevent@0x55c66d8ead58 size 128
Aug 26 18:32:52.276850: | setup callback for interface eth1 192.1.3.33:500 fd 17
Aug 26 18:32:52.276852: | certs and keys locked by 'free_preshared_secrets'
Aug 26 18:32:52.276854: forgetting secrets
Aug 26 18:32:52.276862: | certs and keys unlocked by 'free_preshared_secrets'
Aug 26 18:32:52.276872: loading secrets from "/etc/ipsec.secrets"
Aug 26 18:32:52.276883: | saving Modulus
Aug 26 18:32:52.276885: | saving PublicExponent
Aug 26 18:32:52.276887: | ignoring PrivateExponent
Aug 26 18:32:52.276889: | ignoring Prime1
Aug 26 18:32:52.276891: | ignoring Prime2
Aug 26 18:32:52.276893: | ignoring Exponent1
Aug 26 18:32:52.276895: | ignoring Exponent2
Aug 26 18:32:52.276897: | ignoring Coefficient
Aug 26 18:32:52.276899: | ignoring CKAIDNSS
Aug 26 18:32:52.276917: | computed rsa CKAID 90 5d fc a1 08 68 74 7c 6f 20 d3 1b 2d 20 4b 8f
Aug 26 18:32:52.276919: | computed rsa CKAID 88 aa 7c 5d
Aug 26 18:32:52.276922: loaded private key for keyid: PKK_RSA:AQPl33O2P
Aug 26 18:32:52.276926: | certs and keys locked by 'process_secret'
Aug 26 18:32:52.276928: | certs and keys unlocked by 'process_secret'
Aug 26 18:32:52.276935: | close_any(fd@16) (in whack_process() at rcv_whack.c:700)
Aug 26 18:32:52.276940: | spent 0.343 milliseconds in whack
Aug 26 18:32:52.277427: | processing signal PLUTO_SIGCHLD
Aug 26 18:32:52.277441: | waitpid returned pid 18065 (exited with status 0)
Aug 26 18:32:52.277447: | reaped addconn helper child (status 0)
Aug 26 18:32:52.277451: | waitpid returned ECHILD (no child processes left)
Aug 26 18:32:52.277454: | spent 0.0164 milliseconds in signal handler PLUTO_SIGCHLD
Aug 26 18:32:52.334896: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722)
Aug 26 18:32:52.334919: | FOR_EACH_CONNECTION_... in conn_by_name
Aug 26 18:32:52.334922: | FOR_EACH_CONNECTION_... in foreach_connection_by_alias
Aug 26 18:32:52.334924: | FOR_EACH_CONNECTION_... in conn_by_name
Aug 26 18:32:52.334925: | FOR_EACH_CONNECTION_... in foreach_connection_by_alias
Aug 26 18:32:52.334928: | FOR_EACH_CONNECTION_... in conn_by_name
Aug 26 18:32:52.334934: | Added new connection north-a-dpd with policy ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO
Aug 26 18:32:52.334936: | No AUTH policy was set - defaulting to RSASIG
Aug 26 18:32:52.335404: | setting ID to ID_DER_ASN1_DN: 'E=user-north@testing.libreswan.org,CN=north.testing.libreswan.org,OU=Test Department,O=Libreswan,L=Toronto,ST=Ontario,C=CA'
Aug 26 18:32:52.335418: | loading left certificate 'north' pubkey
Aug 26 18:32:52.335489: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c66d94a998
Aug 26 18:32:52.335493: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c66d94a948
Aug 26 18:32:52.335495: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c66d94a8f8
Aug 26 18:32:52.335585: | unreference key: 0x55c66d94a9e8 C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org cnt 1--
Aug 26 18:32:52.335717: | certs and keys locked by 'lsw_add_rsa_secret'
Aug 26 18:32:52.335721: | certs and keys unlocked by 'lsw_add_rsa_secret'
Aug 26 18:32:52.335727: | counting wild cards for C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org is 0
Aug 26 18:32:52.336149: | setting ID to ID_DER_ASN1_DN: 'E=user-east@testing.libreswan.org,CN=east.testing.libreswan.org,OU=Test Department,O=Libreswan,L=Toronto,ST=Ontario,C=CA'
Aug 26 18:32:52.336155: | loading right certificate 'east' pubkey
Aug 26 18:32:52.336212: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c66d94ec98
Aug 26 18:32:52.336217: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c66d94ec48
Aug 26 18:32:52.336218: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c66d94e008
Aug 26 18:32:52.336220: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c66d94db38
Aug 26 18:32:52.336221: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c66d94a648
Aug 26 18:32:52.336401: | unreference key: 0x55c66d953828 C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org cnt 1--
Aug 26 18:32:52.336480: | warning: no secret key loaded for right certificate with nickname east: NSS: cert private key not found
Aug 26 18:32:52.336487: | counting wild cards for C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org is 0
Aug 26 18:32:52.336495: | connect_to_host_pair: 192.1.3.33:500 192.1.2.23:500 -> hp@(nil): none
Aug 26 18:32:52.336497: | new hp@0x55c66d953128
Aug 26 18:32:52.336500: added connection description "north-a-dpd"
Aug 26 18:32:52.336510: | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: RSASIG+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO
Aug 26 18:32:52.336542: | 192.0.3.0/24===192.1.3.33<192.1.3.33>[C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org]---192.1.3.254...192.1.2.23<192.1.2.23>[C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org]===192.0.22.0/24
Aug 26 18:32:52.336551: | close_any(fd@16) (in whack_process() at rcv_whack.c:700)
Aug 26 18:32:52.336577: | spent 1.62 milliseconds in whack
Aug 26 18:32:52.417752: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722)
Aug 26 18:32:52.417775: | FOR_EACH_CONNECTION_... in conn_by_name
Aug 26 18:32:52.417780: | FOR_EACH_CONNECTION_... in foreach_connection_by_alias
Aug 26 18:32:52.417782: | FOR_EACH_CONNECTION_... in conn_by_name
Aug 26 18:32:52.417785: | FOR_EACH_CONNECTION_... in foreach_connection_by_alias
Aug 26 18:32:52.417790: | FOR_EACH_CONNECTION_... in conn_by_name
Aug 26 18:32:52.417797: | Added new connection northnet-eastnet-b with policy ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO
Aug 26 18:32:52.417801: | No AUTH policy was set - defaulting to RSASIG
Aug 26 18:32:52.417934: | setting ID to ID_DER_ASN1_DN: 'E=user-north@testing.libreswan.org,CN=north.testing.libreswan.org,OU=Test Department,O=Libreswan,L=Toronto,ST=Ontario,C=CA'
Aug 26 18:32:52.417943: | loading left certificate 'north' pubkey
Aug 26 18:32:52.418011: | unreference key: 0x55c66d94ef88 C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org cnt 1--
Aug 26 18:32:52.418028: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c66d952708
Aug 26 18:32:52.418033: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c66d94a648
Aug 26 18:32:52.418036: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c66d952678
Aug 26 18:32:52.418090: | unreference key: 0x55c66d94de38 @north.testing.libreswan.org cnt 1--
Aug 26 18:32:52.418142: | unreference key: 0x55c66d94e058 user-north@testing.libreswan.org cnt 1--
Aug 26 18:32:52.418197: | unreference key: 0x55c66d955458 C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org cnt 1--
Aug 26 18:32:52.418246: | secrets entry for north already exists
Aug 26 18:32:52.418256: | counting wild cards for C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org is 0
Aug 26 18:32:52.418351: | setting ID to ID_DER_ASN1_DN: 'E=user-east@testing.libreswan.org,CN=east.testing.libreswan.org,OU=Test Department,O=Libreswan,L=Toronto,ST=Ontario,C=CA'
Aug 26 18:32:52.418363: | loading right certificate 'east' pubkey
Aug 26 18:32:52.418420: | unreference key: 0x55c66d954b18 C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org cnt 1--
Aug 26 18:32:52.418435: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c66d952678
Aug 26 18:32:52.418440: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c66d953208
Aug 26 18:32:52.418443: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c66d9555f8
Aug 26 18:32:52.418446: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c66d9535b8
Aug 26 18:32:52.418449: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c66d952d18
Aug 26 18:32:52.418502: | unreference key: 0x55c66d953608 192.1.2.23 cnt 1--
Aug 26 18:32:52.418556: | unreference key: 0x55c66d952928 east@testing.libreswan.org cnt 1--
Aug 26 18:32:52.418610: | unreference key: 0x55c66d9543b8 @east.testing.libreswan.org cnt 1--
Aug 26 18:32:52.418662: | unreference key: 0x55c66d954908 user-east@testing.libreswan.org cnt 1--
Aug 26 18:32:52.418716: | unreference key: 0x55c66d9533d8 C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org cnt 1--
Aug 26 18:32:52.418841: | warning: no secret key loaded for right certificate with nickname east: NSS: cert private key not found
Aug 26 18:32:52.418852: | counting wild cards for C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org is 0
Aug 26 18:32:52.418862: | find_host_pair: comparing 192.1.3.33:500 to 192.1.2.23:500 but ignoring ports
Aug 26 18:32:52.418867: | connect_to_host_pair: 192.1.3.33:500 192.1.2.23:500 -> hp@0x55c66d953128: north-a-dpd
Aug 26 18:32:52.418870: added connection description "northnet-eastnet-b"
Aug 26 18:32:52.418891: | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: RSASIG+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO
Aug 26 18:32:52.418910: | 192.0.3.0/24===192.1.3.33<192.1.3.33>[C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org]---192.1.3.254...192.1.2.23<192.1.2.23>[C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org]===192.0.2.0/24
Aug 26 18:32:52.418920: | close_any(fd@16) (in whack_process() at rcv_whack.c:700)
Aug 26 18:32:52.418927: | spent 1.18 milliseconds in whack
Aug 26 18:32:52.533663: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722)
Aug 26 18:32:52.533683: | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590)
Aug 26 18:32:52.533686: | FOR_EACH_CONNECTION_... in conn_by_name
Aug 26 18:32:52.533689: initiating all conns with alias='north-b'
Aug 26 18:32:52.533693: | FOR_EACH_CONNECTION_... in foreach_connection_by_alias
Aug 26 18:32:52.533698: | close_any(fd@23) (in initiate_connection() at initiate.c:384)
Aug 26 18:32:52.533703: | close_any(fd@16) (in whack_process() at rcv_whack.c:700)
Aug 26 18:32:52.533708: | spent 0.0528 milliseconds in whack
Aug 26 18:32:52.594059: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722)
Aug 26 18:32:52.594080: | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590)
Aug 26 18:32:52.594083: | FOR_EACH_CONNECTION_... in conn_by_name
Aug 26 18:32:52.594087: | start processing: connection "north-a-dpd" (in initiate_a_connection() at initiate.c:186)
Aug 26 18:32:52.594090: | empty esp_info, returning defaults for ENCRYPT
Aug 26 18:32:52.594095: | connection 'north-a-dpd' +POLICY_UP
Aug 26 18:32:52.594097: | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342)
Aug 26 18:32:52.594099: | FOR_EACH_STATE_... in find_phase1_state
Aug 26 18:32:52.594118: | creating state object #1 at 0x55c66d956938
Aug 26 18:32:52.594120: | State DB: adding IKEv1 state #1 in UNDEFINED
Aug 26 18:32:52.594126: | pstats #1 ikev1.isakmp started
Aug 26 18:32:52.594131: | suspend processing: connection "north-a-dpd" (in main_outI1() at ikev1_main.c:118)
Aug 26 18:32:52.594135: | start processing: state #1 connection "north-a-dpd" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118)
Aug 26 18:32:52.594138: | parent state #1: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA)
Aug 26 18:32:52.594140: | dup_any(fd@24) -> fd@25 (in main_outI1() at ikev1_main.c:123)
Aug 26 18:32:52.594143: | Queuing pending IPsec SA negotiating with 192.1.2.23 "north-a-dpd" IKE SA #1 "north-a-dpd"
Aug 26 18:32:52.594146: "north-a-dpd" #1: initiating Main Mode
Aug 26 18:32:52.594173: | **emit ISAKMP Message:
Aug 26 18:32:52.594175: | initiator cookie:
Aug 26 18:32:52.594177: | 35 80 c1 69 e2 a9 e2 31
Aug 26 18:32:52.594179: | responder cookie:
Aug 26 18:32:52.594180: | 00 00 00 00 00 00 00 00
Aug 26 18:32:52.594182: | next payload type: ISAKMP_NEXT_SA (0x1)
Aug 26 18:32:52.594184: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:32:52.594186: | exchange type: ISAKMP_XCHG_IDPROT (0x2)
Aug 26 18:32:52.594188: | flags: none (0x0)
Aug 26 18:32:52.594189: | Message ID: 0 (0x0)
Aug 26 18:32:52.594191: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Aug 26 18:32:52.594193: | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA
Aug 26 18:32:52.594196: | no specific IKE algorithms specified - using defaults
Aug 26 18:32:52.594212: | oakley_alg_makedb() processing ealg=aes=7 halg=sha2_256=4 modp=MODP2048=14 eklen=0
Aug 26 18:32:52.594218: | oakley_alg_makedb() processing ealg=aes=7 halg=sha2_512=6 modp=MODP2048=14 eklen=0
Aug 26 18:32:52.594221: | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=0
Aug 26 18:32:52.594228: | oakley_alg_makedb() processing ealg=aes=7 halg=sha2_256=4 modp=MODP1536=5 eklen=0
Aug 26 18:32:52.594232: | oakley_alg_makedb() processing ealg=aes=7 halg=sha2_512=6 modp=MODP1536=5 eklen=0
Aug 26 18:32:52.594236: | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP1536=5 eklen=0
Aug 26 18:32:52.594240: | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_256=4 modp=MODP2048=14 eklen=0
Aug 26 18:32:52.594244: | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_512=6 modp=MODP2048=14 eklen=0
Aug 26 18:32:52.594247: | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP2048=14 eklen=0
Aug 26 18:32:52.594251: | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_256=4 modp=MODP1536=5 eklen=0
Aug 26 18:32:52.594254: | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_512=6 modp=MODP1536=5 eklen=0
Aug 26 18:32:52.594258: | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP1536=5 eklen=0
Aug 26 18:32:52.594263: | oakley_alg_makedb() returning 0x55c66d958c48
Aug 26 18:32:52.594267: | ***emit ISAKMP Security Association Payload:
Aug 26 18:32:52.594269: | next payload type: ISAKMP_NEXT_VID (0xd)
Aug 26 18:32:52.594271: | DOI: ISAKMP_DOI_IPSEC (0x1)
Aug 26 18:32:52.594273: | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
Aug 26 18:32:52.594276: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA)
Aug 26 18:32:52.594278: | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet'
Aug 26 18:32:52.594280: | ****emit IPsec DOI SIT:
Aug 26 18:32:52.594282: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
Aug 26 18:32:52.594284: | ikev1_out_sa pcn: 0 has 1 valid proposals
Aug 26 18:32:52.594286: | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 18
Aug 26 18:32:52.594292: | ****emit ISAKMP Proposal Payload:
Aug 26 18:32:52.594296: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:52.594298: | proposal number: 0 (0x0)
Aug 26 18:32:52.594300: | protocol ID: PROTO_ISAKMP (0x1)
Aug 26 18:32:52.594301: | SPI size: 0 (0x0)
Aug 26 18:32:52.594303: | number of transforms: 18 (0x12)
Aug 26 18:32:52.594305: | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type'
Aug 26 18:32:52.594307: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:32:52.594309: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594310: | ISAKMP transform number: 0 (0x0)
Aug 26 18:32:52.594312: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:32:52.594314: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:32:52.594316: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594318: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:32:52.594320: | length/value: 1 (0x1)
Aug 26 18:32:52.594322: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:32:52.594323: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594325: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:32:52.594327: | length/value: 3600 (0xe10)
Aug 26 18:32:52.594328: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594330: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:32:52.594332: | length/value: 7 (0x7)
Aug 26 18:32:52.594333: | [7 is OAKLEY_AES_CBC]
Aug 26 18:32:52.594335: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594337: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:32:52.594338: | length/value: 4 (0x4)
Aug 26 18:32:52.594340: | [4 is OAKLEY_SHA2_256]
Aug 26 18:32:52.594341: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594343: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:32:52.594344: | length/value: 3 (0x3)
Aug 26 18:32:52.594346: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:32:52.594349: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594351: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:32:52.594353: | length/value: 14 (0xe)
Aug 26 18:32:52.594354: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:32:52.594356: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594358: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:32:52.594359: | length/value: 256 (0x100)
Aug 26 18:32:52.594361: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:32:52.594363: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:32:52.594364: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594366: | ISAKMP transform number: 1 (0x1)
Aug 26 18:32:52.594367: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:32:52.594369: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594371: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:32:52.594373: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594374: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:32:52.594376: | length/value: 1 (0x1)
Aug 26 18:32:52.594378: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:32:52.594379: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594381: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:32:52.594382: | length/value: 3600 (0xe10)
Aug 26 18:32:52.594384: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594385: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:32:52.594387: | length/value: 7 (0x7)
Aug 26 18:32:52.594388: | [7 is OAKLEY_AES_CBC]
Aug 26 18:32:52.594390: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594392: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:32:52.594393: | length/value: 4 (0x4)
Aug 26 18:32:52.594395: | [4 is OAKLEY_SHA2_256]
Aug 26 18:32:52.594396: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594398: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:32:52.594399: | length/value: 3 (0x3)
Aug 26 18:32:52.594401: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:32:52.594402: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594404: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:32:52.594406: | length/value: 14 (0xe)
Aug 26 18:32:52.594407: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:32:52.594409: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594410: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:32:52.594412: | length/value: 128 (0x80)
Aug 26 18:32:52.594413: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:32:52.594415: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:32:52.594417: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594418: | ISAKMP transform number: 2 (0x2)
Aug 26 18:32:52.594420: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:32:52.594422: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594423: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:32:52.594425: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594427: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:32:52.594428: | length/value: 1 (0x1)
Aug 26 18:32:52.594430: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:32:52.594431: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594433: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:32:52.594434: | length/value: 3600 (0xe10)
Aug 26 18:32:52.594436: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594438: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:32:52.594439: | length/value: 7 (0x7)
Aug 26 18:32:52.594441: | [7 is OAKLEY_AES_CBC]
Aug 26 18:32:52.594442: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594445: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:32:52.594447: | length/value: 6 (0x6)
Aug 26 18:32:52.594448: | [6 is OAKLEY_SHA2_512]
Aug 26 18:32:52.594450: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594451: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:32:52.594453: | length/value: 3 (0x3)
Aug 26 18:32:52.594454: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:32:52.594456: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594457: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:32:52.594459: | length/value: 14 (0xe)
Aug 26 18:32:52.594460: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:32:52.594462: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594464: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:32:52.594465: | length/value: 256 (0x100)
Aug 26 18:32:52.594467: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:32:52.594468: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:32:52.594470: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594471: | ISAKMP transform number: 3 (0x3)
Aug 26 18:32:52.594473: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:32:52.594475: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594477: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:32:52.594478: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594480: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:32:52.594481: | length/value: 1 (0x1)
Aug 26 18:32:52.594483: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:32:52.594484: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594486: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:32:52.594488: | length/value: 3600 (0xe10)
Aug 26 18:32:52.594489: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594491: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:32:52.594492: | length/value: 7 (0x7)
Aug 26 18:32:52.594494: | [7 is OAKLEY_AES_CBC]
Aug 26 18:32:52.594495: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594497: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:32:52.594498: | length/value: 6 (0x6)
Aug 26 18:32:52.594500: | [6 is OAKLEY_SHA2_512]
Aug 26 18:32:52.594501: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594503: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:32:52.594505: | length/value: 3 (0x3)
Aug 26 18:32:52.594506: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:32:52.594508: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594509: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:32:52.594511: | length/value: 14 (0xe)
Aug 26 18:32:52.594512: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:32:52.594514: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594515: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:32:52.594517: | length/value: 128 (0x80)
Aug 26 18:32:52.594518: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:32:52.594520: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:32:52.594522: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594523: | ISAKMP transform number: 4 (0x4)
Aug 26 18:32:52.594525: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:32:52.594527: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594528: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:32:52.594530: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594532: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:32:52.594533: | length/value: 1 (0x1)
Aug 26 18:32:52.594535: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:32:52.594536: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594538: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:32:52.594540: | length/value: 3600 (0xe10)
Aug 26 18:32:52.594542: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594544: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:32:52.594545: | length/value: 7 (0x7)
Aug 26 18:32:52.594547: | [7 is OAKLEY_AES_CBC]
Aug 26 18:32:52.594548: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594550: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:32:52.594551: | length/value: 2 (0x2)
Aug 26 18:32:52.594553: | [2 is OAKLEY_SHA1]
Aug 26 18:32:52.594554: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594556: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:32:52.594557: | length/value: 3 (0x3)
Aug 26 18:32:52.594559: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:32:52.594560: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594562: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:32:52.594564: | length/value: 14 (0xe)
Aug 26 18:32:52.594565: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:32:52.594567: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594568: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:32:52.594570: | length/value: 256 (0x100)
Aug 26 18:32:52.594571: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:32:52.594573: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:32:52.594574: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594576: | ISAKMP transform number: 5 (0x5)
Aug 26 18:32:52.594578: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:32:52.594579: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594581: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:32:52.594583: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594584: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:32:52.594586: | length/value: 1 (0x1)
Aug 26 18:32:52.594587: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:32:52.594589: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594591: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:32:52.594592: | length/value: 3600 (0xe10)
Aug 26 18:32:52.594594: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594595: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:32:52.594597: | length/value: 7 (0x7)
Aug 26 18:32:52.594598: | [7 is OAKLEY_AES_CBC]
Aug 26 18:32:52.594600: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594601: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:32:52.594603: | length/value: 2 (0x2)
Aug 26 18:32:52.594604: | [2 is OAKLEY_SHA1]
Aug 26 18:32:52.594606: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594608: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:32:52.594609: | length/value: 3 (0x3)
Aug 26 18:32:52.594611: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:32:52.594612: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594614: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:32:52.594615: | length/value: 14 (0xe)
Aug 26 18:32:52.594617: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:32:52.594618: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594620: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:32:52.594621: | length/value: 128 (0x80)
Aug 26 18:32:52.594623: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:32:52.594625: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:32:52.594626: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594628: | ISAKMP transform number: 6 (0x6)
Aug 26 18:32:52.594629: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:32:52.594631: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594633: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:32:52.594637: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594639: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:32:52.594640: | length/value: 1 (0x1)
Aug 26 18:32:52.594642: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:32:52.594643: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594645: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:32:52.594646: | length/value: 3600 (0xe10)
Aug 26 18:32:52.594648: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594650: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:32:52.594651: | length/value: 7 (0x7)
Aug 26 18:32:52.594653: | [7 is OAKLEY_AES_CBC]
Aug 26 18:32:52.594654: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594656: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:32:52.594657: | length/value: 4 (0x4)
Aug 26 18:32:52.594659: | [4 is OAKLEY_SHA2_256]
Aug 26 18:32:52.594660: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594662: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:32:52.594663: | length/value: 3 (0x3)
Aug 26 18:32:52.594665: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:32:52.594666: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594668: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:32:52.594669: | length/value: 5 (0x5)
Aug 26 18:32:52.594671: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:32:52.594672: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594674: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:32:52.594676: | length/value: 256 (0x100)
Aug 26 18:32:52.594677: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:32:52.594679: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:32:52.594680: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594682: | ISAKMP transform number: 7 (0x7)
Aug 26 18:32:52.594684: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:32:52.594685: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594687: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:32:52.594689: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594690: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:32:52.594692: | length/value: 1 (0x1)
Aug 26 18:32:52.594693: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:32:52.594695: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594697: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:32:52.594698: | length/value: 3600 (0xe10)
Aug 26 18:32:52.594700: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594701: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:32:52.594703: | length/value: 7 (0x7)
Aug 26 18:32:52.594704: | [7 is OAKLEY_AES_CBC]
Aug 26 18:32:52.594706: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594707: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:32:52.594709: | length/value: 4 (0x4)
Aug 26 18:32:52.594710: | [4 is OAKLEY_SHA2_256]
Aug 26 18:32:52.594712: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594713: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:32:52.594715: | length/value: 3 (0x3)
Aug 26 18:32:52.594717: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:32:52.594718: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594720: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:32:52.594721: | length/value: 5 (0x5)
Aug 26 18:32:52.594723: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:32:52.594724: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594726: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:32:52.594727: | length/value: 128 (0x80)
Aug 26 18:32:52.594729: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:32:52.594730: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:32:52.594732: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594734: | ISAKMP transform number: 8 (0x8)
Aug 26 18:32:52.594736: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:32:52.594738: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594740: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:32:52.594741: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594743: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:32:52.594745: | length/value: 1 (0x1)
Aug 26 18:32:52.594746: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:32:52.594748: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594749: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:32:52.594751: | length/value: 3600 (0xe10)
Aug 26 18:32:52.594752: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594754: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:32:52.594755: | length/value: 7 (0x7)
Aug 26 18:32:52.594757: | [7 is OAKLEY_AES_CBC]
Aug 26 18:32:52.594758: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594760: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:32:52.594762: | length/value: 6 (0x6)
Aug 26 18:32:52.594763: | [6 is OAKLEY_SHA2_512]
Aug 26 18:32:52.594765: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594766: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:32:52.594768: | length/value: 3 (0x3)
Aug 26 18:32:52.594769: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:32:52.594771: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594772: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:32:52.594774: | length/value: 5 (0x5)
Aug 26 18:32:52.594775: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:32:52.594777: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594778: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:32:52.594780: | length/value: 256 (0x100)
Aug 26 18:32:52.594782: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:32:52.594783: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:32:52.594785: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594786: | ISAKMP transform number: 9 (0x9)
Aug 26 18:32:52.594788: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:32:52.594790: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594791: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:32:52.594793: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594795: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:32:52.594796: | length/value: 1 (0x1)
Aug 26 18:32:52.594798: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:32:52.594799: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594801: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:32:52.594802: | length/value: 3600 (0xe10)
Aug 26 18:32:52.594804: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594806: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:32:52.594807: | length/value: 7 (0x7)
Aug 26 18:32:52.594809: | [7 is OAKLEY_AES_CBC]
Aug 26 18:32:52.594810: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594812: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:32:52.594813: | length/value: 6 (0x6)
Aug 26 18:32:52.594815: | [6 is OAKLEY_SHA2_512]
Aug 26 18:32:52.594816: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594818: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:32:52.594819: | length/value: 3 (0x3)
Aug 26 18:32:52.594821: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:32:52.594822: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594824: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:32:52.594825: | length/value: 5 (0x5)
Aug 26 18:32:52.594828: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:32:52.594829: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594831: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:32:52.594833: | length/value: 128 (0x80)
Aug 26 18:32:52.594834: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:32:52.594836: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:32:52.594837: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594839: | ISAKMP transform number: 10 (0xa)
Aug 26 18:32:52.594840: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:32:52.594842: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594844: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:32:52.594846: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594847: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:32:52.594849: | length/value: 1 (0x1)
Aug 26 18:32:52.594850: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:32:52.594852: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594854: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:32:52.594855: | length/value: 3600 (0xe10)
Aug 26 18:32:52.594857: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594858: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:32:52.594860: | length/value: 7 (0x7)
Aug 26 18:32:52.594861: | [7 is OAKLEY_AES_CBC]
Aug 26 18:32:52.594863: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594864: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:32:52.594866: | length/value: 2 (0x2)
Aug 26 18:32:52.594867: | [2 is OAKLEY_SHA1]
Aug 26 18:32:52.594869: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594871: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:32:52.594872: | length/value: 3 (0x3)
Aug 26 18:32:52.594874: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:32:52.594875: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594877: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:32:52.594878: | length/value: 5 (0x5)
Aug 26 18:32:52.594880: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:32:52.594881: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594883: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:32:52.594884: | length/value: 256 (0x100)
Aug 26 18:32:52.594886: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:32:52.594888: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:32:52.594889: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594891: | ISAKMP transform number: 11 (0xb)
Aug 26 18:32:52.594892: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:32:52.594894: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594896: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:32:52.594897: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594899: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:32:52.594901: | length/value: 1 (0x1)
Aug 26 18:32:52.594902: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:32:52.594904: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594905: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:32:52.594907: | length/value: 3600 (0xe10)
Aug 26 18:32:52.594908: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594910: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:32:52.594911: | length/value: 7 (0x7)
Aug 26 18:32:52.594913: | [7 is OAKLEY_AES_CBC]
Aug 26 18:32:52.594914: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594916: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:32:52.594918: | length/value: 2 (0x2)
Aug 26 18:32:52.594919: | [2 is OAKLEY_SHA1]
Aug 26 18:32:52.594921: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594923: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:32:52.594925: | length/value: 3 (0x3)
Aug 26 18:32:52.594926: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:32:52.594928: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594929: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:32:52.594931: | length/value: 5 (0x5)
Aug 26 18:32:52.594932: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:32:52.594934: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594935: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:32:52.594937: | length/value: 128 (0x80)
Aug 26 18:32:52.594938: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:32:52.594940: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:32:52.594942: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594943: | ISAKMP transform number: 12 (0xc)
Aug 26 18:32:52.594945: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:32:52.594947: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594948: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:32:52.594950: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594952: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:32:52.594953: | length/value: 1 (0x1)
Aug 26 18:32:52.594955: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:32:52.594956: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594958: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:32:52.594959: | length/value: 3600 (0xe10)
Aug 26 18:32:52.594961: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594962: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:32:52.594964: | length/value: 5 (0x5)
Aug 26 18:32:52.594965: | [5 is OAKLEY_3DES_CBC]
Aug 26 18:32:52.594967: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594969: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:32:52.594970: | length/value: 4 (0x4)
Aug 26 18:32:52.594972: | [4 is OAKLEY_SHA2_256]
Aug 26 18:32:52.594973: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594975: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:32:52.594976: | length/value: 3 (0x3)
Aug 26 18:32:52.594978: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:32:52.594979: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594981: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:32:52.594982: | length/value: 14 (0xe)
Aug 26 18:32:52.594984: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:32:52.594985: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Aug 26 18:32:52.594987: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:32:52.594989: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594990: | ISAKMP transform number: 13 (0xd)
Aug 26 18:32:52.594992: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:32:52.594994: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.594995: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:32:52.594997: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.594999: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:32:52.595000: | length/value: 1 (0x1)
Aug 26 18:32:52.595002: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:32:52.595003: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595005: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:32:52.595006: | length/value: 3600 (0xe10)
Aug 26 18:32:52.595008: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595009: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:32:52.595011: | length/value: 5 (0x5)
Aug 26 18:32:52.595012: | [5 is OAKLEY_3DES_CBC]
Aug 26 18:32:52.595014: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595016: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:32:52.595018: | length/value: 6 (0x6)
Aug 26 18:32:52.595019: | [6 is OAKLEY_SHA2_512]
Aug 26 18:32:52.595021: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595022: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:32:52.595024: | length/value: 3 (0x3)
Aug 26 18:32:52.595026: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:32:52.595027: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595029: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:32:52.595030: | length/value: 14 (0xe)
Aug 26 18:32:52.595032: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:32:52.595033: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Aug 26 18:32:52.595035: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:32:52.595036: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.595038: | ISAKMP transform number: 14 (0xe)
Aug 26 18:32:52.595040: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:32:52.595041: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.595043: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:32:52.595045: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595047: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:32:52.595048: | length/value: 1 (0x1)
Aug 26 18:32:52.595050: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:32:52.595051: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595053: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:32:52.595054: | length/value: 3600 (0xe10)
Aug 26 18:32:52.595056: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595057: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:32:52.595059: | length/value: 5 (0x5)
Aug 26 18:32:52.595061: | [5 is OAKLEY_3DES_CBC]
Aug 26 18:32:52.595062: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595064: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:32:52.595065: | length/value: 2 (0x2)
Aug 26 18:32:52.595067: | [2 is OAKLEY_SHA1]
Aug 26 18:32:52.595068: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595070: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:32:52.595071: | length/value: 3 (0x3)
Aug 26 18:32:52.595073: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:32:52.595074: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595076: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:32:52.595078: | length/value: 14 (0xe)
Aug 26 18:32:52.595079: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:32:52.595081: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Aug 26 18:32:52.595082: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:32:52.595084: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.595085: | ISAKMP transform number: 15 (0xf)
Aug 26 18:32:52.595087: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:32:52.595089: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.595091: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:32:52.595092: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595094: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:32:52.595095: | length/value: 1 (0x1)
Aug 26 18:32:52.595097: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:32:52.595099: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595100: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:32:52.595102: | length/value: 3600 (0xe10)
Aug 26 18:32:52.595103: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595105: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:32:52.595106: | length/value: 5 (0x5)
Aug 26 18:32:52.595108: | [5 is OAKLEY_3DES_CBC]
Aug 26 18:32:52.595110: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595112: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:32:52.595113: | length/value: 4 (0x4)
Aug 26 18:32:52.595115: | [4 is OAKLEY_SHA2_256]
Aug 26 18:32:52.595116: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595118: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:32:52.595120: | length/value: 3 (0x3)
Aug 26 18:32:52.595121: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:32:52.595123: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595124: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:32:52.595126: | length/value: 5 (0x5)
Aug 26 18:32:52.595127: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:32:52.595129: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Aug 26 18:32:52.595131: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:32:52.595132: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.595134: | ISAKMP transform number: 16 (0x10)
Aug 26 18:32:52.595135: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:32:52.595137: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.595139: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:32:52.595140: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595142: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:32:52.595144: | length/value: 1 (0x1)
Aug 26 18:32:52.595145: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:32:52.595147: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595148: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:32:52.595150: | length/value: 3600 (0xe10)
Aug 26 18:32:52.595151: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595153: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:32:52.595155: | length/value: 5 (0x5)
Aug 26 18:32:52.595156: | [5 is OAKLEY_3DES_CBC]
Aug 26 18:32:52.595158: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595159: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:32:52.595161: | length/value: 6 (0x6)
Aug 26 18:32:52.595162: | [6 is OAKLEY_SHA2_512]
Aug 26 18:32:52.595164: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595165: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:32:52.595167: | length/value: 3 (0x3)
Aug 26 18:32:52.595168: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:32:52.595170: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595171: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:32:52.595173: | length/value: 5 (0x5)
Aug 26 18:32:52.595174: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:32:52.595176: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Aug 26 18:32:52.595178: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:32:52.595179: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:52.595181: | ISAKMP transform number: 17 (0x11)
Aug 26 18:32:52.595182: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:32:52.595184: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.595186: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:32:52.595187: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595189: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:32:52.595191: | length/value: 1 (0x1)
Aug 26 18:32:52.595192: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:32:52.595194: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595195: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:32:52.595197: | length/value: 3600 (0xe10)
Aug 26 18:32:52.595198: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595200: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:32:52.595202: | length/value: 5 (0x5)
Aug 26 18:32:52.595203: | [5 is OAKLEY_3DES_CBC]
Aug 26 18:32:52.595205: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595207: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:32:52.595209: | length/value: 2 (0x2)
Aug 26 18:32:52.595210: | [2 is OAKLEY_SHA1]
Aug 26 18:32:52.595212: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595213: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:32:52.595215: | length/value: 3 (0x3)
Aug 26 18:32:52.595216: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:32:52.595218: | ******emit ISAKMP Oakley attribute:
Aug 26 18:32:52.595219: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:32:52.595221: | length/value: 5 (0x5)
Aug 26 18:32:52.595222: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:32:52.595224: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Aug 26 18:32:52.595226: | emitting length of ISAKMP Proposal Payload: 632
Aug 26 18:32:52.595228: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0
Aug 26 18:32:52.595229: | emitting length of ISAKMP Security Association Payload: 644
Aug 26 18:32:52.595231: | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0
Aug 26 18:32:52.595235: | out_vid(): sending [FRAGMENTATION]
Aug 26 18:32:52.595236: | ***emit ISAKMP Vendor ID Payload:
Aug 26 18:32:52.595238: | next payload type: ISAKMP_NEXT_VID (0xd)
Aug 26 18:32:52.595240: | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
Aug 26 18:32:52.595242: | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
Aug 26 18:32:52.595244: | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
Aug 26 18:32:52.595246: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Aug 26 18:32:52.595248: | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3
Aug 26 18:32:52.595250: | emitting length of ISAKMP Vendor ID Payload: 20
Aug 26 18:32:52.595251: | out_vid(): sending [Dead Peer Detection]
Aug 26 18:32:52.595253: | ***emit ISAKMP Vendor ID Payload:
Aug 26 18:32:52.595255: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:52.595257: | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
Aug 26 18:32:52.595258: | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
Aug 26 18:32:52.595260: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Aug 26 18:32:52.595262: | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00
Aug 26 18:32:52.595263: | emitting length of ISAKMP Vendor ID Payload: 20
Aug 26 18:32:52.595265: | nat add vid
Aug 26 18:32:52.595267: | sending draft and RFC NATT VIDs
Aug 26 18:32:52.595268: | out_vid(): sending [RFC 3947]
Aug 26 18:32:52.595270: | ***emit ISAKMP Vendor ID Payload:
Aug 26 18:32:52.595271: | next payload type: ISAKMP_NEXT_VID (0xd)
Aug 26 18:32:52.595273: | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
Aug 26 18:32:52.595275: | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
Aug 26 18:32:52.595277: | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
Aug 26 18:32:52.595279: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Aug 26 18:32:52.595280: | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
Aug 26 18:32:52.595282: | emitting length of ISAKMP Vendor ID Payload: 20
Aug 26 18:32:52.595283: | skipping VID_NATT_RFC
Aug 26 18:32:52.595285: | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03]
Aug 26 18:32:52.595286: | ***emit ISAKMP Vendor ID Payload:
Aug 26 18:32:52.595302: | next payload type: ISAKMP_NEXT_VID (0xd)
Aug 26 18:32:52.595307: | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
Aug 26 18:32:52.595309: | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
Aug 26 18:32:52.595311: | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
Aug 26 18:32:52.595312: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Aug 26 18:32:52.595314: | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56
Aug 26 18:32:52.595316: | emitting length of ISAKMP Vendor ID Payload: 20
Aug 26 18:32:52.595317: | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n]
Aug 26 18:32:52.595319: | ***emit ISAKMP Vendor ID Payload:
Aug 26 18:32:52.595320: | next payload type: ISAKMP_NEXT_VID (0xd)
Aug 26 18:32:52.595322: | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
Aug 26 18:32:52.595324: | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
Aug 26 18:32:52.595326: | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
Aug 26 18:32:52.595328: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Aug 26 18:32:52.595329: | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f
Aug 26 18:32:52.595331: | emitting length of ISAKMP Vendor ID Payload: 20
Aug 26 18:32:52.595332: | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02]
Aug 26 18:32:52.595334: | ***emit ISAKMP Vendor ID Payload:
Aug 26 18:32:52.595336: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:52.595337: | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
Aug 26 18:32:52.595339: | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
Aug 26 18:32:52.595341: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Aug 26 18:32:52.595343: | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48
Aug 26 18:32:52.595344: | emitting length of ISAKMP Vendor ID Payload: 20
Aug 26 18:32:52.595346: | no IKEv1 message padding required
Aug 26 18:32:52.595347: | emitting length of ISAKMP Message: 792
Aug 26 18:32:52.595358: | sending 792 bytes for reply packet for main_outI1 through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #1)
Aug 26 18:32:52.595360: | 35 80 c1 69 e2 a9 e2 31 00 00 00 00 00 00 00 00
Aug 26 18:32:52.595361: | 01 10 02 00 00 00 00 00 00 00 03 18 0d 00 02 84
Aug 26 18:32:52.595363: | 00 00 00 01 00 00 00 01 00 00 02 78 00 01 00 12
Aug 26 18:32:52.595364: | 03 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:32:52.595366: | 80 01 00 07 80 02 00 04 80 03 00 03 80 04 00 0e
Aug 26 18:32:52.595367: | 80 0e 01 00 03 00 00 24 01 01 00 00 80 0b 00 01
Aug 26 18:32:52.595369: | 80 0c 0e 10 80 01 00 07 80 02 00 04 80 03 00 03
Aug 26 18:32:52.595370: | 80 04 00 0e 80 0e 00 80 03 00 00 24 02 01 00 00
Aug 26 18:32:52.595372: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 06
Aug 26 18:32:52.595373: | 80 03 00 03 80 04 00 0e 80 0e 01 00 03 00 00 24
Aug 26 18:32:52.595375: | 03 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:32:52.595376: | 80 02 00 06 80 03 00 03 80 04 00 0e 80 0e 00 80
Aug 26 18:32:52.595378: | 03 00 00 24 04 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:32:52.595379: | 80 01 00 07 80 02 00 02 80 03 00 03 80 04 00 0e
Aug 26 18:32:52.595381: | 80 0e 01 00 03 00 00 24 05 01 00 00 80 0b 00 01
Aug 26 18:32:52.595382: | 80 0c 0e 10 80 01 00 07 80 02 00 02 80 03 00 03
Aug 26 18:32:52.595384: | 80 04 00 0e 80 0e 00 80 03 00 00 24 06 01 00 00
Aug 26 18:32:52.595385: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 04
Aug 26 18:32:52.595387: | 80 03 00 03 80 04 00 05 80 0e 01 00 03 00 00 24
Aug 26 18:32:52.595388: | 07 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:32:52.595391: | 80 02 00 04 80 03 00 03 80 04 00 05 80 0e 00 80
Aug 26 18:32:52.595392: | 03 00 00 24 08 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:32:52.595394: | 80 01 00 07 80 02 00 06 80 03 00 03 80 04 00 05
Aug 26 18:32:52.595395: | 80 0e 01 00 03 00 00 24 09 01 00 00 80 0b 00 01
Aug 26 18:32:52.595397: | 80 0c 0e 10 80 01 00 07 80 02 00 06 80 03 00 03
Aug 26 18:32:52.595398: | 80 04 00 05 80 0e 00 80 03 00 00 24 0a 01 00 00
Aug 26 18:32:52.595400: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 02
Aug 26 18:32:52.595401: | 80 03 00 03 80 04 00 05 80 0e 01 00 03 00 00 24
Aug 26 18:32:52.595403: | 0b 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:32:52.595404: | 80 02 00 02 80 03 00 03 80 04 00 05 80 0e 00 80
Aug 26 18:32:52.595406: | 03 00 00 20 0c 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:32:52.595407: | 80 01 00 05 80 02 00 04 80 03 00 03 80 04 00 0e
Aug 26 18:32:52.595409: | 03 00 00 20 0d 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:32:52.595410: | 80 01 00 05 80 02 00 06 80 03 00 03 80 04 00 0e
Aug 26 18:32:52.595412: | 03 00 00 20 0e 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:32:52.595413: | 80 01 00 05 80 02 00 02 80 03 00 03 80 04 00 0e
Aug 26 18:32:52.595415: | 03 00 00 20 0f 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:32:52.595416: | 80 01 00 05 80 02 00 04 80 03 00 03 80 04 00 05
Aug 26 18:32:52.595418: | 03 00 00 20 10 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:32:52.595419: | 80 01 00 05 80 02 00 06 80 03 00 03 80 04 00 05
Aug 26 18:32:52.595420: | 00 00 00 20 11 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:32:52.595422: | 80 01 00 05 80 02 00 02 80 03 00 03 80 04 00 05
Aug 26 18:32:52.595423: | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f
Aug 26 18:32:52.595425: | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9
Aug 26 18:32:52.595426: | 6b 86 96 fc 77 57 01 00 0d 00 00 14 4a 13 1c 81
Aug 26 18:32:52.595428: | 07 03 58 45 5c 57 28 f2 0e 95 45 2f 0d 00 00 14
Aug 26 18:32:52.595429: | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56
Aug 26 18:32:52.595431: | 0d 00 00 14 90 cb 80 91 3e bb 69 6e 08 63 81 b5
Aug 26 18:32:52.595432: | ec 42 7b 1f 00 00 00 14 cd 60 46 43 35 df 21 f8
Aug 26 18:32:52.595434: | 7c fd b2 fc 68 b6 a4 48
Aug 26 18:32:52.595516: | event_schedule: new EVENT_RETRANSMIT-pe@0x55c66d954c08
Aug 26 18:32:52.595520: | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #1
Aug 26 18:32:52.595523: | libevent_malloc: new ptr-libevent@0x55c66d953778 size 128
Aug 26 18:32:52.595527: | #1 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29658.337981
Aug 26 18:32:52.595537: | #1 spent 1.37 milliseconds in main_outI1()
Aug 26 18:32:52.595540: | stop processing: state #1 connection "north-a-dpd" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228)
Aug 26 18:32:52.595543: | resume processing: connection "north-a-dpd" (in main_outI1() at ikev1_main.c:228)
Aug 26 18:32:52.595545: | stop processing: connection "north-a-dpd" (in initiate_a_connection() at initiate.c:349)
Aug 26 18:32:52.595547: | close_any(fd@23) (in initiate_connection() at initiate.c:372)
Aug 26 18:32:52.595550: | close_any(fd@16) (in whack_process() at rcv_whack.c:700)
Aug 26 18:32:52.595553: | spent 1.43 milliseconds in whack
Aug 26 18:32:52.596171: | spent 0.00222 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
Aug 26 18:32:52.596195: | *received 144 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500)
Aug 26 18:32:52.596198: | 35 80 c1 69 e2 a9 e2 31 4b 16 40 1f 95 19 a0 1f
Aug 26 18:32:52.596200: | 01 10 02 00 00 00 00 00 00 00 00 90 0d 00 00 38
Aug 26 18:32:52.596201: | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01
Aug 26 18:32:52.596203: | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:32:52.596204: | 80 01 00 07 80 02 00 04 80 03 00 03 80 04 00 0e
Aug 26 18:32:52.596206: | 80 0e 01 00 0d 00 00 14 40 48 b7 d5 6e bc e8 85
Aug 26 18:32:52.596209: | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13
Aug 26 18:32:52.596211: | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14
Aug 26 18:32:52.596212: | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
Aug 26 18:32:52.596216: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378)
Aug 26 18:32:52.596218: | **parse ISAKMP Message:
Aug 26 18:32:52.596220: | initiator cookie:
Aug 26 18:32:52.596221: | 35 80 c1 69 e2 a9 e2 31
Aug 26 18:32:52.596223: | responder cookie:
Aug 26 18:32:52.596224: | 4b 16 40 1f 95 19 a0 1f
Aug 26 18:32:52.596226: | next payload type: ISAKMP_NEXT_SA (0x1)
Aug 26 18:32:52.596228: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:32:52.596230: | exchange type: ISAKMP_XCHG_IDPROT (0x2)
Aug 26 18:32:52.596232: | flags: none (0x0)
Aug 26 18:32:52.596233: | Message ID: 0 (0x0)
Aug 26 18:32:52.596235: | length: 144 (0x90)
Aug 26 18:32:52.596237: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2)
Aug 26 18:32:52.596239: | State DB: IKEv1 state not found (find_state_ikev1)
Aug 26 18:32:52.596241: | State DB: found IKEv1 state #1 in MAIN_I1 (find_state_ikev1_init)
Aug 26 18:32:52.596245: | start processing: state #1 connection "north-a-dpd" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459)
Aug 26 18:32:52.596247: | #1 is idle
Aug 26 18:32:52.596248: | #1 idle
Aug 26 18:32:52.596251: | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080
Aug 26 18:32:52.596253: | ***parse ISAKMP Security Association Payload:
Aug 26 18:32:52.596254: | next payload type: ISAKMP_NEXT_VID (0xd)
Aug 26 18:32:52.596256: | length: 56 (0x38)
Aug 26 18:32:52.596258: | DOI: ISAKMP_DOI_IPSEC (0x1)
Aug 26 18:32:52.596260: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080
Aug 26 18:32:52.596261: | ***parse ISAKMP Vendor ID Payload:
Aug 26 18:32:52.596263: | next payload type: ISAKMP_NEXT_VID (0xd)
Aug 26 18:32:52.596265: | length: 20 (0x14)
Aug 26 18:32:52.596266: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080
Aug 26 18:32:52.596268: | ***parse ISAKMP Vendor ID Payload:
Aug 26 18:32:52.596270: | next payload type: ISAKMP_NEXT_VID (0xd)
Aug 26 18:32:52.596271: | length: 20 (0x14)
Aug 26 18:32:52.596273: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080
Aug 26 18:32:52.596274: | ***parse ISAKMP Vendor ID Payload:
Aug 26 18:32:52.596276: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:52.596278: | length: 20 (0x14)
Aug 26 18:32:52.596279: | message 'main_inR1_outI2' HASH payload not checked early
Aug 26 18:32:52.596283: | received Vendor ID payload [FRAGMENTATION]
Aug 26 18:32:52.596285: | received Vendor ID payload [Dead Peer Detection]
Aug 26 18:32:52.596287: | quirks.qnat_traversal_vid set to=117 [RFC 3947]
Aug 26 18:32:52.596305: | received Vendor ID payload [RFC 3947]
Aug 26 18:32:52.596308: | ****parse IPsec DOI SIT:
Aug 26 18:32:52.596310: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
Aug 26 18:32:52.596312: | ****parse ISAKMP Proposal Payload:
Aug 26 18:32:52.596313: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:52.596315: | length: 44 (0x2c)
Aug 26 18:32:52.596317: | proposal number: 0 (0x0)
Aug 26 18:32:52.596318: | protocol ID: PROTO_ISAKMP (0x1)
Aug 26 18:32:52.596320: | SPI size: 0 (0x0)
Aug 26 18:32:52.596321: | number of transforms: 1 (0x1)
Aug 26 18:32:52.596323: | *****parse ISAKMP Transform Payload (ISAKMP):
Aug 26 18:32:52.596325: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:52.596326: | length: 36 (0x24)
Aug 26 18:32:52.596328: | ISAKMP transform number: 0 (0x0)
Aug 26 18:32:52.596329: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:32:52.596331: | ******parse ISAKMP Oakley attribute:
Aug 26 18:32:52.596333: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:32:52.596335: | length/value: 1 (0x1)
Aug 26 18:32:52.596336: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:32:52.596338: | ******parse ISAKMP Oakley attribute:
Aug 26 18:32:52.596341: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:32:52.596343: | length/value: 3600 (0xe10)
Aug 26 18:32:52.596344: | ******parse ISAKMP Oakley attribute:
Aug 26 18:32:52.596346: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:32:52.596348: | length/value: 7 (0x7)
Aug 26 18:32:52.596349: | [7 is OAKLEY_AES_CBC]
Aug 26 18:32:52.596351: | ******parse ISAKMP Oakley attribute:
Aug 26 18:32:52.596353: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:32:52.596354: | length/value: 4 (0x4)
Aug 26 18:32:52.596356: | [4 is OAKLEY_SHA2_256]
Aug 26 18:32:52.596357: | ******parse ISAKMP Oakley attribute:
Aug 26 18:32:52.596359: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:32:52.596361: | length/value: 3 (0x3)
Aug 26 18:32:52.596362: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:32:52.596364: | ******parse ISAKMP Oakley attribute:
Aug 26 18:32:52.596365: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:32:52.596367: | length/value: 14 (0xe)
Aug 26 18:32:52.596369: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:32:52.596371: | ******parse ISAKMP Oakley attribute:
Aug 26 18:32:52.596372: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:32:52.596374: | length/value: 256 (0x100)
Aug 26 18:32:52.596376: | OAKLEY proposal verified unconditionally; no alg_info to check against
Aug 26 18:32:52.596377: | Oakley Transform 0 accepted
Aug 26 18:32:52.596379: | sender checking NAT-T: enabled; VID 117
Aug 26 18:32:52.596381: | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC
Aug 26 18:32:52.596383: | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Aug 26 18:32:52.596387: | adding outI2 KE work-order 1 for state #1
Aug 26 18:32:52.596389: | state #1 requesting EVENT_RETRANSMIT to be deleted
Aug 26 18:32:52.596391: | #1 STATE_MAIN_I1: retransmits: cleared
Aug 26 18:32:52.596394: | libevent_free: release ptr-libevent@0x55c66d953778
Aug 26 18:32:52.596396: | free_event_entry: release EVENT_RETRANSMIT-pe@0x55c66d954c08
Aug 26 18:32:52.596398: | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55c66d954c08
Aug 26 18:32:52.596400: | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #1
Aug 26 18:32:52.596402: | libevent_malloc: new ptr-libevent@0x55c66d953778 size 128
Aug 26 18:32:52.596411: | complete v1 state transition with STF_SUSPEND
Aug 26 18:32:52.596416: | [RE]START processing: state #1 connection "north-a-dpd" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648)
Aug 26 18:32:52.596417: | crypto helper 0 resuming
Aug 26 18:32:52.596419: | suspending state #1 and saving MD
Aug 26 18:32:52.596428: | crypto helper 0 starting work-order 1 for state #1
Aug 26 18:32:52.596433: | #1 is busy; has a suspended MD
Aug 26 18:32:52.596438: | crypto helper 0 doing build KE and nonce (outI2 KE); request ID 1
Aug 26 18:32:52.596442: | #1 spent 0.129 milliseconds in process_packet_tail()
Aug 26 18:32:52.596447: | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380)
Aug 26 18:32:52.596452: | stop processing: state #1 connection "north-a-dpd" from 192.1.2.23 (in process_md() at demux.c:382)
Aug 26 18:32:52.596455: | processing: STOP connection NULL (in process_md() at demux.c:383)
Aug 26 18:32:52.596459: | spent 0.263 milliseconds in comm_handle_cb() reading and processing packet
Aug 26 18:32:52.597018: | crypto helper 0 finished build KE and nonce (outI2 KE); request ID 1 time elapsed 0.00058 seconds
Aug 26 18:32:52.597024: | (#1) spent 0.585 milliseconds in crypto helper computing work-order 1: outI2 KE (pcr)
Aug 26 18:32:52.597026: | crypto helper 0 sending results from work-order 1 for state #1 to event queue
Aug 26 18:32:52.597028: | scheduling resume sending helper answer for #1
Aug 26 18:32:52.597030: | libevent_malloc: new ptr-libevent@0x7fbd18002888 size 128
Aug 26 18:32:52.597036: | crypto helper 0 waiting (nothing to do)
Aug 26 18:32:52.597042: | processing resume sending helper answer for #1
Aug 26 18:32:52.597047: | start processing: state #1 connection "north-a-dpd" from 192.1.2.23 (in resume_handler() at server.c:797)
Aug 26 18:32:52.597052: | crypto helper 0 replies to request ID 1
Aug 26 18:32:52.597054: | calling continuation function 0x55c66cb6db50
Aug 26 18:32:52.597056: | main_inR1_outI2_continue for #1: calculated ke+nonce, sending I2
Aug 26 18:32:52.597059: | **emit ISAKMP Message:
Aug 26 18:32:52.597061: | initiator cookie:
Aug 26 18:32:52.597063: | 35 80 c1 69 e2 a9 e2 31
Aug 26 18:32:52.597064: | responder cookie:
Aug 26 18:32:52.597066: | 4b 16 40 1f 95 19 a0 1f
Aug 26 18:32:52.597067: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:52.597069: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:32:52.597071: | exchange type: ISAKMP_XCHG_IDPROT (0x2)
Aug 26 18:32:52.597073: | flags: none (0x0)
Aug 26 18:32:52.597074: | Message ID: 0 (0x0)
Aug 26 18:32:52.597076: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Aug 26 18:32:52.597078: | ***emit ISAKMP Key Exchange Payload:
Aug 26 18:32:52.597080: | next payload type: ISAKMP_NEXT_NONCE (0xa)
Aug 26 18:32:52.597082: | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE
Aug 26 18:32:52.597084: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE)
Aug 26 18:32:52.597086: | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet'
Aug 26 18:32:52.597088: | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload
Aug 26 18:32:52.597090: | keyex value 3a fa a3 1b a7 60 5b 1b 33 67 e8 c6 23 53 6d 36
Aug 26 18:32:52.597091: | keyex value 57 20 a2 bf 07 74 c0 ff 54 a1 aa 20 62 7f 76 c2
Aug 26 18:32:52.597093: | keyex value 14 1d 84 0d c0 22 8a df d7 0b be 9e 19 fe 43 1e
Aug 26 18:32:52.597095: | keyex value 0a 0b 03 6d 39 bd c1 6b 07 e7 86 98 ba d6 9e 91
Aug 26 18:32:52.597096: | keyex value ca 0b f2 b5 33 b8 d9 a1 3e 88 5f 7b 64 b3 74 76
Aug 26 18:32:52.597098: | keyex value f7 6b 5e 3c e5 11 28 65 e7 7f 80 01 89 11 3b c0
Aug 26 18:32:52.597099: | keyex value 3a 6e af 3b 8b db 25 17 35 2d 61 a6 78 14 69 8a
Aug 26 18:32:52.597101: | keyex value c5 89 02 a2 27 93 49 c3 e3 a6 68 53 e4 97 b7 09
Aug 26 18:32:52.597102: | keyex value ef 71 3e 6c 8d 87 19 cd 7c aa 2f 09 78 b3 06 39
Aug 26 18:32:52.597104: | keyex value 06 a5 e6 6a 70 93 f0 5e c6 2a 23 23 e5 8c 9f 9b
Aug 26 18:32:52.597105: | keyex value 54 63 4f b0 49 b4 a3 b4 d2 17 e9 96 85 8e 6b 7d
Aug 26 18:32:52.597107: | keyex value c4 7c 30 b8 2e c6 68 2b c1 8d 6d 70 43 4f e4 e8
Aug 26 18:32:52.597108: | keyex value be 98 bf 70 f5 93 a3 9c 63 68 27 2f 33 d0 e4 97
Aug 26 18:32:52.597110: | keyex value 34 55 4b 81 3b ed 67 ba 9c 7e 9e a6 46 51 99 a0
Aug 26 18:32:52.597111: | keyex value 3e 7f 19 8d 80 bb d8 71 26 f6 d9 c5 69 6b e7 7a
Aug 26 18:32:52.597113: | keyex value cf ec 2f f8 2a 15 21 97 e1 2b cc 57 8a 86 fe 7b
Aug 26 18:32:52.597115: | emitting length of ISAKMP Key Exchange Payload: 260
Aug 26 18:32:52.597116: | ***emit ISAKMP Nonce Payload:
Aug 26 18:32:52.597118: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:52.597120: | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE)
Aug 26 18:32:52.597122: | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet'
Aug 26 18:32:52.597124: | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload
Aug 26 18:32:52.597125: | Ni ca d1 cf c3 34 d6 96 4d 78 f2 c5 0b 9b 7d af 8f
Aug 26 18:32:52.597127: | Ni 76 31 c4 80 06 28 07 3e 06 e9 a3 e9 f3 95 69 e9
Aug 26 18:32:52.597128: | emitting length of ISAKMP Nonce Payload: 36
Aug 26 18:32:52.597130: | NAT-T checking st_nat_traversal
Aug 26 18:32:52.597131: | NAT-T found (implies NAT_T_WITH_NATD)
Aug 26 18:32:52.597133: | sending NAT-D payloads
Aug 26 18:32:52.597142: | natd_hash: hasher=0x55c66cc42ca0(32)
Aug 26 18:32:52.597146: | natd_hash: icookie= 35 80 c1 69 e2 a9 e2 31
Aug 26 18:32:52.597147: | natd_hash: rcookie= 4b 16 40 1f 95 19 a0 1f
Aug 26 18:32:52.597149: | natd_hash: ip= c0 01 02 17
Aug 26 18:32:52.597151: | natd_hash: port=500
Aug 26 18:32:52.597152: | natd_hash: hash= c9 92 66 b9 67 83 15 1d 9a 4c 82 8f 0e 14 2c 97
Aug 26 18:32:52.597154: | natd_hash: hash= 30 84 fd 59 a7 4d 65 a9 a7 14 e4 26 9f 4d 53 d2
Aug 26 18:32:52.597156: | ***emit ISAKMP NAT-D Payload:
Aug 26 18:32:52.597157: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14)
Aug 26 18:32:52.597159: | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC
Aug 26 18:32:52.597161: | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC)
Aug 26 18:32:52.597163: | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet'
Aug 26 18:32:52.597165: | emitting 32 raw bytes of NAT-D into ISAKMP NAT-D Payload
Aug 26 18:32:52.597166: | NAT-D c9 92 66 b9 67 83 15 1d 9a 4c 82 8f 0e 14 2c 97
Aug 26 18:32:52.597168: | NAT-D 30 84 fd 59 a7 4d 65 a9 a7 14 e4 26 9f 4d 53 d2
Aug 26 18:32:52.597169: | emitting length of ISAKMP NAT-D Payload: 36
Aug 26 18:32:52.597174: | natd_hash: hasher=0x55c66cc42ca0(32)
Aug 26 18:32:52.597175: | natd_hash: icookie= 35 80 c1 69 e2 a9 e2 31
Aug 26 18:32:52.597177: | natd_hash: rcookie= 4b 16 40 1f 95 19 a0 1f
Aug 26 18:32:52.597178: | natd_hash: ip= c0 01 03 21
Aug 26 18:32:52.597180: | natd_hash: port=500
Aug 26 18:32:52.597181: | natd_hash: hash= e5 b1 e5 3a ee 64 89 c4 76 40 93 c8 0d 72 18 b9
Aug 26 18:32:52.597183: | natd_hash: hash= 23 84 b0 f8 24 74 2c 01 22 f9 2f b2 1e 2c d0 9e
Aug 26 18:32:52.597185: | ***emit ISAKMP NAT-D Payload:
Aug 26 18:32:52.597186: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:52.597188: | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC)
Aug 26 18:32:52.597190: | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet'
Aug 26 18:32:52.597192: | emitting 32 raw bytes of NAT-D into ISAKMP NAT-D Payload
Aug 26 18:32:52.597193: | NAT-D e5 b1 e5 3a ee 64 89 c4 76 40 93 c8 0d 72 18 b9
Aug 26 18:32:52.597195: | NAT-D 23 84 b0 f8 24 74 2c 01 22 f9 2f b2 1e 2c d0 9e
Aug 26 18:32:52.597196: | emitting length of ISAKMP NAT-D Payload: 36
Aug 26 18:32:52.597198: | no IKEv1 message padding required
Aug 26 18:32:52.597200: | emitting length of ISAKMP Message: 396
Aug 26 18:32:52.597201: | State DB: re-hashing IKEv1 state #1 IKE SPIi and SPI[ir]
Aug 26 18:32:52.597204: | complete v1 state transition with STF_OK
Aug 26 18:32:52.597207: | [RE]START processing: state #1 connection "north-a-dpd" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673)
Aug 26 18:32:52.597208: | #1 is idle
Aug 26 18:32:52.597210: | doing_xauth:no, t_xauth_client_done:no
Aug 26 18:32:52.597212: | peer supports fragmentation
Aug 26 18:32:52.597213: | peer supports DPD
Aug 26 18:32:52.597215: | DPD is configured locally
Aug 26 18:32:52.597216: | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Aug 26 18:32:52.597219: | parent state #1: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA)
Aug 26 18:32:52.597221: | event_already_set, deleting event
Aug 26 18:32:52.597222: | state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted
Aug 26 18:32:52.597224: | libevent_free: release ptr-libevent@0x55c66d953778
Aug 26 18:32:52.597226: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55c66d954c08
Aug 26 18:32:52.597230: | sending reply packet to 192.1.2.23:500 (from 192.1.3.33:500)
Aug 26 18:32:52.597234: | sending 396 bytes for STATE_MAIN_I1 through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #1)
Aug 26 18:32:52.597238: | 35 80 c1 69 e2 a9 e2 31 4b 16 40 1f 95 19 a0 1f
Aug 26 18:32:52.597240: | 04 10 02 00 00 00 00 00 00 00 01 8c 0a 00 01 04
Aug 26 18:32:52.597243: | 3a fa a3 1b a7 60 5b 1b 33 67 e8 c6 23 53 6d 36
Aug 26 18:32:52.597244: | 57 20 a2 bf 07 74 c0 ff 54 a1 aa 20 62 7f 76 c2
Aug 26 18:32:52.597246: | 14 1d 84 0d c0 22 8a df d7 0b be 9e 19 fe 43 1e
Aug 26 18:32:52.597247: | 0a 0b 03 6d 39 bd c1 6b 07 e7 86 98 ba d6 9e 91
Aug 26 18:32:52.597249: | ca 0b f2 b5 33 b8 d9 a1 3e 88 5f 7b 64 b3 74 76
Aug 26 18:32:52.597250: | f7 6b 5e 3c e5 11 28 65 e7 7f 80 01 89 11 3b c0
Aug 26 18:32:52.597252: | 3a 6e af 3b 8b db 25 17 35 2d 61 a6 78 14 69 8a
Aug 26 18:32:52.597253: | c5 89 02 a2 27 93 49 c3 e3 a6 68 53 e4 97 b7 09
Aug 26 18:32:52.597255: | ef 71 3e 6c 8d 87 19 cd 7c aa 2f 09 78 b3 06 39
Aug 26 18:32:52.597256: | 06 a5 e6 6a 70 93 f0 5e c6 2a 23 23 e5 8c 9f 9b
Aug 26 18:32:52.597258: | 54 63 4f b0 49 b4 a3 b4 d2 17 e9 96 85 8e 6b 7d
Aug 26 18:32:52.597259: | c4 7c 30 b8 2e c6 68 2b c1 8d 6d 70 43 4f e4 e8
Aug 26 18:32:52.597261: | be 98 bf 70 f5 93 a3 9c 63 68 27 2f 33 d0 e4 97
Aug 26 18:32:52.597262: | 34 55 4b 81 3b ed 67 ba 9c 7e 9e a6 46 51 99 a0
Aug 26 18:32:52.597263: | 3e 7f 19 8d 80 bb d8 71 26 f6 d9 c5 69 6b e7 7a
Aug 26 18:32:52.597265: | cf ec 2f f8 2a 15 21 97 e1 2b cc 57 8a 86 fe 7b
Aug 26 18:32:52.597266: | 14 00 00 24 ca d1 cf c3 34 d6 96 4d 78 f2 c5 0b
Aug 26 18:32:52.597268: | 9b 7d af 8f 76 31 c4 80 06 28 07 3e 06 e9 a3 e9
Aug 26 18:32:52.597269: | f3 95 69 e9 14 00 00 24 c9 92 66 b9 67 83 15 1d
Aug 26 18:32:52.597271: | 9a 4c 82 8f 0e 14 2c 97 30 84 fd 59 a7 4d 65 a9
Aug 26 18:32:52.597272: | a7 14 e4 26 9f 4d 53 d2 00 00 00 24 e5 b1 e5 3a
Aug 26 18:32:52.597274: | ee 64 89 c4 76 40 93 c8 0d 72 18 b9 23 84 b0 f8
Aug 26 18:32:52.597275: | 24 74 2c 01 22 f9 2f b2 1e 2c d0 9e
Aug 26 18:32:52.597314: | !event_already_set at reschedule
Aug 26 18:32:52.597321: | event_schedule: new EVENT_RETRANSMIT-pe@0x55c66d954c08
Aug 26 18:32:52.597324: | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #1
Aug 26 18:32:52.597326: | libevent_malloc: new ptr-libevent@0x55c66d958a58 size 128
Aug 26 18:32:52.597329: | #1 STATE_MAIN_I2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29658.339787
Aug 26 18:32:52.597332: "north-a-dpd" #1: STATE_MAIN_I2: sent MI2, expecting MR2
Aug 26 18:32:52.597338: | modecfg pull: noquirk policy:push not-client
Aug 26 18:32:52.597340: | phase 1 is done, looking for phase 2 to unpend
Aug 26 18:32:52.597343: | resume sending helper answer for #1 suppresed complete_v1_state_transition()
Aug 26 18:32:52.597346: | #1 spent 0.266 milliseconds in resume sending helper answer
Aug 26 18:32:52.597350: | stop processing: state #1 connection "north-a-dpd" from 192.1.2.23 (in resume_handler() at server.c:833)
Aug 26 18:32:52.597352: | libevent_free: release ptr-libevent@0x7fbd18002888
Aug 26 18:32:52.598747: | spent 0.00221 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
Aug 26 18:32:52.598765: | *received 576 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500)
Aug 26 18:32:52.598768: | 35 80 c1 69 e2 a9 e2 31 4b 16 40 1f 95 19 a0 1f
Aug 26 18:32:52.598770: | 04 10 02 00 00 00 00 00 00 00 02 40 0a 00 01 04
Aug 26 18:32:52.598771: | f0 74 45 1b f1 9e 11 7d 29 36 26 40 6f b2 a3 ec
Aug 26 18:32:52.598773: | 6f 0f 30 37 ab 74 28 62 58 15 32 88 b9 04 22 d8
Aug 26 18:32:52.598774: | 6d b2 e3 b0 76 cb 34 5e e8 f4 42 e8 06 e3 1d a5
Aug 26 18:32:52.598776: | 25 b7 03 ee 97 6d 53 0e 9a 3d aa da db d3 3e 42
Aug 26 18:32:52.598777: | 93 06 c2 a6 7f 06 a5 96 c3 9c 58 15 6e 65 07 99
Aug 26 18:32:52.598779: | 8d 16 53 54 41 5a 70 a2 4e d4 87 c1 ea 12 88 cc
Aug 26 18:32:52.598780: | ed 2b 72 27 fc 71 c4 0b ce ba 7d da 7e 09 c7 25
Aug 26 18:32:52.598782: | c1 be 96 b4 15 58 a8 75 11 fb 5c ac 21 b8 a4 30
Aug 26 18:32:52.598783: | 79 72 63 c1 29 6e 87 43 48 b1 e1 7d 55 d5 ae 80
Aug 26 18:32:52.598785: | 26 03 ea 55 ea 99 f3 e4 00 e7 48 42 b1 af 95 6e
Aug 26 18:32:52.598786: | a3 27 af 3d 1c 12 d7 3b ed c4 57 f4 68 01 6d 9d
Aug 26 18:32:52.598790: | f3 92 e6 43 45 72 32 4a 4c ae 3e db 42 5e db 56
Aug 26 18:32:52.598792: | 9a b6 c9 27 11 c4 40 ef 59 73 0a 13 cb a6 8e d3
Aug 26 18:32:52.598793: | 9c cd c3 d8 73 58 98 be 68 fa a0 7d 74 3e 8f a7
Aug 26 18:32:52.598795: | bb 85 e4 5a e1 9e d3 dc 16 50 e0 80 56 0c 46 17
Aug 26 18:32:52.598796: | 1f 4b da 68 f8 8a b4 5d d1 ae 9d 6f 50 e9 7c a0
Aug 26 18:32:52.598798: | 07 00 00 24 8b bb 54 e3 8c f2 15 1c 86 29 b5 6f
Aug 26 18:32:52.598799: | 03 e9 85 c4 4a 9d fa 77 b4 97 73 a9 53 8e ce f6
Aug 26 18:32:52.598801: | 2d 6f 7b db 14 00 00 b4 04 30 81 ac 31 0b 30 09
Aug 26 18:32:52.598802: | 06 03 55 04 06 13 02 43 41 31 10 30 0e 06 03 55
Aug 26 18:32:52.598804: | 04 08 0c 07 4f 6e 74 61 72 69 6f 31 10 30 0e 06
Aug 26 18:32:52.598805: | 03 55 04 07 0c 07 54 6f 72 6f 6e 74 6f 31 12 30
Aug 26 18:32:52.598807: | 10 06 03 55 04 0a 0c 09 4c 69 62 72 65 73 77 61
Aug 26 18:32:52.598808: | 6e 31 18 30 16 06 03 55 04 0b 0c 0f 54 65 73 74
Aug 26 18:32:52.598810: | 20 44 65 70 61 72 74 6d 65 6e 74 31 25 30 23 06
Aug 26 18:32:52.598811: | 03 55 04 03 0c 1c 4c 69 62 72 65 73 77 61 6e 20
Aug 26 18:32:52.598813: | 74 65 73 74 20 43 41 20 66 6f 72 20 6d 61 69 6e
Aug 26 18:32:52.598814: | 63 61 31 24 30 22 06 09 2a 86 48 86 f7 0d 01 09
Aug 26 18:32:52.598816: | 01 16 15 74 65 73 74 69 6e 67 40 6c 69 62 72 65
Aug 26 18:32:52.598817: | 73 77 61 6e 2e 6f 72 67 14 00 00 24 e5 b1 e5 3a
Aug 26 18:32:52.598819: | ee 64 89 c4 76 40 93 c8 0d 72 18 b9 23 84 b0 f8
Aug 26 18:32:52.598820: | 24 74 2c 01 22 f9 2f b2 1e 2c d0 9e 00 00 00 24
Aug 26 18:32:52.598822: | c9 92 66 b9 67 83 15 1d 9a 4c 82 8f 0e 14 2c 97
Aug 26 18:32:52.598823: | 30 84 fd 59 a7 4d 65 a9 a7 14 e4 26 9f 4d 53 d2
Aug 26 18:32:52.598826: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378)
Aug 26 18:32:52.598828: | **parse ISAKMP Message:
Aug 26 18:32:52.598830: | initiator cookie:
Aug 26 18:32:52.598832: | 35 80 c1 69 e2 a9 e2 31
Aug 26 18:32:52.598834: | responder cookie:
Aug 26 18:32:52.598835: | 4b 16 40 1f 95 19 a0 1f
Aug 26 18:32:52.598837: | next payload type: ISAKMP_NEXT_KE (0x4)
Aug 26 18:32:52.598839: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:32:52.598840: | exchange type: ISAKMP_XCHG_IDPROT (0x2)
Aug 26 18:32:52.598842: | flags: none (0x0)
Aug 26 18:32:52.598844: | Message ID: 0 (0x0)
Aug 26 18:32:52.598845: | length: 576 (0x240)
Aug 26 18:32:52.598847: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2)
Aug 26 18:32:52.598850: | State DB: found IKEv1 state #1 in MAIN_I2 (find_state_ikev1)
Aug 26 18:32:52.598853: | start processing: state #1 connection "north-a-dpd" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459)
Aug 26 18:32:52.598855: | #1 is idle
Aug 26 18:32:52.598857: | #1 idle
Aug 26 18:32:52.598859: | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080
Aug 26 18:32:52.598861: | ***parse ISAKMP Key Exchange Payload:
Aug 26 18:32:52.598862: | next payload type: ISAKMP_NEXT_NONCE (0xa)
Aug 26 18:32:52.598864: | length: 260 (0x104)
Aug 26 18:32:52.598866: | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080
Aug 26 18:32:52.598868: | ***parse ISAKMP Nonce Payload:
Aug 26 18:32:52.598869: | next payload type: ISAKMP_NEXT_CR (0x7)
Aug 26 18:32:52.598871: | length: 36 (0x24)
Aug 26 18:32:52.598873: | got payload 0x80 (ISAKMP_NEXT_CR) needed: 0x0 opt: 0x102080
Aug 26 18:32:52.598875: | ***parse ISAKMP Certificate RequestPayload:
Aug 26 18:32:52.598876: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14)
Aug 26 18:32:52.598878: | length: 180 (0xb4)
Aug 26 18:32:52.598880: | cert type: CERT_X509_SIGNATURE (0x4)
Aug 26 18:32:52.598881: | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080
Aug 26 18:32:52.598883: | ***parse ISAKMP NAT-D Payload:
Aug 26 18:32:52.598884: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14)
Aug 26 18:32:52.598887: | length: 36 (0x24)
Aug 26 18:32:52.598889: | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080
Aug 26 18:32:52.598891: | ***parse ISAKMP NAT-D Payload:
Aug 26 18:32:52.598892: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:52.598894: | length: 36 (0x24)
Aug 26 18:32:52.598896: | message 'main_inR2_outI3' HASH payload not checked early
Aug 26 18:32:52.598905: | started looking for secret for C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org->C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org of kind PKK_PSK
Aug 26 18:32:52.598909: | actually looking for secret for C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org->C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org of kind PKK_PSK
Aug 26 18:32:52.598915: | line 0: key type PKK_PSK(C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org) to type PKK_RSA
Aug 26 18:32:52.598918: | line 1: key type PKK_PSK(C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org) to type PKK_RSA
Aug 26 18:32:52.598920: | concluding with best_match=000 best=(nil) (lineno=-1)
Aug 26 18:32:52.598921: | no PreShared Key Found
Aug 26 18:32:52.598924: | adding aggr outR1 DH work-order 2 for state #1
Aug 26 18:32:52.598926: | state #1 requesting EVENT_RETRANSMIT to be deleted
Aug 26 18:32:52.598927: | #1 STATE_MAIN_I2: retransmits: cleared
Aug 26 18:32:52.598930: | libevent_free: release ptr-libevent@0x55c66d958a58
Aug 26 18:32:52.598932: | free_event_entry: release EVENT_RETRANSMIT-pe@0x55c66d954c08
Aug 26 18:32:52.598934: | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55c66d954c08
Aug 26 18:32:52.598936: | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #1
Aug 26 18:32:52.598938: | libevent_malloc: new ptr-libevent@0x7fbd18002888 size 128
Aug 26 18:32:52.598945: | complete v1 state transition with STF_SUSPEND
Aug 26 18:32:52.598951: | [RE]START processing: state #1 connection "north-a-dpd" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648)
Aug 26 18:32:52.598952: | crypto helper 2 resuming
Aug 26 18:32:52.598953: | suspending state #1 and saving MD
Aug 26 18:32:52.598964: | crypto helper 2 starting work-order 2 for state #1
Aug 26 18:32:52.598966: | #1 is busy; has a suspended MD
Aug 26 18:32:52.598970: | crypto helper 2 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 2
Aug 26 18:32:52.598972: | #1 spent 0.0694 milliseconds in process_packet_tail()
Aug 26 18:32:52.598976: | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380)
Aug 26 18:32:52.598981: | stop processing: state #1 connection "north-a-dpd" from 192.1.2.23 (in process_md() at demux.c:382)
Aug 26 18:32:52.598984: | processing: STOP connection NULL (in process_md() at demux.c:383)
Aug 26 18:32:52.598989: | spent 0.227 milliseconds in comm_handle_cb() reading and processing packet
Aug 26 18:32:52.599654: | crypto helper 2 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 2 time elapsed 0.000685 seconds
Aug 26 18:32:52.599663: | (#1) spent 0.691 milliseconds in crypto helper computing work-order 2: aggr outR1 DH (pcr)
Aug 26 18:32:52.599665: | crypto helper 2 sending results from work-order 2 for state #1 to event queue
Aug 26 18:32:52.599667: | scheduling resume sending helper answer for #1
Aug 26 18:32:52.599670: | libevent_malloc: new ptr-libevent@0x7fbd10000f48 size 128
Aug 26 18:32:52.599676: | crypto helper 2 waiting (nothing to do)
Aug 26 18:32:52.599681: | processing resume sending helper answer for #1
Aug 26 18:32:52.599688: | start processing: state #1 connection "north-a-dpd" from 192.1.2.23 (in resume_handler() at server.c:797)
Aug 26 18:32:52.599692: | crypto helper 2 replies to request ID 2
Aug 26 18:32:52.599700: | calling continuation function 0x55c66cb6db50
Aug 26 18:32:52.599703: | main_inR2_outI3_cryptotail for #1: calculated DH, sending R1
Aug 26 18:32:52.599706: | **emit ISAKMP Message:
Aug 26 18:32:52.599708: | initiator cookie:
Aug 26 18:32:52.599710: | 35 80 c1 69 e2 a9 e2 31
Aug 26 18:32:52.599712: | responder cookie:
Aug 26 18:32:52.599713: | 4b 16 40 1f 95 19 a0 1f
Aug 26 18:32:52.599715: | next payload type: ISAKMP_NEXT_ID (0x5)
Aug 26 18:32:52.599717: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:32:52.599719: | exchange type: ISAKMP_XCHG_IDPROT (0x2)
Aug 26 18:32:52.599721: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:32:52.599722: | Message ID: 0 (0x0)
Aug 26 18:32:52.599724: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Aug 26 18:32:52.599726: | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID
Aug 26 18:32:52.599729: | CR 30 81 ac 31 0b 30 09 06 03 55 04 06 13 02 43 41
Aug 26 18:32:52.599731: | CR 31 10 30 0e 06 03 55 04 08 0c 07 4f 6e 74 61 72
Aug 26 18:32:52.599732: | CR 69 6f 31 10 30 0e 06 03 55 04 07 0c 07 54 6f 72
Aug 26 18:32:52.599734: | CR 6f 6e 74 6f 31 12 30 10 06 03 55 04 0a 0c 09 4c
Aug 26 18:32:52.599735: | CR 69 62 72 65 73 77 61 6e 31 18 30 16 06 03 55 04
Aug 26 18:32:52.599737: | CR 0b 0c 0f 54 65 73 74 20 44 65 70 61 72 74 6d 65
Aug 26 18:32:52.599738: | CR 6e 74 31 25 30 23 06 03 55 04 03 0c 1c 4c 69 62
Aug 26 18:32:52.599740: | CR 72 65 73 77 61 6e 20 74 65 73 74 20 43 41 20 66
Aug 26 18:32:52.599741: | CR 6f 72 20 6d 61 69 6e 63 61 31 24 30 22 06 09 2a
Aug 26 18:32:52.599742: | CR 86 48 86 f7 0d 01 09 01 16 15 74 65 73 74 69 6e
Aug 26 18:32:52.599744: | CR 67 40 6c 69 62 72 65 73 77 61 6e 2e 6f 72 67
Aug 26 18:32:52.599749: | requested CA: 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:32:52.599751: | thinking about whether to send my certificate:
Aug 26 18:32:52.599753: | I have RSA key: OAKLEY_RSA_SIG cert.type: CERT_X509_SIGNATURE
Aug 26 18:32:52.599755: | sendcert: CERT_ALWAYSSEND and I did get a certificate request
Aug 26 18:32:52.599756: | so send cert.
Aug 26 18:32:52.599759: | I am sending a certificate request
Aug 26 18:32:52.599760: | I will NOT send an initial contact payload
Aug 26 18:32:52.599762: | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal)
Aug 26 18:32:52.599770: | natd_hash: hasher=0x55c66cc42ca0(32)
Aug 26 18:32:52.599772: | natd_hash: icookie= 35 80 c1 69 e2 a9 e2 31
Aug 26 18:32:52.599774: | natd_hash: rcookie= 4b 16 40 1f 95 19 a0 1f
Aug 26 18:32:52.599775: | natd_hash: ip= c0 01 03 21
Aug 26 18:32:52.599777: | natd_hash: port=500
Aug 26 18:32:52.599779: | natd_hash: hash= e5 b1 e5 3a ee 64 89 c4 76 40 93 c8 0d 72 18 b9
Aug 26 18:32:52.599780: | natd_hash: hash= 23 84 b0 f8 24 74 2c 01 22 f9 2f b2 1e 2c d0 9e
Aug 26 18:32:52.599784: | natd_hash: hasher=0x55c66cc42ca0(32)
Aug 26 18:32:52.599786: | natd_hash: icookie= 35 80 c1 69 e2 a9 e2 31
Aug 26 18:32:52.599787: | natd_hash: rcookie= 4b 16 40 1f 95 19 a0 1f
Aug 26 18:32:52.599789: | natd_hash: ip= c0 01 02 17
Aug 26 18:32:52.599790: | natd_hash: port=500
Aug 26 18:32:52.599792: | natd_hash: hash= c9 92 66 b9 67 83 15 1d 9a 4c 82 8f 0e 14 2c 97
Aug 26 18:32:52.599793: | natd_hash: hash= 30 84 fd 59 a7 4d 65 a9 a7 14 e4 26 9f 4d 53 d2
Aug 26 18:32:52.599795: | expected NAT-D(me): e5 b1 e5 3a ee 64 89 c4 76 40 93 c8 0d 72 18 b9
Aug 26 18:32:52.599797: | expected NAT-D(me): 23 84 b0 f8 24 74 2c 01 22 f9 2f b2 1e 2c d0 9e
Aug 26 18:32:52.599798: | expected NAT-D(him):
Aug 26 18:32:52.599800: | c9 92 66 b9 67 83 15 1d 9a 4c 82 8f 0e 14 2c 97
Aug 26 18:32:52.599801: | 30 84 fd 59 a7 4d 65 a9 a7 14 e4 26 9f 4d 53 d2
Aug 26 18:32:52.599803: | received NAT-D: e5 b1 e5 3a ee 64 89 c4 76 40 93 c8 0d 72 18 b9
Aug 26 18:32:52.599804: | received NAT-D: 23 84 b0 f8 24 74 2c 01 22 f9 2f b2 1e 2c d0 9e
Aug 26 18:32:52.599807: | received NAT-D: c9 92 66 b9 67 83 15 1d 9a 4c 82 8f 0e 14 2c 97
Aug 26 18:32:52.599809: | received NAT-D: 30 84 fd 59 a7 4d 65 a9 a7 14 e4 26 9f 4d 53 d2
Aug 26 18:32:52.599811: | NAT_TRAVERSAL encaps using auto-detect
Aug 26 18:32:52.599812: | NAT_TRAVERSAL this end is NOT behind NAT
Aug 26 18:32:52.599814: | NAT_TRAVERSAL that end is NOT behind NAT
Aug 26 18:32:52.599816: | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23
Aug 26 18:32:52.599818: | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected
Aug 26 18:32:52.599819: | NAT_T_WITH_KA detected
Aug 26 18:32:52.599821: | global one-shot timer EVENT_NAT_T_KEEPALIVE scheduled in 20 seconds
Aug 26 18:32:52.599824: | ***emit ISAKMP Identification Payload (IPsec DOI):
Aug 26 18:32:52.599826: | next payload type: ISAKMP_NEXT_CERT (0x6)
Aug 26 18:32:52.599827: | ID type: ID_DER_ASN1_DN (0x9)
Aug 26 18:32:52.599829: | Protocol ID: 0 (0x0)
Aug 26 18:32:52.599831: | port: 0 (0x0)
Aug 26 18:32:52.599833: | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 6:ISAKMP_NEXT_CERT
Aug 26 18:32:52.599835: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID)
Aug 26 18:32:52.599837: | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet'
Aug 26 18:32:52.599839: | emitting 185 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI)
Aug 26 18:32:52.599841: | my identity 30 81 b6 31 0b 30 09 06 03 55 04 06 13 02 43 41
Aug 26 18:32:52.599842: | my identity 31 10 30 0e 06 03 55 04 08 0c 07 4f 6e 74 61 72
Aug 26 18:32:52.599844: | my identity 69 6f 31 10 30 0e 06 03 55 04 07 0c 07 54 6f 72
Aug 26 18:32:52.599846: | my identity 6f 6e 74 6f 31 12 30 10 06 03 55 04 0a 0c 09 4c
Aug 26 18:32:52.599847: | my identity 69 62 72 65 73 77 61 6e 31 18 30 16 06 03 55 04
Aug 26 18:32:52.599849: | my identity 0b 0c 0f 54 65 73 74 20 44 65 70 61 72 74 6d 65
Aug 26 18:32:52.599850: | my identity 6e 74 31 24 30 22 06 03 55 04 03 0c 1b 6e 6f 72
Aug 26 18:32:52.599852: | my identity 74 68 2e 74 65 73 74 69 6e 67 2e 6c 69 62 72 65
Aug 26 18:32:52.599853: | my identity 73 77 61 6e 2e 6f 72 67 31 2f 30 2d 06 09 2a 86
Aug 26 18:32:52.599855: | my identity 48 86 f7 0d 01 09 01 16 20 75 73 65 72 2d 6e 6f
Aug 26 18:32:52.599856: | my identity 72 74 68 40 74 65 73 74 69 6e 67 2e 6c 69 62 72
Aug 26 18:32:52.599858: | my identity 65 73 77 61 6e 2e 6f 72 67
Aug 26 18:32:52.599859: | emitting length of ISAKMP Identification Payload (IPsec DOI): 193
Aug 26 18:32:52.599861: "north-a-dpd" #1: I am sending my cert
Aug 26 18:32:52.599869: | ***emit ISAKMP Certificate Payload:
Aug 26 18:32:52.599871: | next payload type: ISAKMP_NEXT_CR (0x7)
Aug 26 18:32:52.599873: | cert encoding: CERT_X509_SIGNATURE (0x4)
Aug 26 18:32:52.599875: | next payload chain: ignoring supplied 'ISAKMP Certificate Payload'.'next payload type' value 7:ISAKMP_NEXT_CR
Aug 26 18:32:52.599877: | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Certificate Payload (6:ISAKMP_NEXT_CERT)
Aug 26 18:32:52.599879: | next payload chain: saving location 'ISAKMP Certificate Payload'.'next payload type' in 'reply packet'
Aug 26 18:32:52.599881: | emitting 1227 raw bytes of CERT into ISAKMP Certificate Payload
Aug 26 18:32:52.599882: | CERT 30 82 04 c7 30 82 04 30 a0 03 02 01 02 02 01 06
Aug 26 18:32:52.599884: | CERT 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30
Aug 26 18:32:52.599885: | CERT 81 ac 31 0b 30 09 06 03 55 04 06 13 02 43 41 31
Aug 26 18:32:52.599887: | CERT 10 30 0e 06 03 55 04 08 0c 07 4f 6e 74 61 72 69
Aug 26 18:32:52.599888: | CERT 6f 31 10 30 0e 06 03 55 04 07 0c 07 54 6f 72 6f
Aug 26 18:32:52.599890: | CERT 6e 74 6f 31 12 30 10 06 03 55 04 0a 0c 09 4c 69
Aug 26 18:32:52.599892: | CERT 62 72 65 73 77 61 6e 31 18 30 16 06 03 55 04 0b
Aug 26 18:32:52.599894: | CERT 0c 0f 54 65 73 74 20 44 65 70 61 72 74 6d 65 6e
Aug 26 18:32:52.599896: | CERT 74 31 25 30 23 06 03 55 04 03 0c 1c 4c 69 62 72
Aug 26 18:32:52.599897: | CERT 65 73 77 61 6e 20 74 65 73 74 20 43 41 20 66 6f
Aug 26 18:32:52.599899: | CERT 72 20 6d 61 69 6e 63 61 31 24 30 22 06 09 2a 86
Aug 26 18:32:52.599900: | CERT 48 86 f7 0d 01 09 01 16 15 74 65 73 74 69 6e 67
Aug 26 18:32:52.599902: | CERT 40 6c 69 62 72 65 73 77 61 6e 2e 6f 72 67 30 22
Aug 26 18:32:52.599903: | CERT 18 0f 32 30 31 39 30 38 32 34 30 39 30 37 35 33
Aug 26 18:32:52.599905: | CERT 5a 18 0f 32 30 32 32 30 38 32 33 30 39 30 37 35
Aug 26 18:32:52.599906: | CERT 33 5a 30 81 b6 31 0b 30 09 06 03 55 04 06 13 02
Aug 26 18:32:52.599908: | CERT 43 41 31 10 30 0e 06 03 55 04 08 0c 07 4f 6e 74
Aug 26 18:32:52.599909: | CERT 61 72 69 6f 31 10 30 0e 06 03 55 04 07 0c 07 54
Aug 26 18:32:52.599911: | CERT 6f 72 6f 6e 74 6f 31 12 30 10 06 03 55 04 0a 0c
Aug 26 18:32:52.599912: | CERT 09 4c 69 62 72 65 73 77 61 6e 31 18 30 16 06 03
Aug 26 18:32:52.599914: | CERT 55 04 0b 0c 0f 54 65 73 74 20 44 65 70 61 72 74
Aug 26 18:32:52.599916: | CERT 6d 65 6e 74 31 24 30 22 06 03 55 04 03 0c 1b 6e
Aug 26 18:32:52.599918: | CERT 6f 72 74 68 2e 74 65 73 74 69 6e 67 2e 6c 69 62
Aug 26 18:32:52.599920: | CERT 72 65 73 77 61 6e 2e 6f 72 67 31 2f 30 2d 06 09
Aug 26 18:32:52.599922: | CERT 2a 86 48 86 f7 0d 01 09 01 16 20 75 73 65 72 2d
Aug 26 18:32:52.599924: | CERT 6e 6f 72 74 68 40 74 65 73 74 69 6e 67 2e 6c 69
Aug 26 18:32:52.599927: | CERT 62 72 65 73 77 61 6e 2e 6f 72 67 30 82 01 a2 30
Aug 26 18:32:52.599929: | CERT 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82
Aug 26 18:32:52.599931: | CERT 01 8f 00 30 82 01 8a 02 82 01 81 00 c0 59 bd 4b
Aug 26 18:32:52.599933: | CERT 40 fd f4 2c e7 cf 9e f3 29 e6 61 73 de ab 42 3d
Aug 26 18:32:52.599936: | CERT cc 51 1a e8 79 d6 53 46 a1 fd 66 d1 9e ab b4 65
Aug 26 18:32:52.599938: | CERT 76 51 ad 3f 6f 8f ef d2 73 f9 fd 8f 44 b0 6c 36
Aug 26 18:32:52.599940: | CERT 4b 95 c3 b2 45 0f 31 0c e9 df 35 95 44 c0 19 53
Aug 26 18:32:52.599942: | CERT 8d df 6a 4b b2 af d6 d3 e8 dd f5 20 df 9c cd 8a
Aug 26 18:32:52.599944: | CERT f7 6a 09 92 60 00 45 44 39 4c 17 6c 06 02 91 37
Aug 26 18:32:52.599946: | CERT 4b f5 6a c3 5e 21 c6 64 32 32 98 1d b7 99 1f 3c
Aug 26 18:32:52.599949: | CERT 13 fe ec c7 a4 a5 3b 37 30 df e4 31 95 47 91 b1
Aug 26 18:32:52.599951: | CERT ca 96 66 b7 9e 49 65 a2 4c 79 54 17 ed 68 19 34
Aug 26 18:32:52.599953: | CERT 9d 7e 67 91 27 51 f0 ee cb b3 90 68 7c 1d fd 83
Aug 26 18:32:52.599956: | CERT 32 06 2e e6 6f d5 f0 62 00 4d ef 11 90 b6 ad 61
Aug 26 18:32:52.599958: | CERT 83 0b 21 94 18 d9 2b 88 09 0d 33 2e 3b 71 18 f4
Aug 26 18:32:52.599960: | CERT ce 4a 45 f3 37 f4 db c0 d6 ab c2 da da cd 6d e0
Aug 26 18:32:52.599963: | CERT a3 9d 21 53 19 34 b1 0c d9 63 7c 45 b7 26 a4 d9
Aug 26 18:32:52.599965: | CERT d6 93 25 1e 1f 74 3c 07 32 69 9b bc 0f db ba 3e
Aug 26 18:32:52.599967: | CERT 30 85 a4 3d ec 5c 70 fe fe 7d 64 3c 2c 48 b3 8a
Aug 26 18:32:52.599969: | CERT eb 26 bf 05 d4 33 1e c3 f7 1c 24 c9 99 e3 d1 99
Aug 26 18:32:52.599971: | CERT 91 df 32 10 d5 7c 31 7e 9e 6f 70 01 dc 0d d7 21
Aug 26 18:32:52.599974: | CERT 03 76 4d f5 b2 e3 87 30 94 8c b2 0a c0 b4 d9 0b
Aug 26 18:32:52.599976: | CERT d4 d9 37 e0 7a 73 13 50 8d 6f 93 9a 7c 5a 1a b2
Aug 26 18:32:52.599978: | CERT 87 7e 0c 64 60 cb 4b 2c ef 22 75 b1 7c 60 3e e3
Aug 26 18:32:52.599980: | CERT e5 f1 94 38 51 8f 00 e8 35 7b b5 01 ed c1 c4 fd
Aug 26 18:32:52.599982: | CERT a3 4b 56 42 d6 8b 64 38 74 95 c4 13 70 f0 f0 23
Aug 26 18:32:52.599985: | CERT 29 57 2b ef 74 97 97 76 8d 30 48 91 02 03 01 00
Aug 26 18:32:52.599987: | CERT 01 a3 81 e4 30 81 e1 30 09 06 03 55 1d 13 04 02
Aug 26 18:32:52.599989: | CERT 30 00 30 26 06 03 55 1d 11 04 1f 30 1d 82 1b 6e
Aug 26 18:32:52.599993: | CERT 6f 72 74 68 2e 74 65 73 74 69 6e 67 2e 6c 69 62
Aug 26 18:32:52.599996: | CERT 72 65 73 77 61 6e 2e 6f 72 67 30 0b 06 03 55 1d
Aug 26 18:32:52.599998: | CERT 0f 04 04 03 02 07 80 30 1d 06 03 55 1d 25 04 16
Aug 26 18:32:52.600000: | CERT 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06
Aug 26 18:32:52.600003: | CERT 01 05 05 07 03 02 30 41 06 08 2b 06 01 05 05 07
Aug 26 18:32:52.600005: | CERT 01 01 04 35 30 33 30 31 06 08 2b 06 01 05 05 07
Aug 26 18:32:52.600007: | CERT 30 01 86 25 68 74 74 70 3a 2f 2f 6e 69 63 2e 74
Aug 26 18:32:52.600010: | CERT 65 73 74 69 6e 67 2e 6c 69 62 72 65 73 77 61 6e
Aug 26 18:32:52.600012: | CERT 2e 6f 72 67 3a 32 35 36 30 30 3d 06 03 55 1d 1f
Aug 26 18:32:52.600014: | CERT 04 36 30 34 30 32 a0 30 a0 2e 86 2c 68 74 74 70
Aug 26 18:32:52.600017: | CERT 3a 2f 2f 6e 69 63 2e 74 65 73 74 69 6e 67 2e 6c
Aug 26 18:32:52.600019: | CERT 69 62 72 65 73 77 61 6e 2e 6f 72 67 2f 72 65 76
Aug 26 18:32:52.600021: | CERT 6f 6b 65 64 2e 63 72 6c 30 0d 06 09 2a 86 48 86
Aug 26 18:32:52.600024: | CERT f7 0d 01 01 0b 05 00 03 81 81 00 9e e9 26 57 73
Aug 26 18:32:52.600026: | CERT c2 4c 64 c6 ab d6 d3 1a 13 4f 6b 48 e3 17 b2 3d
Aug 26 18:32:52.600028: | CERT fb 30 93 2d 15 92 6e a3 60 29 10 1d 3e a7 93 48
Aug 26 18:32:52.600031: | CERT 3c 40 5b af 9e e5 93 b7 2f d5 4b 9f db bd ab 5d
Aug 26 18:32:52.600033: | CERT 03 57 3a 1a f9 81 87 13 dd 32 e7 93 b5 9e 3b 40
Aug 26 18:32:52.600035: | CERT 3c c6 c9 d5 ce c6 c7 5d da 89 36 3d d0 36 82 fd
Aug 26 18:32:52.600038: | CERT b2 ab 00 2a 7c 0e a7 ad 3e e2 b1 5a 0d 88 45 26
Aug 26 18:32:52.600040: | CERT 48 51 b3 c7 79 d7 04 e7 47 5f 28 f8 63 fb ae 58
Aug 26 18:32:52.600042: | CERT 52 8b ba 60 ce 19 ac fa 4e 65 7d
Aug 26 18:32:52.600045: | emitting length of ISAKMP Certificate Payload: 1232
Aug 26 18:32:52.600048: "north-a-dpd" #1: I am sending a certificate request
Aug 26 18:32:52.600053: | ***emit ISAKMP Certificate RequestPayload:
Aug 26 18:32:52.600055: | next payload type: ISAKMP_NEXT_SIG (0x9)
Aug 26 18:32:52.600057: | cert type: CERT_X509_SIGNATURE (0x4)
Aug 26 18:32:52.600059: | next payload chain: ignoring supplied 'ISAKMP Certificate RequestPayload'.'next payload type' value 9:ISAKMP_NEXT_SIG
Aug 26 18:32:52.600061: | next payload chain: setting previous 'ISAKMP Certificate Payload'.'next payload type' to current ISAKMP Certificate RequestPayload (7:ISAKMP_NEXT_CR)
Aug 26 18:32:52.600063: | next payload chain: saving location 'ISAKMP Certificate RequestPayload'.'next payload type' in 'reply packet'
Aug 26 18:32:52.600065: | emitting 175 raw bytes of CA into ISAKMP Certificate RequestPayload
Aug 26 18:32:52.600067: | CA 30 81 ac 31 0b 30 09 06 03 55 04 06 13 02 43 41
Aug 26 18:32:52.600068: | CA 31 10 30 0e 06 03 55 04 08 0c 07 4f 6e 74 61 72
Aug 26 18:32:52.600070: | CA 69 6f 31 10 30 0e 06 03 55 04 07 0c 07 54 6f 72
Aug 26 18:32:52.600071: | CA 6f 6e 74 6f 31 12 30 10 06 03 55 04 0a 0c 09 4c
Aug 26 18:32:52.600073: | CA 69 62 72 65 73 77 61 6e 31 18 30 16 06 03 55 04
Aug 26 18:32:52.600074: | CA 0b 0c 0f 54 65 73 74 20 44 65 70 61 72 74 6d 65
Aug 26 18:32:52.600076: | CA 6e 74 31 25 30 23 06 03 55 04 03 0c 1c 4c 69 62
Aug 26 18:32:52.600077: | CA 72 65 73 77 61 6e 20 74 65 73 74 20 43 41 20 66
Aug 26 18:32:52.600079: | CA 6f 72 20 6d 61 69 6e 63 61 31 24 30 22 06 09 2a
Aug 26 18:32:52.600080: | CA 86 48 86 f7 0d 01 09 01 16 15 74 65 73 74 69 6e
Aug 26 18:32:52.600082: | CA 67 40 6c 69 62 72 65 73 77 61 6e 2e 6f 72 67
Aug 26 18:32:52.600084: | emitting length of ISAKMP Certificate RequestPayload: 180
Aug 26 18:32:52.600114: | started looking for secret for C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org->C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org of kind PKK_RSA
Aug 26 18:32:52.600179: | searching for certificate PKK_RSA:AwEAAcBZv vs PKK_RSA:AwEAAcBZv
Aug 26 18:32:52.605633: | ***emit ISAKMP Signature Payload:
Aug 26 18:32:52.605643: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:52.605646: | next payload chain: setting previous 'ISAKMP Certificate RequestPayload'.'next payload type' to current ISAKMP Signature Payload (9:ISAKMP_NEXT_SIG)
Aug 26 18:32:52.605648: | next payload chain: saving location 'ISAKMP Signature Payload'.'next payload type' in 'reply packet'
Aug 26 18:32:52.605650: | emitting 384 raw bytes of SIG_I into ISAKMP Signature Payload
Aug 26 18:32:52.605652: | SIG_I ae 93 f4 88 c9 d3 63 33 95 44 a1 2a cc fc b9 13
Aug 26 18:32:52.605654: | SIG_I c8 73 15 bd ee 42 fd 39 61 bd 8d 63 fb 9b 62 f1
Aug 26 18:32:52.605655: | SIG_I 13 ac 6f 59 4b 3b 6a 0e 0b 9b 10 e6 46 21 ac b8
Aug 26 18:32:52.605657: | SIG_I 94 f4 33 eb ac 0f ad 3c 94 e7 8c 8a 0e cc 03 95
Aug 26 18:32:52.605658: | SIG_I a4 ea 1b ec 75 e9 7d fb 40 48 4d e8 c3 86 f7 c5
Aug 26 18:32:52.605660: | SIG_I 91 07 83 78 02 5c 58 75 c0 dc 55 f9 c4 d5 94 66
Aug 26 18:32:52.605661: | SIG_I 7a 6c 0a 1e 4d f5 6b 7f 88 ba 06 69 bb e1 20 db
Aug 26 18:32:52.605663: | SIG_I fd 29 6a 03 5e e1 c0 77 61 7d 3d 4b 7a 49 d1 d9
Aug 26 18:32:52.605664: | SIG_I c5 40 8c 75 0c 67 d9 a1 c8 64 0a 39 70 f5 d7 88
Aug 26 18:32:52.605666: | SIG_I 83 59 0b fc ab f0 be 57 df 32 c9 d9 1e e1 78 c2
Aug 26 18:32:52.605667: | SIG_I 42 1f a0 c5 e3 7f 3c 32 a8 8f c1 59 29 e6 e9 ce
Aug 26 18:32:52.605669: | SIG_I 27 61 4a eb 8b cb b8 71 26 05 35 ce 75 fa b3 42
Aug 26 18:32:52.605670: | SIG_I 29 28 47 0d 16 4a 93 c4 d2 fc 82 da 1d 31 86 61
Aug 26 18:32:52.605672: | SIG_I d2 e9 65 0b 88 55 a2 ff c6 60 02 5c 4c b5 1d 91
Aug 26 18:32:52.605673: | SIG_I ad b9 65 ff 5e 0f 4e 1c 48 e9 89 24 d9 fd bf fc
Aug 26 18:32:52.605675: | SIG_I d7 33 64 0c 4f 6d 5f 84 7c 4e 85 42 7b a2 ef f6
Aug 26 18:32:52.605676: | SIG_I 4f e2 a0 f9 4f f0 6c 47 58 3f ea 52 6e 9c 75 8c
Aug 26 18:32:52.605678: | SIG_I 29 dd 0b 50 f1 20 83 a8 f0 ec f8 cf 3a 04 1d 63
Aug 26 18:32:52.605679: | SIG_I bb 2d 1c 0b e8 98 f9 96 1e 4a 50 c0 8e 2e 5b 5d
Aug 26 18:32:52.605681: | SIG_I cf 00 5d c5 74 28 f4 bb 06 78 eb f5 9c d1 31 58
Aug 26 18:32:52.605682: | SIG_I 52 ea d0 a1 88 6b 8a 91 93 17 da 92 e7 6b a7 75
Aug 26 18:32:52.605684: | SIG_I b8 1d 00 ea ae a7 60 06 ab 23 15 de ee d8 ed d8
Aug 26 18:32:52.605686: | SIG_I 5c 1a de 76 34 7a 8c 99 52 44 80 c6 7b 58 64 94
Aug 26 18:32:52.605687: | SIG_I 70 70 70 64 bb 07 1a d8 41 19 d1 37 96 92 b6 78
Aug 26 18:32:52.605689: | emitting length of ISAKMP Signature Payload: 388
Aug 26 18:32:52.605691: | Not sending INITIAL_CONTACT
Aug 26 18:32:52.605693: | emitting 7 zero bytes of encryption padding into ISAKMP Message
Aug 26 18:32:52.605694: | no IKEv1 message padding required
Aug 26 18:32:52.605696: | emitting length of ISAKMP Message: 2028
Aug 26 18:32:52.605706: | complete v1 state transition with STF_OK
Aug 26 18:32:52.605710: | [RE]START processing: state #1 connection "north-a-dpd" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673)
Aug 26 18:32:52.605712: | #1 is idle
Aug 26 18:32:52.605714: | doing_xauth:no, t_xauth_client_done:no
Aug 26 18:32:52.605715: | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Aug 26 18:32:52.605718: | parent state #1: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA)
Aug 26 18:32:52.605720: | event_already_set, deleting event
Aug 26 18:32:52.605722: | state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted
Aug 26 18:32:52.605725: | libevent_free: release ptr-libevent@0x7fbd18002888
Aug 26 18:32:52.605727: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55c66d954c08
Aug 26 18:32:52.605731: | sending reply packet to 192.1.2.23:500 (from 192.1.3.33:500)
Aug 26 18:32:52.605736: | sending 2028 bytes for STATE_MAIN_I2 through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #1)
Aug 26 18:32:52.605738: | 35 80 c1 69 e2 a9 e2 31 4b 16 40 1f 95 19 a0 1f
Aug 26 18:32:52.605739: | 05 10 02 01 00 00 00 00 00 00 07 ec 4b 36 36 25
Aug 26 18:32:52.605741: | f5 b6 6c 91 6a 87 5c 1c c8 a5 38 47 e3 e2 73 4b
Aug 26 18:32:52.605744: | c2 f9 b3 96 9c 00 8a 3a 16 b1 5a 73 64 09 2b 48
Aug 26 18:32:52.605746: | c9 c0 23 98 57 42 53 e3 6c 6b 1d c8 6d 5d 15 51
Aug 26 18:32:52.605748: | 0f ee 7b e6 8b 7e 88 28 f4 69 63 72 4c d0 ce 45
Aug 26 18:32:52.605749: | 89 60 3e f0 c9 10 d4 e4 d4 51 3a e2 ba 0a 8e a8
Aug 26 18:32:52.605751: | c7 5f c7 3e d5 d4 26 06 72 c8 97 41 e3 89 81 3a
Aug 26 18:32:52.605752: | 1f 9b 41 77 e3 6b ed d3 25 5f 0b 9e f0 11 39 6b
Aug 26 18:32:52.605754: | 77 03 79 6c fa 32 23 7d 14 85 8e 2d 9c 4e c8 4e
Aug 26 18:32:52.605755: | 74 7b 40 25 5e 7d 07 43 0b 1b c4 5d dc 16 14 19
Aug 26 18:32:52.605756: | 26 ce 86 d5 dd c1 2f be 29 ed c6 cd dc 36 f5 1b
Aug 26 18:32:52.605758: | af 40 61 6b 1a 3f d1 4a 6b 56 28 bd 86 33 f1 53
Aug 26 18:32:52.605759: | 16 a7 b1 f3 77 47 29 68 e9 23 e0 7e 15 2f 84 9b
Aug 26 18:32:52.605761: | 65 34 b2 ff 26 ae c7 76 26 23 28 c3 af 82 c8 c7
Aug 26 18:32:52.605762: | d8 1c 76 4e ee 89 98 29 aa 0f 4a 03 ea 1f 63 72
Aug 26 18:32:52.605764: | 44 5e 38 d3 59 57 65 de 5b 10 2e d0 34 0b f2 2d
Aug 26 18:32:52.605765: | c9 16 8d 56 38 7b 37 f6 a5 02 9e 0c b6 86 13 12
Aug 26 18:32:52.605767: | 5d b5 50 46 19 f7 43 57 ea 0a 21 b6 e4 f4 66 e3
Aug 26 18:32:52.605768: | bf 7a 88 de f0 32 09 73 ff 82 25 0c f2 67 b3 d1
Aug 26 18:32:52.605770: | 22 7e ef d6 00 32 54 07 d6 cd b0 52 13 2e 1a d7
Aug 26 18:32:52.605771: | a7 01 18 49 a4 a8 06 86 fb 77 7d 21 2e b7 c6 e7
Aug 26 18:32:52.605773: | be 75 5a 35 a5 6a 36 24 8b a5 d4 05 36 69 27 63
Aug 26 18:32:52.605774: | 2a 23 aa 7b 7a 58 9e 43 9f 94 0d 9a 69 aa 01 11
Aug 26 18:32:52.605776: | d3 f2 40 fe 3f 71 53 5d 51 55 57 9d 63 f9 38 26
Aug 26 18:32:52.605777: | fb a9 2a 27 b7 e9 3a 78 ab 3c 81 64 c8 75 1f 61
Aug 26 18:32:52.605779: | a1 a9 a2 ab 31 e3 14 65 5a 7d 1b c0 ae fc 0a 33
Aug 26 18:32:52.605780: | e7 f0 cf 7f dc 2d 44 f3 0a 7b c4 ee 17 7e b0 78
Aug 26 18:32:52.605782: | 2b a7 03 c5 9d 1d 7b 19 d2 c9 ff b5 d1 47 b1 d3
Aug 26 18:32:52.605783: | ce 8e 79 6d ba 0b 59 c5 85 e8 d9 39 5e f8 a8 aa
Aug 26 18:32:52.605785: | 93 51 f5 2b 26 4e 3e 38 70 ae b5 2b cb 8b ab 79
Aug 26 18:32:52.605786: | 4a c7 a0 2c 0a db 91 e4 08 0a e8 d5 ac 2d d6 09
Aug 26 18:32:52.605788: | aa 81 d9 29 3c 27 92 ce fd 2b e7 71 4a e7 24 61
Aug 26 18:32:52.605789: | 33 a3 a9 2b 4d c6 e1 01 fd b5 21 46 6e b2 c5 aa
Aug 26 18:32:52.605791: | 63 4f ee 64 a4 3c 77 9a 5b 7f e3 28 6f a0 bd 60
Aug 26 18:32:52.605792: | ef 88 11 88 74 39 e7 1a 1a 19 5f 79 71 f0 28 7a
Aug 26 18:32:52.605794: | 0c 82 fc ba 8a 58 42 1f 59 f2 18 aa 70 eb 59 31
Aug 26 18:32:52.605795: | 65 aa 5a 0d 04 60 a3 d4 6f 8a 96 fc 11 37 02 0f
Aug 26 18:32:52.605797: | cb f3 81 3d 5a 73 3b fe 73 4e 6d c2 05 32 65 a6
Aug 26 18:32:52.605798: | 1e 53 d0 f8 61 58 52 8b d2 ad 18 70 6e f2 ba cf
Aug 26 18:32:52.605800: | 98 49 01 46 42 e0 be 3b 51 92 91 db 20 56 04 c8
Aug 26 18:32:52.605801: | eb e6 09 72 96 80 db 95 6a 00 65 53 3d c0 6d 08
Aug 26 18:32:52.605803: | 77 cd 8b 6f d3 f2 0b 1f 18 47 c1 e3 6d 6c 25 4b
Aug 26 18:32:52.605804: | 4b 63 04 20 68 a9 ca 25 ff bd f4 cd ec 17 aa dd
Aug 26 18:32:52.605806: | a6 b7 47 66 d5 38 4b 33 d9 d9 0f 70 7c 77 f9 4e
Aug 26 18:32:52.605807: | 40 9e 71 2f 7e 80 cd df c7 bd f5 b2 68 8e 41 16
Aug 26 18:32:52.605809: | fd e1 a9 e8 fe d7 ae fe 33 ef 6f b7 82 58 a9 69
Aug 26 18:32:52.605810: | ec 13 4d a0 d5 25 c4 54 34 b5 d3 b6 08 86 6a f6
Aug 26 18:32:52.605812: | ad 29 51 8a ec 0b 55 fc 68 e7 ad a2 1b 55 b2 f8
Aug 26 18:32:52.605813: | cf ef 58 c3 06 cb f7 d5 5d 81 ce a1 dc 9e 8d 69
Aug 26 18:32:52.605815: | d3 c2 08 c3 4b 17 a9 cc 4d 42 6c 68 9d 44 24 65
Aug 26 18:32:52.605816: | 8e df 90 94 c2 29 27 2c db 10 89 8a ad d5 10 29
Aug 26 18:32:52.605818: | 66 95 2d ce 5f 27 9c 47 25 ba 70 7e 7a 52 80 1f
Aug 26 18:32:52.605819: | 31 34 cc 23 61 e5 4f e5 31 74 0f 96 de 49 33 9a
Aug 26 18:32:52.605822: | b0 10 74 92 27 8f 67 d3 36 e0 94 a6 7f 73 38 13
Aug 26 18:32:52.605823: | 6b 79 a8 5d 13 0c 65 98 50 26 cc e9 05 7b 7e 68
Aug 26 18:32:52.605825: | 76 8c 64 bc d7 52 73 c6 60 18 e8 8d ce 2e 4f b7
Aug 26 18:32:52.605826: | 5b ce 57 29 1b 8f 9b e8 9b c9 d9 a6 28 f2 16 2a
Aug 26 18:32:52.605828: | 27 36 5e 79 d4 e0 97 d7 bd bc 07 74 e8 89 46 0b
Aug 26 18:32:52.605829: | 11 11 56 cc 50 c8 f3 f7 df 3f 1d db 23 b7 7d d5
Aug 26 18:32:52.605831: | 70 eb da 57 79 08 2c 3c 7a 72 71 0a 98 11 a5 aa
Aug 26 18:32:52.605832: | 85 dd 24 68 1f 69 31 89 dc 3e d9 bb ca f3 25 8d
Aug 26 18:32:52.605834: | d9 07 09 91 3b df 25 ee 49 b4 f4 99 54 5a 5a d6
Aug 26 18:32:52.605835: | 2a e2 4d df 33 8a ab 44 bb de 27 b9 d1 e8 d6 4a
Aug 26 18:32:52.605837: | 4b f7 a4 2e 70 ff 7b 4c 11 72 85 6d 5c bd 0b 73
Aug 26 18:32:52.605838: | 4d ed 8f b0 9d 63 5a df ec a9 4c 55 ac 29 af 27
Aug 26 18:32:52.605839: | 6a 6d b4 41 8e f0 88 63 a8 ea 32 ae 04 49 0e 80
Aug 26 18:32:52.605841: | 84 6c 8a f2 f2 4c be 38 dd a7 cc 4d da 18 5c 37
Aug 26 18:32:52.605842: | 56 e7 9e a1 40 71 ab a4 46 93 a5 90 f4 37 e2 e6
Aug 26 18:32:52.605844: | ab c4 cd 49 93 13 3a ef bc 45 51 19 06 f1 1a 76
Aug 26 18:32:52.605845: | 50 d1 d5 27 9b 13 ed eb 5b b4 ca 02 51 a9 8d a7
Aug 26 18:32:52.605847: | ae 84 3a 01 54 9b ea a1 e9 ba aa a2 60 ea 11 25
Aug 26 18:32:52.605848: | c8 82 ed dd 24 4b 2e 28 91 2b ed 3d 27 5d 3a b7
Aug 26 18:32:52.605850: | 6c ef 40 d3 ac 28 c2 62 0b e0 df 4b 18 86 5e be
Aug 26 18:32:52.605851: | 7f 8c 68 21 bc 3b 64 29 62 04 ec 4b 9e 72 84 7b
Aug 26 18:32:52.605853: | d6 8f 68 74 e1 f6 6e 33 fd 42 b3 3b f0 ef a6 94
Aug 26 18:32:52.605854: | 30 8e 9b 13 d0 57 bd 09 fe bc e8 ec 74 17 91 47
Aug 26 18:32:52.605856: | 45 1d 31 26 29 2a b8 e5 8d fd 6b 52 72 f0 c1 0a
Aug 26 18:32:52.605857: | 93 e2 20 d6 c8 a5 cf d9 be 32 af ff af b3 8c a9
Aug 26 18:32:52.605859: | 4e f4 3d 6b 01 f2 49 5f 76 78 80 2a b1 dd e3 90
Aug 26 18:32:52.605860: | 0f 2a f4 30 9d f0 bc 56 8b 2d a1 83 7b 4f 3f 66
Aug 26 18:32:52.605862: | 80 bb eb a6 df f6 52 38 42 99 69 ee 11 41 86 7a
Aug 26 18:32:52.605863: | 80 c8 18 91 e5 49 8c bd 6d 18 7d 1a 29 4c 67 5f
Aug 26 18:32:52.605865: | 92 e7 2c 39 8f 0e a2 e9 4e 07 41 14 5f fa f1 9a
Aug 26 18:32:52.605866: | 1e ab 62 ef 5d 51 f8 51 35 28 f0 d2 93 b4 fe 24
Aug 26 18:32:52.605868: | 42 b7 46 ff 25 a7 15 b2 05 02 a3 d6 78 6a 4e 93
Aug 26 18:32:52.605869: | 84 7e 96 9f 7b 24 29 7e 9c ac 88 29 b6 c5 69 6f
Aug 26 18:32:52.605871: | 02 4c 2c d9 7c 20 0e 43 b0 a1 03 cb 4e cd 9a 54
Aug 26 18:32:52.605872: | 1b 81 56 0e d0 7b eb 51 76 2b 0f 28 8d e9 91 37
Aug 26 18:32:52.605874: | 01 4e cb e7 41 ec 3f 5f f7 80 97 8e ca 78 e4 f5
Aug 26 18:32:52.605875: | 25 da d6 73 a6 c1 bd 11 07 cb 4e df e4 03 53 b1
Aug 26 18:32:52.605877: | ef 64 0c 23 f2 04 71 dd f7 92 bd 02 44 61 8b f8
Aug 26 18:32:52.605878: | 2f 35 2d f4 fb 2e 51 15 06 2f 23 b2 a7 31 73 e3
Aug 26 18:32:52.605880: | cb 22 9a 81 c1 88 a8 4f e1 52 da 3e 84 b6 20 7d
Aug 26 18:32:52.605881: | 19 7e f9 c0 7e 6c 1d 59 61 b0 57 b7 ec e1 03 f7
Aug 26 18:32:52.605883: | 11 e6 05 fd da 75 b7 fe 7b c0 0e 14 fa 77 a6 ba
Aug 26 18:32:52.605884: | 64 94 2f 62 35 a8 09 0f 4f f3 bf 8a ae fb 4e e0
Aug 26 18:32:52.605886: | 30 e0 ea 2d c1 09 db 98 c7 3e 6f 8b c3 fa ac e7
Aug 26 18:32:52.605887: | 12 36 1a 36 8c 3f 27 e0 27 da 94 03 b4 a5 1d be
Aug 26 18:32:52.605889: | eb d2 ee 38 2a 0d 15 ce a9 d5 ac b1 e3 6b e8 da
Aug 26 18:32:52.605890: | 4a 17 c7 a8 05 96 c0 95 b7 e8 c4 5d 88 73 b0 3d
Aug 26 18:32:52.605892: | b1 0d 86 3a 1b 51 62 89 66 81 e3 6d 37 11 df 21
Aug 26 18:32:52.605893: | 0b 9c 91 b0 2d 03 ec 4d e5 9a 0b d7 58 c9 14 dd
Aug 26 18:32:52.605895: | 10 3c 8f 5d 6e fa 83 03 ac dc 27 fa 3b 70 f1 1d
Aug 26 18:32:52.605896: | 37 b0 cb 49 85 69 3f 49 27 6d 78 45 44 e1 36 65
Aug 26 18:32:52.605898: | 5d 92 fd 52 bf f8 f1 28 66 c3 91 24 c0 10 d7 28
Aug 26 18:32:52.605900: | a2 b0 89 98 fb a5 4e 90 f6 62 c2 3d 5f 9a 40 32
Aug 26 18:32:52.605901: | f0 45 e7 11 dd 10 f2 13 ee 86 69 8e 20 03 50 57
Aug 26 18:32:52.605903: | 7e 9f 78 95 b2 86 c2 09 aa 0c 6c f6 3f f8 2c 73
Aug 26 18:32:52.605904: | 12 24 a8 6f bf 62 ff ce 3c 06 9f bc c4 fd 7b dd
Aug 26 18:32:52.605906: | 0c dc 7d cf 04 0b ed 08 b9 84 33 83 07 15 26 ad
Aug 26 18:32:52.605907: | 11 e6 e1 23 70 9d a0 a6 05 23 46 bd 68 a6 ac fe
Aug 26 18:32:52.605909: | 75 e4 03 53 a4 be 93 55 01 d1 24 bb 4c f0 04 67
Aug 26 18:32:52.605910: | f0 4d 7d fe 6d 97 82 9c 0b a7 bc 77 f9 b6 3a 49
Aug 26 18:32:52.605912: | e2 c1 53 16 6c 58 a4 de 9a 46 6b a2 d3 c5 c2 7a
Aug 26 18:32:52.605913: | 2e cf 29 d3 cd cb e2 24 ee 5f 88 1d ba 62 77 a7
Aug 26 18:32:52.605915: | 1e 95 d4 02 13 9a d3 82 4b c0 06 f4 fa 71 fa 62
Aug 26 18:32:52.605916: | 72 4f f6 c5 a2 be 5b 33 f1 21 0e ea 37 1b 55 0e
Aug 26 18:32:52.605918: | bb 37 89 9a 20 8f 04 0d 5d 7d 54 b0 76 51 30 bd
Aug 26 18:32:52.605919: | 1e 70 6b 6a d2 7f 7a c5 e9 de 01 b4 89 d8 ad 61
Aug 26 18:32:52.605921: | 31 8b 3b 74 37 44 4e 05 01 e9 0d f1 92 b7 6e bc
Aug 26 18:32:52.605922: | 78 28 58 87 4f 70 00 c9 5a e5 65 05 53 7b 9f 85
Aug 26 18:32:52.605924: | 61 85 b8 1e e9 c5 15 cf c3 78 08 aa cf 2c 18 f2
Aug 26 18:32:52.605925: | 47 c8 98 d9 05 f4 47 26 63 d2 7e 80 c3 6a 07 00
Aug 26 18:32:52.605927: | 98 87 e2 cd 71 8e 33 af 63 11 7b 6f 68 3d 14 74
Aug 26 18:32:52.605928: | 89 ef 45 c1 d6 69 88 44 e0 59 df ba 13 c7 9b 60
Aug 26 18:32:52.605930: | 9f 87 16 73 c2 33 f2 fc f4 be f9 1d
Aug 26 18:32:52.605984: | !event_already_set at reschedule
Aug 26 18:32:52.605988: | event_schedule: new EVENT_RETRANSMIT-pe@0x55c66d954c08
Aug 26 18:32:52.605991: | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #1
Aug 26 18:32:52.605993: | libevent_malloc: new ptr-libevent@0x55c66d953748 size 128
Aug 26 18:32:52.605997: | #1 STATE_MAIN_I3: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29658.348455
Aug 26 18:32:52.605999: "north-a-dpd" #1: STATE_MAIN_I3: sent MI3, expecting MR3
Aug 26 18:32:52.606006: | modecfg pull: noquirk policy:push not-client
Aug 26 18:32:52.606008: | phase 1 is done, looking for phase 2 to unpend
Aug 26 18:32:52.606011: | resume sending helper answer for #1 suppresed complete_v1_state_transition()
Aug 26 18:32:52.606017: | #1 spent 6.27 milliseconds in resume sending helper answer
Aug 26 18:32:52.606020: | stop processing: state #1 connection "north-a-dpd" from 192.1.2.23 (in resume_handler() at server.c:833)
Aug 26 18:32:52.606023: | libevent_free: release ptr-libevent@0x7fbd10000f48
Aug 26 18:32:52.618079: | spent 0.00348 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
Aug 26 18:32:52.618110: | *received 1884 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500)
Aug 26 18:32:52.618115: | 35 80 c1 69 e2 a9 e2 31 4b 16 40 1f 95 19 a0 1f
Aug 26 18:32:52.618118: | 05 10 02 01 00 00 00 00 00 00 07 5c cb 37 0f 37
Aug 26 18:32:52.618121: | 39 65 6c f3 6b 86 9b 85 86 8e f5 c1 7d 36 28 a9
Aug 26 18:32:52.618123: | 5b 1e f7 c8 f9 97 f3 52 10 cb 92 f8 60 07 9c d9
Aug 26 18:32:52.618126: | 72 22 71 5f 81 9f 99 eb 81 b5 f1 9e b4 c7 f2 aa
Aug 26 18:32:52.618128: | b0 f6 be cd 23 54 f4 6f d1 83 ac fc 64 8f 74 87
Aug 26 18:32:52.618131: | 85 5c 2f 12 0a 3d 7c 8e 21 87 10 69 c7 f7 5d be
Aug 26 18:32:52.618134: | 84 81 e1 cf 90 79 4e bb 46 80 30 c3 7e 4b a3 76
Aug 26 18:32:52.618136: | 0d 02 96 75 3a ac bb 1e 9f 6f 68 9c f0 e7 c0 57
Aug 26 18:32:52.618139: | 48 be 79 3f 75 48 91 ea 19 46 6b 9e dd a0 8f 14
Aug 26 18:32:52.618141: | b7 a1 c4 69 bd 73 88 77 ea 8a 27 e4 04 b7 b4 f1
Aug 26 18:32:52.618144: | 29 4d 8e 6c 50 ef 3a de 21 7a 56 94 cd e4 84 d2
Aug 26 18:32:52.618146: | d3 b9 7d ca 56 4c 73 73 ee 46 e2 4d a6 d0 10 ed
Aug 26 18:32:52.618149: | d9 58 27 49 d1 a6 10 2a 30 e9 65 93 ef 43 ca 3a
Aug 26 18:32:52.618152: | 07 cc b5 84 e0 db d7 47 de 97 50 77 93 42 86 a3
Aug 26 18:32:52.618160: | 7c 07 b7 27 f2 34 82 7d 49 c5 52 0d c1 ea 06 ae
Aug 26 18:32:52.618163: | d7 c1 18 60 22 34 62 56 1b ae 9a 44 c2 df 6f 3b
Aug 26 18:32:52.618165: | 58 c9 52 be da 76 98 74 3b 87 fc 59 43 a7 f5 7b
Aug 26 18:32:52.618168: | fc 36 c0 51 31 4d bd 64 08 ba 74 db 16 96 4d d0
Aug 26 18:32:52.618170: | 60 23 18 8d ff 3e 6c 33 e2 21 42 19 5b e5 f4 e1
Aug 26 18:32:52.618173: | 39 08 2f 21 a0 18 0b ec 94 97 4a b8 37 09 01 2b
Aug 26 18:32:52.618175: | ff ad 14 9d c8 d1 95 10 7d fe 14 68 d4 6c dc 8f
Aug 26 18:32:52.618178: | 0c 89 e4 70 53 09 a3 9d 01 10 d6 5e b0 0f ad b5
Aug 26 18:32:52.618180: | 43 e0 2c 0e 79 4d 33 63 3f b5 b6 2a ce ef 4a 0a
Aug 26 18:32:52.618183: | ed f2 c1 fe 0c ef bf 7e be ae e5 6a ee 27 65 69
Aug 26 18:32:52.618185: | 48 96 5a 46 a7 d1 b0 6d 30 a8 8d bb f8 ed e6 cd
Aug 26 18:32:52.618188: | f0 06 80 89 98 05 34 d8 bc ac be 5e bd cb 46 56
Aug 26 18:32:52.618190: | 77 ce f9 84 2a 6d 9b a2 86 62 0f 3a 0b e9 90 11
Aug 26 18:32:52.618193: | 01 dd 6a e9 c3 51 9c de 57 ed 66 05 1a 1b e0 5a
Aug 26 18:32:52.618196: | b0 e3 04 7c 2c bd a4 2a df 33 35 b8 ca b8 0f 85
Aug 26 18:32:52.618198: | a4 5a fc 60 5c 4f 3f fa 77 20 68 47 d7 63 98 2b
Aug 26 18:32:52.618201: | 95 2e d2 e5 52 22 d0 0f 18 4b 88 e0 89 de bd 24
Aug 26 18:32:52.618203: | 16 53 ca b1 f3 15 3b 3b 90 5e 4e fd 00 b1 5d cb
Aug 26 18:32:52.618206: | 04 ed 37 9a 18 07 89 fc 90 e0 3f 4b a6 5c 84 64
Aug 26 18:32:52.618208: | da f8 66 97 43 cb 3c 40 56 16 df f1 56 45 b4 76
Aug 26 18:32:52.618211: | 01 c6 f7 9f 6c ca 30 2a 15 cd 6c f5 74 ce 6f a7
Aug 26 18:32:52.618213: | 31 09 ca f6 e7 d3 16 58 06 9e e5 d0 26 64 16 9a
Aug 26 18:32:52.618216: | 4a 2f c2 74 f4 b3 a2 14 b8 49 16 d3 76 f5 4a 1a
Aug 26 18:32:52.618219: | d5 c6 83 bf d2 6f 6d eb eb 81 5b 70 05 6a 87 9f
Aug 26 18:32:52.618221: | 2e dd 27 66 0d 01 74 ca d1 0a 20 ef 37 54 2f af
Aug 26 18:32:52.618224: | 6c 30 a5 4d e6 ac 0e b8 52 fd b6 ad 5a 5d 43 b6
Aug 26 18:32:52.618226: | 84 7f 01 56 17 80 7c f0 86 c7 dd 7c 28 6a f2 7a
Aug 26 18:32:52.618229: | 7f e5 a0 5f b7 70 59 a7 2e 02 8e d0 f2 3d 62 6c
Aug 26 18:32:52.618231: | ce 2d 49 1f d1 12 41 89 b3 2e f8 5b f1 74 68 2e
Aug 26 18:32:52.618234: | 00 9c 2f 6e 39 cb 4c 83 10 af 12 ac ba 4d 8c 3e
Aug 26 18:32:52.618236: | c7 58 44 c3 5a 85 83 c5 93 a8 b2 67 1c 0a 8a 80
Aug 26 18:32:52.618239: | 36 9d 93 d4 fc 7e f0 1e ef 86 c9 16 9e ec 41 9f
Aug 26 18:32:52.618241: | 04 90 d9 45 5d 41 0d 49 9d 55 d8 4f 9b b3 dd 20
Aug 26 18:32:52.618244: | 1c 0c 55 f6 b1 e1 c2 19 c9 ec 54 b0 19 de 5e a5
Aug 26 18:32:52.618246: | 1e 60 c7 53 82 bf 33 85 2f 03 ee 30 d7 55 54 5b
Aug 26 18:32:52.618249: | 3a a6 fb e1 c0 63 65 ed 51 17 f7 7d 10 43 35 9f
Aug 26 18:32:52.618252: | a0 6a dd 04 6b f1 f8 80 5f 4c 58 e3 25 7d ff 3d
Aug 26 18:32:52.618254: | bc 2d f1 0e ae 62 9d 03 60 0d 8a 99 d7 af ee 06
Aug 26 18:32:52.618256: | 2a 18 40 20 41 fe 5a 05 e5 68 90 13 91 ee ae 0b
Aug 26 18:32:52.618259: | 3c 53 5e 98 08 fb 80 58 09 c9 d2 6d 8b 56 f9 4d
Aug 26 18:32:52.618262: | dc 2a fb d8 5f 0d e5 8b 57 ae e3 87 3b a3 09 e4
Aug 26 18:32:52.618264: | 4d 37 ba 4c e1 34 cf 5d 0a 65 a7 5d 4e ab 4e 48
Aug 26 18:32:52.618267: | a9 a7 ca e2 e9 dc be a6 a5 87 29 55 ac 5d c8 4d
Aug 26 18:32:52.618269: | 5f 79 93 d8 c7 3d 09 b9 a1 5b 70 70 6a c9 5c 2f
Aug 26 18:32:52.618272: | a5 d3 db 96 b3 8e 29 8e 04 5d 2c bc 4d 2f 0c df
Aug 26 18:32:52.618274: | 9f 79 a0 12 70 97 82 93 4b 4f 1e 92 b3 58 8f c7
Aug 26 18:32:52.618277: | 76 d4 59 2d d1 42 4d d6 5d a9 9c b5 5d 98 fe 85
Aug 26 18:32:52.618279: | d1 71 65 82 f2 58 55 eb cb 34 ac 02 9e 95 14 4e
Aug 26 18:32:52.618282: | 51 f8 f6 74 19 1b 9d 2c 23 0f d8 4e b3 69 66 cb
Aug 26 18:32:52.618284: | fa 77 71 56 0c 5a 54 d1 3b 7e 5a ca 07 a9 b3 3c
Aug 26 18:32:52.618287: | 53 59 45 d1 73 5a d8 32 21 3b 2e 6d 89 af b8 fb
Aug 26 18:32:52.618296: | cc 9e e8 81 cf 45 33 27 2d 42 36 79 9f a1 19 e2
Aug 26 18:32:52.618300: | e8 a4 3b 30 b7 e7 fc 25 40 39 09 7e fd 91 85 a2
Aug 26 18:32:52.618302: | 1d 4a a1 58 64 bc 09 a8 23 f5 83 a4 be e2 af 72
Aug 26 18:32:52.618305: | 0e 41 16 b0 e7 1b dc 53 0b 69 86 e4 1f 07 01 a0
Aug 26 18:32:52.618307: | 06 ea 3d f0 44 67 bc 9d e1 24 4d db 6b b3 da aa
Aug 26 18:32:52.618310: | a8 65 a0 2a 52 68 29 47 80 79 c7 16 7a 54 ef 14
Aug 26 18:32:52.618312: | c3 4b 3c 95 02 9e a3 9e ac 7e b9 e6 7b 77 a2 16
Aug 26 18:32:52.618315: | 4a 1f 46 89 e1 0d 21 51 bd 1d f6 d0 e2 42 39 77
Aug 26 18:32:52.618317: | cf 95 56 15 55 52 6b 28 6f 4b 95 0e dc e7 6e 0b
Aug 26 18:32:52.618320: | 96 e8 92 1e 88 af 99 ba 01 1c 08 66 6e 7d 5b 10
Aug 26 18:32:52.618322: | 8e 05 8e b1 73 71 73 54 8c e3 bf b1 55 5f 86 91
Aug 26 18:32:52.618325: | 89 8a da e1 b8 69 4a d0 6d 87 36 59 bf 58 b0 e5
Aug 26 18:32:52.618327: | 6f e4 d7 be 91 c2 8e 1b 83 fb 9f 65 ce 46 fb 0f
Aug 26 18:32:52.618330: | 9d 54 5c dc 66 e1 32 de 01 73 76 94 2a e8 65 11
Aug 26 18:32:52.618332: | cf b5 01 a1 90 b3 f3 31 26 68 89 b3 d9 da 77 4c
Aug 26 18:32:52.618335: | 2b 5e 47 1d bf 76 7b 64 ef 26 d2 2b 70 64 fe 94
Aug 26 18:32:52.618337: | fa 35 f5 9c 6c ee 41 cf 8e 65 84 38 e1 9f 58 d9
Aug 26 18:32:52.618340: | f5 b7 a4 40 da 88 f2 41 c6 8b f2 b9 17 29 01 f5
Aug 26 18:32:52.618342: | 97 53 a7 9d 61 10 03 f3 32 f6 cb a6 cb 53 66 20
Aug 26 18:32:52.618345: | 4c dd 9d 93 d3 e8 34 1e 45 f3 c6 c7 46 74 e7 76
Aug 26 18:32:52.618348: | 8b 10 64 24 c1 1b 16 db aa df d7 51 07 ea f7 df
Aug 26 18:32:52.618350: | 04 3a df 94 56 31 7e 27 fe 66 fc db 0f 29 9b 07
Aug 26 18:32:52.618353: | 60 6d 84 1a 46 98 aa 20 0b c7 78 40 d9 9b ed c8
Aug 26 18:32:52.618355: | a8 23 c9 95 5d ed bb 2b a9 5c fb 25 ab c7 fe 44
Aug 26 18:32:52.618358: | 02 7a 5e d8 ce 14 0f ab ce 3e f0 29 6f 9e df a9
Aug 26 18:32:52.618360: | d5 50 53 55 5f b2 48 26 02 d0 1b 92 0a 4c dc 80
Aug 26 18:32:52.618363: | 52 58 62 b8 41 60 a7 05 1a 6a 12 07 11 b4 1a 84
Aug 26 18:32:52.618365: | fe b3 1d 83 fc 2f 5d 2e 7e 97 e0 68 8c 32 f8 54
Aug 26 18:32:52.618368: | c7 be 8b bf 8f 0c dd 0e a7 1f b4 4f 4b d1 e3 13
Aug 26 18:32:52.618370: | 4c 69 32 cd 49 e2 17 90 73 27 00 df 01 14 e9 6d
Aug 26 18:32:52.618373: | dd 6f e2 8e ab a7 9d 04 a5 c8 b7 af 88 57 f0 8e
Aug 26 18:32:52.618375: | 7f 85 d1 5d 46 cd 7f ab 18 55 75 cd 9a 77 df 01
Aug 26 18:32:52.618378: | 15 e5 5e a0 ae 8c 48 f6 b1 e5 a2 b4 76 1f 58 45
Aug 26 18:32:52.618380: | cf a5 0a 1b e9 4b f5 50 47 99 f8 a4 a0 d5 5a 91
Aug 26 18:32:52.618383: | ff 6a a1 e8 88 be 0e c8 0a 2a 5f 6b 00 c2 42 aa
Aug 26 18:32:52.618385: | 25 c2 c3 2a e8 86 20 14 f8 36 99 9c 9f a2 c7 a0
Aug 26 18:32:52.618388: | 52 f0 ee ae 48 84 f2 73 59 38 99 51 a1 00 be 82
Aug 26 18:32:52.618390: | 7e 7e 59 59 64 94 24 e1 17 87 0f 54 b2 f0 40 00
Aug 26 18:32:52.618393: | 2a 1f ff 5b 1b ea e1 d3 ab d7 ee 08 fa f9 e0 a1
Aug 26 18:32:52.618396: | 8b 15 49 ee f0 d7 cf 04 ce 2d 76 6c ad f0 dc c0
Aug 26 18:32:52.618398: | a8 2d 99 2c f0 48 68 7e 03 cd 30 e4 56 15 4a 74
Aug 26 18:32:52.618401: | cb b9 75 7e 0a 5f f8 93 4e 54 d4 1e 99 70 e7 15
Aug 26 18:32:52.618403: | ba 91 fd ca e8 fc c3 47 f2 23 87 cd d4 ef e2 3f
Aug 26 18:32:52.618406: | 15 5e a1 ee 0a 7a 04 a7 dd b8 60 86 c4 39 b0 62
Aug 26 18:32:52.618408: | bb 88 53 dd 79 af 2b 4a a0 35 19 3a 0f 29 27 98
Aug 26 18:32:52.618411: | 81 29 74 72 cd 13 3b d3 8d 2f 5f 2d 30 06 78 6e
Aug 26 18:32:52.618413: | 5e 0a 65 70 75 30 ac 0e a0 bf cd 8d b7 e7 8d bc
Aug 26 18:32:52.618416: | ca 01 ec 17 78 3d ae ee 46 26 66 5a 7f f2 ef 5b
Aug 26 18:32:52.618418: | 7f 55 80 44 04 78 f9 2a a6 35 ec 1e 04 b3 bc cb
Aug 26 18:32:52.618421: | 80 72 1f 46 4c dc b6 43 76 d0 73 11 42 b6 37 c5
Aug 26 18:32:52.618423: | 92 93 93 27 0b 90 90 cb e7 dd 3c 0c cc c6 c5 97
Aug 26 18:32:52.618426: | 5c 14 bb 9d 34 e6 e5 56 56 b2 e3 0f
Aug 26 18:32:52.618431: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378)
Aug 26 18:32:52.618436: | **parse ISAKMP Message:
Aug 26 18:32:52.618439: | initiator cookie:
Aug 26 18:32:52.618442: | 35 80 c1 69 e2 a9 e2 31
Aug 26 18:32:52.618445: | responder cookie:
Aug 26 18:32:52.618447: | 4b 16 40 1f 95 19 a0 1f
Aug 26 18:32:52.618450: | next payload type: ISAKMP_NEXT_ID (0x5)
Aug 26 18:32:52.618453: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:32:52.618456: | exchange type: ISAKMP_XCHG_IDPROT (0x2)
Aug 26 18:32:52.618459: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:32:52.618462: | Message ID: 0 (0x0)
Aug 26 18:32:52.618464: | length: 1884 (0x75c)
Aug 26 18:32:52.618467: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2)
Aug 26 18:32:52.618472: | State DB: found IKEv1 state #1 in MAIN_I3 (find_state_ikev1)
Aug 26 18:32:52.618477: | start processing: state #1 connection "north-a-dpd" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459)
Aug 26 18:32:52.618480: | #1 is idle
Aug 26 18:32:52.618483: | #1 idle
Aug 26 18:32:52.618486: | received encrypted packet from 192.1.2.23:500
Aug 26 18:32:52.618505: | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x220 opt: 0x20c0
Aug 26 18:32:52.618509: | ***parse ISAKMP Identification Payload:
Aug 26 18:32:52.618512: | next payload type: ISAKMP_NEXT_CERT (0x6)
Aug 26 18:32:52.618514: | length: 191 (0xbf)
Aug 26 18:32:52.618517: | ID type: ID_DER_ASN1_DN (0x9)
Aug 26 18:32:52.618520: | DOI specific A: 0 (0x0)
Aug 26 18:32:52.618522: | DOI specific B: 0 (0x0)
Aug 26 18:32:52.618525: | obj: 30 81 b4 31 0b 30 09 06 03 55 04 06 13 02 43 41
Aug 26 18:32:52.618528: | obj: 31 10 30 0e 06 03 55 04 08 0c 07 4f 6e 74 61 72
Aug 26 18:32:52.618531: | obj: 69 6f 31 10 30 0e 06 03 55 04 07 0c 07 54 6f 72
Aug 26 18:32:52.618533: | obj: 6f 6e 74 6f 31 12 30 10 06 03 55 04 0a 0c 09 4c
Aug 26 18:32:52.618536: | obj: 69 62 72 65 73 77 61 6e 31 18 30 16 06 03 55 04
Aug 26 18:32:52.618538: | obj: 0b 0c 0f 54 65 73 74 20 44 65 70 61 72 74 6d 65
Aug 26 18:32:52.618541: | obj: 6e 74 31 23 30 21 06 03 55 04 03 0c 1a 65 61 73
Aug 26 18:32:52.618543: | obj: 74 2e 74 65 73 74 69 6e 67 2e 6c 69 62 72 65 73
Aug 26 18:32:52.618546: | obj: 77 61 6e 2e 6f 72 67 31 2e 30 2c 06 09 2a 86 48
Aug 26 18:32:52.618549: | obj: 86 f7 0d 01 09 01 16 1f 75 73 65 72 2d 65 61 73
Aug 26 18:32:52.618551: | obj: 74 40 74 65 73 74 69 6e 67 2e 6c 69 62 72 65 73
Aug 26 18:32:52.618554: | obj: 77 61 6e 2e 6f 72 67
Aug 26 18:32:52.618557: | got payload 0x40 (ISAKMP_NEXT_CERT) needed: 0x200 opt: 0x20c0
Aug 26 18:32:52.618560: | ***parse ISAKMP Certificate Payload:
Aug 26 18:32:52.618562: | next payload type: ISAKMP_NEXT_SIG (0x9)
Aug 26 18:32:52.618565: | length: 1265 (0x4f1)
Aug 26 18:32:52.618568: | cert encoding: CERT_X509_SIGNATURE (0x4)
Aug 26 18:32:52.618571: | got payload 0x200 (ISAKMP_NEXT_SIG) needed: 0x200 opt: 0x20c0
Aug 26 18:32:52.618574: | ***parse ISAKMP Signature Payload:
Aug 26 18:32:52.618576: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:52.618579: | length: 388 (0x184)
Aug 26 18:32:52.618581: | removing 12 bytes of padding
Aug 26 18:32:52.618584: | message 'main_inR3' HASH payload not checked early
Aug 26 18:32:52.618589: | DER ASN1 DN: 30 81 b4 31 0b 30 09 06 03 55 04 06 13 02 43 41
Aug 26 18:32:52.618592: | DER ASN1 DN: 31 10 30 0e 06 03 55 04 08 0c 07 4f 6e 74 61 72
Aug 26 18:32:52.618594: | DER ASN1 DN: 69 6f 31 10 30 0e 06 03 55 04 07 0c 07 54 6f 72
Aug 26 18:32:52.618597: | DER ASN1 DN: 6f 6e 74 6f 31 12 30 10 06 03 55 04 0a 0c 09 4c
Aug 26 18:32:52.618599: | DER ASN1 DN: 69 62 72 65 73 77 61 6e 31 18 30 16 06 03 55 04
Aug 26 18:32:52.618602: | DER ASN1 DN: 0b 0c 0f 54 65 73 74 20 44 65 70 61 72 74 6d 65
Aug 26 18:32:52.618605: | DER ASN1 DN: 6e 74 31 23 30 21 06 03 55 04 03 0c 1a 65 61 73
Aug 26 18:32:52.618607: | DER ASN1 DN: 74 2e 74 65 73 74 69 6e 67 2e 6c 69 62 72 65 73
Aug 26 18:32:52.618612: | DER ASN1 DN: 77 61 6e 2e 6f 72 67 31 2e 30 2c 06 09 2a 86 48
Aug 26 18:32:52.618614: | DER ASN1 DN: 86 f7 0d 01 09 01 16 1f 75 73 65 72 2d 65 61 73
Aug 26 18:32:52.618617: | DER ASN1 DN: 74 40 74 65 73 74 69 6e 67 2e 6c 69 62 72 65 73
Aug 26 18:32:52.618620: | DER ASN1 DN: 77 61 6e 2e 6f 72 67
Aug 26 18:32:52.618629: "north-a-dpd" #1: Peer ID is ID_DER_ASN1_DN: 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org'
Aug 26 18:32:52.618642: | global one-shot timer EVENT_FREE_ROOT_CERTS scheduled in 300 seconds
Aug 26 18:32:52.618646: loading root certificate cache
Aug 26 18:32:52.622624: | spent 3.94 milliseconds in get_root_certs() calling PK11_ListCertsInSlot()
Aug 26 18:32:52.622666: | spent 0.0247 milliseconds in get_root_certs() filtering CAs
Aug 26 18:32:52.622673: | #1 spent 4 milliseconds in find_and_verify_certs() calling get_root_certs()
Aug 26 18:32:52.622677: | checking for known CERT payloads
Aug 26 18:32:52.622681: | saving certificate of type 'X509_SIGNATURE'
Aug 26 18:32:52.622725: | decoded cert: E=user-east@testing.libreswan.org,CN=east.testing.libreswan.org,OU=Test Department,O=Libreswan,L=Toronto,ST=Ontario,C=CA
Aug 26 18:32:52.622732: | #1 spent 0.053 milliseconds in find_and_verify_certs() calling decode_cert_payloads()
Aug 26 18:32:52.622737: | cert_issuer_has_current_crl: looking for a CRL issued by E=testing@libreswan.org,CN=Libreswan test CA for mainca,OU=Test Department,O=Libreswan,L=Toronto,ST=Ontario,C=CA
Aug 26 18:32:52.622783: | #1 spent 0.0444 milliseconds in find_and_verify_certs() calling crl_update_check()
Aug 26 18:32:52.622788: | missing or expired CRL
Aug 26 18:32:52.622792: | crl_strict: 0, ocsp: 0, ocsp_strict: 0, ocsp_post: 0
Aug 26 18:32:52.622795: | verify_end_cert trying profile IPsec
Aug 26 18:32:52.622928: | certificate is valid (profile IPsec)
Aug 26 18:32:52.622937: | #1 spent 0.144 milliseconds in find_and_verify_certs() calling verify_end_cert()
Aug 26 18:32:52.622942: "north-a-dpd" #1: certificate verified OK: E=user-east@testing.libreswan.org,CN=east.testing.libreswan.org,OU=Test Department,O=Libreswan,L=Toronto,ST=Ontario,C=CA
Aug 26 18:32:52.623018: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c66d965ac8
Aug 26 18:32:52.623024: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c66d965108
Aug 26 18:32:52.623027: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c66d964f58
Aug 26 18:32:52.623030: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c66d964598
Aug 26 18:32:52.623033: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c66d9768f8
Aug 26 18:32:52.623244: | unreference key: 0x55c66d974e78 C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org cnt 1--
Aug 26 18:32:52.623254: | #1 spent 0.299 milliseconds in decode_certs() calling add_pubkey_from_nss_cert()
Aug 26 18:32:52.623259: | #1 spent 4.59 milliseconds in decode_certs()
Aug 26 18:32:52.623272: | ID_DER_ASN1_DN 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' needs further ID comparison against 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org'
Aug 26 18:32:52.623276: | ID_DER_ASN1_DN 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' matched our ID
Aug 26 18:32:52.623279: | SAN ID matched, updating that.cert
Aug 26 18:32:52.623282: | X509: CERT and ID matches current connection
Aug 26 18:32:52.623329: | required RSA CA is 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:32:52.623345: | checking RSA keyid 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' for match with 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org'
Aug 26 18:32:52.623355: | trusted_ca_nss: trustee A = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:32:52.623362: | trusted_ca_nss: trustor B = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:32:52.623369: | key issuer CA is 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:32:52.623544: | an RSA Sig check passed with *AwEAAbEef [remote certificates]
Aug 26 18:32:52.623550: | #1 spent 0.176 milliseconds in try_all_RSA_keys() trying a pubkey
Aug 26 18:32:52.623554: "north-a-dpd" #1: Authenticated using RSA
Aug 26 18:32:52.623563: | FOR_EACH_CONNECTION_... in ISAKMP_SA_established
Aug 26 18:32:52.623638: | complete v1 state transition with STF_OK
Aug 26 18:32:52.623646: | [RE]START processing: state #1 connection "north-a-dpd" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673)
Aug 26 18:32:52.623650: | #1 is idle
Aug 26 18:32:52.623653: | doing_xauth:no, t_xauth_client_done:no
Aug 26 18:32:52.623656: | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Aug 26 18:32:52.623660: | parent state #1: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA)
Aug 26 18:32:52.623663: | event_already_set, deleting event
Aug 26 18:32:52.623666: | state #1 requesting EVENT_RETRANSMIT to be deleted
Aug 26 18:32:52.623670: | #1 STATE_MAIN_I4: retransmits: cleared
Aug 26 18:32:52.623675: | libevent_free: release ptr-libevent@0x55c66d953748
Aug 26 18:32:52.623678: | free_event_entry: release EVENT_RETRANSMIT-pe@0x55c66d954c08
Aug 26 18:32:52.623682: | !event_already_set at reschedule
Aug 26 18:32:52.623686: | event_schedule: new EVENT_SA_REPLACE-pe@0x55c66d954c08
Aug 26 18:32:52.623691: | inserting event EVENT_SA_REPLACE, timeout in 2607 seconds for #1
Aug 26 18:32:52.623694: | libevent_malloc: new ptr-libevent@0x55c66d976ab8 size 128
Aug 26 18:32:52.623698: | pstats #1 ikev1.isakmp established
Aug 26 18:32:52.623703: "north-a-dpd" #1: STATE_MAIN_I4: ISAKMP SA established {auth=RSA_SIG cipher=AES_CBC_256 integ=HMAC_SHA2_256 group=MODP2048}
Aug 26 18:32:52.623711: | DPD: dpd_init() called on ISAKMP SA
Aug 26 18:32:52.623713: | DPD: Peer supports Dead Peer Detection
Aug 26 18:32:52.623717: | modecfg pull: noquirk policy:push not-client
Aug 26 18:32:52.623720: | phase 1 is done, looking for phase 2 to unpend
Aug 26 18:32:52.623722: | unpending state #1
Aug 26 18:32:52.623728: | creating state object #2 at 0x55c66d974f68
Aug 26 18:32:52.623732: | State DB: adding IKEv1 state #2 in UNDEFINED
Aug 26 18:32:52.623737: | pstats #2 ikev1.ipsec started
Aug 26 18:32:52.623740: | duplicating state object #1 "north-a-dpd" as #2 for IPSEC SA
Aug 26 18:32:52.623746: | #2 setting local endpoint to 192.1.3.33:500 from #1.st_localport (in duplicate_state() at state.c:1484)
Aug 26 18:32:52.623752: | suspend processing: state #1 connection "north-a-dpd" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685)
Aug 26 18:32:52.623757: | start processing: state #2 connection "north-a-dpd" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685)
Aug 26 18:32:52.623763: | child state #2: UNDEFINED(ignore) => QUICK_I1(established CHILD SA)
Aug 26 18:32:52.623770: "north-a-dpd" #2: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#1 msgid:896f01e8 proposal=defaults pfsgroup=MODP2048}
Aug 26 18:32:52.623777: | adding quick_outI1 KE work-order 3 for state #2
Aug 26 18:32:52.623780: | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55c66d95ef28
Aug 26 18:32:52.623784: | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #2
Aug 26 18:32:52.623787: | libevent_malloc: new ptr-libevent@0x55c66d94a328 size 128
Aug 26 18:32:52.623790: | libevent_realloc: release ptr-libevent@0x55c66d8e2208
Aug 26 18:32:52.623793: | libevent_realloc: new ptr-libevent@0x55c66d9494d8 size 128
Aug 26 18:32:52.623805: | stop processing: state #2 connection "north-a-dpd" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764)
Aug 26 18:32:52.623810: | resume processing: state #1 connection "north-a-dpd" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764)
Aug 26 18:32:52.623811: | crypto helper 4 resuming
Aug 26 18:32:52.623814: | unqueuing pending Quick Mode with 192.1.2.23 "north-a-dpd"
Aug 26 18:32:52.623821: | crypto helper 4 starting work-order 3 for state #2
Aug 26 18:32:52.623826: | removing pending policy for no connection {0x55c66d9489a8}
Aug 26 18:32:52.623832: | crypto helper 4 doing build KE and nonce (quick_outI1 KE); request ID 3
Aug 26 18:32:52.623836: | close_any(fd@24) (in release_whack() at state.c:654)
Aug 26 18:32:52.623841: | #1 spent 5.21 milliseconds in process_packet_tail()
Aug 26 18:32:52.623846: | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380)
Aug 26 18:32:52.623851: | stop processing: state #1 connection "north-a-dpd" from 192.1.2.23 (in process_md() at demux.c:382)
Aug 26 18:32:52.623854: | processing: STOP connection NULL (in process_md() at demux.c:383)
Aug 26 18:32:52.623858: | spent 5.72 milliseconds in comm_handle_cb() reading and processing packet
Aug 26 18:32:52.624474: | crypto helper 4 finished build KE and nonce (quick_outI1 KE); request ID 3 time elapsed 0.000641 seconds
Aug 26 18:32:52.624484: | (#2) spent 0.648 milliseconds in crypto helper computing work-order 3: quick_outI1 KE (pcr)
Aug 26 18:32:52.624487: | crypto helper 4 sending results from work-order 3 for state #2 to event queue
Aug 26 18:32:52.624489: | scheduling resume sending helper answer for #2
Aug 26 18:32:52.624491: | libevent_malloc: new ptr-libevent@0x7fbd14003f28 size 128
Aug 26 18:32:52.624498: | crypto helper 4 waiting (nothing to do)
Aug 26 18:32:52.624506: | processing resume sending helper answer for #2
Aug 26 18:32:52.624513: | start processing: state #2 connection "north-a-dpd" from 192.1.2.23 (in resume_handler() at server.c:797)
Aug 26 18:32:52.624517: | crypto helper 4 replies to request ID 3
Aug 26 18:32:52.624520: | calling continuation function 0x55c66cb6db50
Aug 26 18:32:52.624523: | quick_outI1_continue for #2: calculated ke+nonce, sending I1
Aug 26 18:32:52.624528: | **emit ISAKMP Message:
Aug 26 18:32:52.624531: | initiator cookie:
Aug 26 18:32:52.624534: | 35 80 c1 69 e2 a9 e2 31
Aug 26 18:32:52.624537: | responder cookie:
Aug 26 18:32:52.624539: | 4b 16 40 1f 95 19 a0 1f
Aug 26 18:32:52.624542: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:52.624545: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:32:52.624548: | exchange type: ISAKMP_XCHG_QUICK (0x20)
Aug 26 18:32:52.624551: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:32:52.624553: | Message ID: 2305753576 (0x896f01e8)
Aug 26 18:32:52.624556: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Aug 26 18:32:52.624560: | ***emit ISAKMP Hash Payload:
Aug 26 18:32:52.624562: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:52.624566: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH)
Aug 26 18:32:52.624569: | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet'
Aug 26 18:32:52.624572: | emitting 32 zero bytes of HASH DATA into ISAKMP Hash Payload
Aug 26 18:32:52.624575: | emitting length of ISAKMP Hash Payload: 36
Aug 26 18:32:52.624577: | emitting quick defaults using policy none
Aug 26 18:32:52.624581: | empty esp_info, returning defaults for ENCRYPT
Aug 26 18:32:52.624585: | ***emit ISAKMP Security Association Payload:
Aug 26 18:32:52.624588: | next payload type: ISAKMP_NEXT_NONCE (0xa)
Aug 26 18:32:52.624591: | DOI: ISAKMP_DOI_IPSEC (0x1)
Aug 26 18:32:52.624594: | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE
Aug 26 18:32:52.624597: | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA)
Aug 26 18:32:52.624602: | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet'
Aug 26 18:32:52.624605: | ****emit IPsec DOI SIT:
Aug 26 18:32:52.624608: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
Aug 26 18:32:52.624611: | ikev1_out_sa pcn: 0 has 1 valid proposals
Aug 26 18:32:52.624614: | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 2
Aug 26 18:32:52.624616: | ****emit ISAKMP Proposal Payload:
Aug 26 18:32:52.624619: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:52.624621: | proposal number: 0 (0x0)
Aug 26 18:32:52.624624: | protocol ID: PROTO_IPSEC_ESP (0x3)
Aug 26 18:32:52.624627: | SPI size: 4 (0x4)
Aug 26 18:32:52.624629: | number of transforms: 2 (0x2)
Aug 26 18:32:52.624632: | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type'
Aug 26 18:32:52.624649: | netlink_get_spi: allocated 0x93d21727 for esp.0@192.1.3.33
Aug 26 18:32:52.624653: | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload
Aug 26 18:32:52.624656: | SPI 93 d2 17 27
Aug 26 18:32:52.624658: | *****emit ISAKMP Transform Payload (ESP):
Aug 26 18:32:52.624661: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.624664: | ESP transform number: 0 (0x0)
Aug 26 18:32:52.624666: | ESP transform ID: ESP_AES (0xc)
Aug 26 18:32:52.624669: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type'
Aug 26 18:32:52.624672: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:32:52.624675: | af+type: AF+GROUP_DESCRIPTION (0x8003)
Aug 26 18:32:52.624678: | length/value: 14 (0xe)
Aug 26 18:32:52.624681: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:32:52.624683: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:32:52.624686: | af+type: AF+ENCAPSULATION_MODE (0x8004)
Aug 26 18:32:52.624689: | length/value: 1 (0x1)
Aug 26 18:32:52.624692: | [1 is ENCAPSULATION_MODE_TUNNEL]
Aug 26 18:32:52.624694: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:32:52.624697: | af+type: AF+SA_LIFE_TYPE (0x8001)
Aug 26 18:32:52.624699: | length/value: 1 (0x1)
Aug 26 18:32:52.624702: | [1 is SA_LIFE_TYPE_SECONDS]
Aug 26 18:32:52.624704: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:32:52.624707: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002)
Aug 26 18:32:52.624710: | length/value: 28800 (0x7080)
Aug 26 18:32:52.624713: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:32:52.624715: | af+type: AF+AUTH_ALGORITHM (0x8005)
Aug 26 18:32:52.624718: | length/value: 2 (0x2)
Aug 26 18:32:52.624720: | [2 is AUTH_ALGORITHM_HMAC_SHA1]
Aug 26 18:32:52.624723: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:32:52.624726: | af+type: AF+KEY_LENGTH (0x8006)
Aug 26 18:32:52.624728: | length/value: 128 (0x80)
Aug 26 18:32:52.624731: | emitting length of ISAKMP Transform Payload (ESP): 32
Aug 26 18:32:52.624734: | *****emit ISAKMP Transform Payload (ESP):
Aug 26 18:32:52.624736: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:52.624739: | ESP transform number: 1 (0x1)
Aug 26 18:32:52.624742: | ESP transform ID: ESP_3DES (0x3)
Aug 26 18:32:52.624745: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:32:52.624748: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type'
Aug 26 18:32:52.624750: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:32:52.624753: | af+type: AF+GROUP_DESCRIPTION (0x8003)
Aug 26 18:32:52.624756: | length/value: 14 (0xe)
Aug 26 18:32:52.624758: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:32:52.624761: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:32:52.624763: | af+type: AF+ENCAPSULATION_MODE (0x8004)
Aug 26 18:32:52.624766: | length/value: 1 (0x1)
Aug 26 18:32:52.624769: | [1 is ENCAPSULATION_MODE_TUNNEL]
Aug 26 18:32:52.624773: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:32:52.624775: | af+type: AF+SA_LIFE_TYPE (0x8001)
Aug 26 18:32:52.624778: | length/value: 1 (0x1)
Aug 26 18:32:52.624781: | [1 is SA_LIFE_TYPE_SECONDS]
Aug 26 18:32:52.624783: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:32:52.624786: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002)
Aug 26 18:32:52.624788: | length/value: 28800 (0x7080)
Aug 26 18:32:52.624791: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:32:52.624794: | af+type: AF+AUTH_ALGORITHM (0x8005)
Aug 26 18:32:52.624796: | length/value: 2 (0x2)
Aug 26 18:32:52.624799: | [2 is AUTH_ALGORITHM_HMAC_SHA1]
Aug 26 18:32:52.624801: | emitting length of ISAKMP Transform Payload (ESP): 28
Aug 26 18:32:52.624804: | emitting length of ISAKMP Proposal Payload: 72
Aug 26 18:32:52.624807: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0
Aug 26 18:32:52.624810: | emitting length of ISAKMP Security Association Payload: 84
Aug 26 18:32:52.624813: | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0
Aug 26 18:32:52.624816: | ***emit ISAKMP Nonce Payload:
Aug 26 18:32:52.624819: | next payload type: ISAKMP_NEXT_KE (0x4)
Aug 26 18:32:52.624822: | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE
Aug 26 18:32:52.624825: | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE)
Aug 26 18:32:52.624828: | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet'
Aug 26 18:32:52.624831: | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload
Aug 26 18:32:52.624834: | Ni 09 9e e3 29 89 64 36 56 5d 54 3c 9e ad fa 05 49
Aug 26 18:32:52.624837: | Ni c7 29 e2 70 6f 8f 4d e3 24 30 42 df 6b af c5 5a
Aug 26 18:32:52.624839: | emitting length of ISAKMP Nonce Payload: 36
Aug 26 18:32:52.624842: | ***emit ISAKMP Key Exchange Payload:
Aug 26 18:32:52.624845: | next payload type: ISAKMP_NEXT_ID (0x5)
Aug 26 18:32:52.624848: | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID
Aug 26 18:32:52.624851: | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE)
Aug 26 18:32:52.624854: | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet'
Aug 26 18:32:52.624857: | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload
Aug 26 18:32:52.624860: | keyex value 36 1b a9 1f 33 ab a2 77 8d 38 dc bb 5a f8 32 65
Aug 26 18:32:52.624862: | keyex value 37 0f 94 59 72 2e c3 29 8f 4d 79 9a ab 71 ee 3d
Aug 26 18:32:52.624865: | keyex value f7 92 c1 28 c3 e9 31 3c 9e 20 fa 91 18 ca 46 f4
Aug 26 18:32:52.624867: | keyex value 49 03 16 78 52 7b b6 54 75 b5 61 8a e9 b1 9a 63
Aug 26 18:32:52.624870: | keyex value 24 7e 79 4c b9 cc 1c c9 6e e9 74 e6 47 39 f3 cd
Aug 26 18:32:52.624872: | keyex value 8c 01 8b ef 83 26 0f 8a 1c 4c 94 dc 7e 0f 99 f3
Aug 26 18:32:52.624875: | keyex value a9 b4 24 e9 3c cd 01 71 87 cf cc 78 cd b6 7b 12
Aug 26 18:32:52.624877: | keyex value 8a 78 68 99 0a 61 2a 31 a9 2f 0f 5b 18 15 ab c9
Aug 26 18:32:52.624880: | keyex value 05 88 3f 9f 8e 1c 03 c4 b1 10 9e 9f 4d 33 e5 0f
Aug 26 18:32:52.624883: | keyex value d5 5b 0d f2 af 78 7a 4c 2e 56 e4 e6 ba 19 bf f7
Aug 26 18:32:52.624885: | keyex value 3f 98 49 4e f8 e9 e6 e5 37 83 1a 54 29 c9 6b 7c
Aug 26 18:32:52.624888: | keyex value a5 67 cb 1b 48 f6 1a 7e 71 8e 7e 46 5f 27 a0 af
Aug 26 18:32:52.624890: | keyex value 9a d4 6a a9 d7 5f 23 e8 37 d2 3c 65 3c a1 3c d8
Aug 26 18:32:52.624893: | keyex value 87 8f c2 07 f8 5a 99 c4 59 3f ef 49 49 52 41 31
Aug 26 18:32:52.624895: | keyex value f7 18 d5 4e 88 fd 01 e0 7f f7 26 d4 cf 4a 23 c3
Aug 26 18:32:52.624901: | keyex value be f6 5f dd 2b 6d 50 1b df cb 2f 9b cf a1 25 69
Aug 26 18:32:52.624904: | emitting length of ISAKMP Key Exchange Payload: 260
Aug 26 18:32:52.624907: | ***emit ISAKMP Identification Payload (IPsec DOI):
Aug 26 18:32:52.624910: | next payload type: ISAKMP_NEXT_ID (0x5)
Aug 26 18:32:52.624912: | ID type: ID_IPV4_ADDR_SUBNET (0x4)
Aug 26 18:32:52.624915: | Protocol ID: 0 (0x0)
Aug 26 18:32:52.624917: | port: 0 (0x0)
Aug 26 18:32:52.624920: | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID
Aug 26 18:32:52.624924: | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID)
Aug 26 18:32:52.624927: | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet'
Aug 26 18:32:52.624930: | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI)
Aug 26 18:32:52.624933: | client network c0 00 03 00
Aug 26 18:32:52.624936: | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI)
Aug 26 18:32:52.624938: | client mask ff ff ff 00
Aug 26 18:32:52.624941: | emitting length of ISAKMP Identification Payload (IPsec DOI): 16
Aug 26 18:32:52.624944: | ***emit ISAKMP Identification Payload (IPsec DOI):
Aug 26 18:32:52.624946: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:52.624949: | ID type: ID_IPV4_ADDR_SUBNET (0x4)
Aug 26 18:32:52.624951: | Protocol ID: 0 (0x0)
Aug 26 18:32:52.624954: | port: 0 (0x0)
Aug 26 18:32:52.624957: | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID)
Aug 26 18:32:52.624960: | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet'
Aug 26 18:32:52.624963: | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI)
Aug 26 18:32:52.624965: | client network c0 00 16 00
Aug 26 18:32:52.624968: | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI)
Aug 26 18:32:52.624971: | client mask ff ff ff 00
Aug 26 18:32:52.624973: | emitting length of ISAKMP Identification Payload (IPsec DOI): 16
Aug 26 18:32:52.624997: | outI1 HASH(1):
Aug 26 18:32:52.625001: | d7 16 5d 2a bc da ba 84 46 32 1d e8 f5 bd 25 7e
Aug 26 18:32:52.625003: | 15 38 1f c5 15 18 21 4f ae 14 e2 47 4c 7d 26 48
Aug 26 18:32:52.625011: | no IKEv1 message padding required
Aug 26 18:32:52.625014: | emitting length of ISAKMP Message: 476
Aug 26 18:32:52.625029: | sending 476 bytes for reply packet from quick_outI1 through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #2)
Aug 26 18:32:52.625032: | 35 80 c1 69 e2 a9 e2 31 4b 16 40 1f 95 19 a0 1f
Aug 26 18:32:52.625035: | 08 10 20 01 89 6f 01 e8 00 00 01 dc 52 d0 3c 92
Aug 26 18:32:52.625037: | bc 96 aa 3f 55 66 1b 4f b0 a6 4f 5b 8c 5b 47 de
Aug 26 18:32:52.625040: | 92 39 b1 56 5b c7 fe f0 39 a6 c2 60 5f 81 1c 13
Aug 26 18:32:52.625042: | 05 56 44 78 61 45 51 dd d2 60 81 0f 35 37 ff bf
Aug 26 18:32:52.625045: | db 57 b9 f9 f9 00 42 ec b5 9d 03 38 90 3e 00 c7
Aug 26 18:32:52.625047: | f3 71 8e b3 3e 61 9c 63 57 e0 18 42 f4 5a aa 34
Aug 26 18:32:52.625050: | 9a 1c 6f 2c 0c 96 fe 7c 14 99 b1 71 9b ec 5d fe
Aug 26 18:32:52.625052: | 11 df 42 1f 8e 9a 7d b3 75 5a b1 db 7d ca e2 9a
Aug 26 18:32:52.625055: | e9 19 49 d0 c8 5d 5d 4f ed 1d a0 d4 09 64 12 be
Aug 26 18:32:52.625057: | 6d 76 44 a9 48 2f cc f3 81 28 57 5b 10 d7 ee b7
Aug 26 18:32:52.625060: | d1 18 2a 14 c6 4d 7c ff 47 42 54 fd 92 1d ee c8
Aug 26 18:32:52.625062: | f7 8b ea 4f 55 d3 ec ed 48 c6 13 ed 74 84 d0 60
Aug 26 18:32:52.625065: | 6c ee 63 d1 dd 8b 84 5c 2a 8f 8a 66 4a c4 8f b8
Aug 26 18:32:52.625067: | de 72 ed 39 7f c1 94 80 e3 0c ce bb 38 45 79 16
Aug 26 18:32:52.625073: | 4b 9f c9 75 3e 42 c7 1f d9 fe ad f1 fe 66 29 6c
Aug 26 18:32:52.625076: | 06 4b d7 3f 9a eb 5a 91 1b 4c 4e 3d af 93 ed a0
Aug 26 18:32:52.625078: | 20 02 54 04 1a 36 73 42 98 1c 74 d7 2c 29 f1 95
Aug 26 18:32:52.625081: | 19 d4 5b 3d a0 51 ab c2 7a 6f db 56 c6 a0 2d 57
Aug 26 18:32:52.625083: | 87 7e fc 74 20 e0 fa 36 dc f1 5f 6b d4 73 c9 96
Aug 26 18:32:52.625086: | 7a e1 1f 08 01 32 58 ba ad 3a 50 a0 56 bc b9 8d
Aug 26 18:32:52.625088: | b1 e9 c3 f8 4a 2d 5a 16 15 3c 52 7c 85 97 55 e9
Aug 26 18:32:52.625090: | 16 6e 03 2f 89 28 d6 7b c6 3e 34 16 77 8e a0 df
Aug 26 18:32:52.625093: | c0 8d ad d9 16 63 3b 9e 95 72 f3 39 b3 e8 f9 4b
Aug 26 18:32:52.625095: | 24 ad c6 3d 63 e0 ac bf d4 22 95 32 e3 bd 19 56
Aug 26 18:32:52.625098: | a9 fa eb dd 8c e5 e3 27 aa 25 a2 e1 e8 64 0b 88
Aug 26 18:32:52.625100: | 0f d6 c1 5f 8d a3 b5 88 52 54 cb aa 12 6d 4e c7
Aug 26 18:32:52.625103: | 73 b7 21 e8 e9 5e 69 3f 9c 57 25 82 77 f0 dd fd
Aug 26 18:32:52.625105: | d7 c3 4d 20 4d a0 17 16 09 ec 27 ea b2 cc ea e4
Aug 26 18:32:52.625108: | 05 9a 98 31 73 7a ab 6c 4e 8b 2c ae
Aug 26 18:32:52.625154: | state #2 requesting EVENT_CRYPTO_TIMEOUT to be deleted
Aug 26 18:32:52.625159: | libevent_free: release ptr-libevent@0x55c66d94a328
Aug 26 18:32:52.625163: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55c66d95ef28
Aug 26 18:32:52.625166: | event_schedule: new EVENT_RETRANSMIT-pe@0x55c66d95ef28
Aug 26 18:32:52.625170: | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #2
Aug 26 18:32:52.625173: | libevent_malloc: new ptr-libevent@0x55c66d961418 size 128
Aug 26 18:32:52.625179: | #2 STATE_QUICK_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29658.367633
Aug 26 18:32:52.625188: | resume sending helper answer for #2 suppresed complete_v1_state_transition()
Aug 26 18:32:52.625193: | #2 spent 0.649 milliseconds in resume sending helper answer
Aug 26 18:32:52.625199: | stop processing: state #2 connection "north-a-dpd" from 192.1.2.23 (in resume_handler() at server.c:833)
Aug 26 18:32:52.625202: | libevent_free: release ptr-libevent@0x7fbd14003f28
Aug 26 18:32:52.628525: | spent 0.00272 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
Aug 26 18:32:52.628544: | *received 460 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500)
Aug 26 18:32:52.628547: | 35 80 c1 69 e2 a9 e2 31 4b 16 40 1f 95 19 a0 1f
Aug 26 18:32:52.628549: | 08 10 20 01 89 6f 01 e8 00 00 01 cc a5 47 52 7f
Aug 26 18:32:52.628550: | f5 74 04 27 a0 ca fc da d0 16 b9 e7 b4 ca 3a 94
Aug 26 18:32:52.628552: | c0 3e 12 cf 46 f7 26 a3 28 d2 37 6e 0c 8b e8 e7
Aug 26 18:32:52.628556: | 46 ed 9e d3 7f 2c e1 70 06 21 8e 90 b5 c9 c9 80
Aug 26 18:32:52.628560: | be 0e c3 04 11 02 83 14 4b e4 bc 72 a6 8d d9 0b
Aug 26 18:32:52.628563: | 99 07 d8 2a 97 d9 4c fa 41 20 0d 7a 05 da 66 31
Aug 26 18:32:52.628565: | 07 b1 f2 77 61 b5 70 b7 70 47 bd 0e b8 fb e0 b3
Aug 26 18:32:52.628567: | da 82 06 9b fd 19 e5 f5 02 3b 11 57 a6 01 f3 82
Aug 26 18:32:52.628569: | b7 e1 0e f5 30 1a 7d 92 dd 0d 90 9c 13 d9 cb f1
Aug 26 18:32:52.628571: | 68 3a 9c f5 58 6f 27 7f 0d 18 5c 65 c1 04 60 61
Aug 26 18:32:52.628573: | f4 18 a7 96 a9 e1 5a a9 ab 7c d2 bd 6e 5b 67 4c
Aug 26 18:32:52.628575: | 11 a6 68 ed 95 7a 9b ee 02 72 ba 3d 28 27 6a ff
Aug 26 18:32:52.628578: | ac 9a f8 d9 17 54 3f 31 7f 5a f8 5b ea 84 88 94
Aug 26 18:32:52.628580: | d5 a0 c9 20 44 4e c3 d8 62 1f e6 81 60 1f a0 fc
Aug 26 18:32:52.628583: | ce 8f b0 99 3b a0 3f 68 6a 6d 50 c1 35 1b 76 22
Aug 26 18:32:52.628585: | 46 41 50 2c 66 8b d2 43 26 a8 8a 02 92 3d 67 3a
Aug 26 18:32:52.628588: | c1 1f 8f 9b 16 46 a3 4d 53 a4 f0 5f 0d 06 21 c5
Aug 26 18:32:52.628590: | a4 5c ec 61 89 9f fe d8 14 25 80 f6 97 c9 bd e9
Aug 26 18:32:52.628592: | 75 d3 0e d0 3f f3 e4 d3 33 69 f1 fe dd 3e fb 14
Aug 26 18:32:52.628594: | 9e e6 ec 12 02 bc 6f c5 85 d8 a1 b1 9a a3 4f 64
Aug 26 18:32:52.628599: | af be 8a 5c 03 9e 3e f4 e3 f1 9c 97 5f de dc 85
Aug 26 18:32:52.628602: | b7 e9 db fb 24 c7 be ce 63 27 67 6e 4f 24 8d 95
Aug 26 18:32:52.628604: | f3 5a c0 a7 7e bd 65 cb a3 69 0e af fc f7 f5 9f
Aug 26 18:32:52.628606: | e1 6b 98 2e 1d e9 16 32 e8 be 46 cd 94 3f c3 37
Aug 26 18:32:52.628608: | 49 59 bc 73 39 05 e6 30 80 5c 1c a0 7f 02 fa 9d
Aug 26 18:32:52.628611: | 12 1a c8 6b 59 a8 e9 23 a5 07 66 05 d8 89 1a 30
Aug 26 18:32:52.628614: | 00 89 9b 2c cc 2c a1 77 44 49 59 8d 1d 43 37 e8
Aug 26 18:32:52.628616: | 68 26 a8 2b 3a 4b 94 a9 74 9c 67 52
Aug 26 18:32:52.628621: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378)
Aug 26 18:32:52.628625: | **parse ISAKMP Message:
Aug 26 18:32:52.628628: | initiator cookie:
Aug 26 18:32:52.628631: | 35 80 c1 69 e2 a9 e2 31
Aug 26 18:32:52.628633: | responder cookie:
Aug 26 18:32:52.628636: | 4b 16 40 1f 95 19 a0 1f
Aug 26 18:32:52.628639: | next payload type: ISAKMP_NEXT_HASH (0x8)
Aug 26 18:32:52.628643: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:32:52.628646: | exchange type: ISAKMP_XCHG_QUICK (0x20)
Aug 26 18:32:52.628649: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:32:52.628652: | Message ID: 2305753576 (0x896f01e8)
Aug 26 18:32:52.628655: | length: 460 (0x1cc)
Aug 26 18:32:52.628658: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32)
Aug 26 18:32:52.628662: | State DB: found IKEv1 state #2 in QUICK_I1 (find_state_ikev1)
Aug 26 18:32:52.628665: | start processing: state #2 connection "north-a-dpd" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1633)
Aug 26 18:32:52.628667: | #2 is idle
Aug 26 18:32:52.628669: | #2 idle
Aug 26 18:32:52.628671: | received encrypted packet from 192.1.2.23:500
Aug 26 18:32:52.628684: | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030
Aug 26 18:32:52.628686: | ***parse ISAKMP Hash Payload:
Aug 26 18:32:52.628688: | next payload type: ISAKMP_NEXT_SA (0x1)
Aug 26 18:32:52.628690: | length: 36 (0x24)
Aug 26 18:32:52.628692: | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030
Aug 26 18:32:52.628694: | ***parse ISAKMP Security Association Payload:
Aug 26 18:32:52.628696: | next payload type: ISAKMP_NEXT_NONCE (0xa)
Aug 26 18:32:52.628697: | length: 56 (0x38)
Aug 26 18:32:52.628699: | DOI: ISAKMP_DOI_IPSEC (0x1)
Aug 26 18:32:52.628700: | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030
Aug 26 18:32:52.628702: | ***parse ISAKMP Nonce Payload:
Aug 26 18:32:52.628704: | next payload type: ISAKMP_NEXT_KE (0x4)
Aug 26 18:32:52.628705: | length: 36 (0x24)
Aug 26 18:32:52.628707: | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030
Aug 26 18:32:52.628709: | ***parse ISAKMP Key Exchange Payload:
Aug 26 18:32:52.628710: | next payload type: ISAKMP_NEXT_ID (0x5)
Aug 26 18:32:52.628712: | length: 260 (0x104)
Aug 26 18:32:52.628714: | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030
Aug 26 18:32:52.628715: | ***parse ISAKMP Identification Payload (IPsec DOI):
Aug 26 18:32:52.628717: | next payload type: ISAKMP_NEXT_ID (0x5)
Aug 26 18:32:52.628718: | length: 16 (0x10)
Aug 26 18:32:52.628720: | ID type: ID_IPV4_ADDR_SUBNET (0x4)
Aug 26 18:32:52.628722: | Protocol ID: 0 (0x0)
Aug 26 18:32:52.628723: | port: 0 (0x0)
Aug 26 18:32:52.628725: | obj: c0 00 03 00 ff ff ff 00
Aug 26 18:32:52.628727: | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030
Aug 26 18:32:52.628728: | ***parse ISAKMP Identification Payload (IPsec DOI):
Aug 26 18:32:52.628730: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:52.628732: | length: 16 (0x10)
Aug 26 18:32:52.628733: | ID type: ID_IPV4_ADDR_SUBNET (0x4)
Aug 26 18:32:52.628735: | Protocol ID: 0 (0x0)
Aug 26 18:32:52.628736: | port: 0 (0x0)
Aug 26 18:32:52.628738: | obj: c0 00 16 00 ff ff ff 00
Aug 26 18:32:52.628739: | removing 12 bytes of padding
Aug 26 18:32:52.628755: | quick_inR1_outI2 HASH(2):
Aug 26 18:32:52.628759: | 77 90 f8 c2 3b c8 b7 d2 b2 66 33 73 6a cd ac 4c
Aug 26 18:32:52.628761: | dd 58 5d d5 18 95 09 b2 65 0e 30 78 f0 e4 bc 74
Aug 26 18:32:52.628763: | received 'quick_inR1_outI2' message HASH(2) data ok
Aug 26 18:32:52.628766: | ****parse IPsec DOI SIT:
Aug 26 18:32:52.628768: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
Aug 26 18:32:52.628770: | ****parse ISAKMP Proposal Payload:
Aug 26 18:32:52.628772: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:52.628773: | length: 44 (0x2c)
Aug 26 18:32:52.628775: | proposal number: 0 (0x0)
Aug 26 18:32:52.628776: | protocol ID: PROTO_IPSEC_ESP (0x3)
Aug 26 18:32:52.628778: | SPI size: 4 (0x4)
Aug 26 18:32:52.628780: | number of transforms: 1 (0x1)
Aug 26 18:32:52.628781: | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI
Aug 26 18:32:52.628783: | SPI da d5 24 50
Aug 26 18:32:52.628785: | *****parse ISAKMP Transform Payload (ESP):
Aug 26 18:32:52.628787: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:52.628788: | length: 32 (0x20)
Aug 26 18:32:52.628790: | ESP transform number: 0 (0x0)
Aug 26 18:32:52.628792: | ESP transform ID: ESP_AES (0xc)
Aug 26 18:32:52.628794: | ******parse ISAKMP IPsec DOI attribute:
Aug 26 18:32:52.628796: | af+type: AF+GROUP_DESCRIPTION (0x8003)
Aug 26 18:32:52.628798: | length/value: 14 (0xe)
Aug 26 18:32:52.628799: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:32:52.628801: | ******parse ISAKMP IPsec DOI attribute:
Aug 26 18:32:52.628803: | af+type: AF+ENCAPSULATION_MODE (0x8004)
Aug 26 18:32:52.628805: | length/value: 1 (0x1)
Aug 26 18:32:52.628806: | [1 is ENCAPSULATION_MODE_TUNNEL]
Aug 26 18:32:52.628808: | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none
Aug 26 18:32:52.628810: | ******parse ISAKMP IPsec DOI attribute:
Aug 26 18:32:52.628812: | af+type: AF+SA_LIFE_TYPE (0x8001)
Aug 26 18:32:52.628813: | length/value: 1 (0x1)
Aug 26 18:32:52.628815: | [1 is SA_LIFE_TYPE_SECONDS]
Aug 26 18:32:52.628816: | ******parse ISAKMP IPsec DOI attribute:
Aug 26 18:32:52.628818: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002)
Aug 26 18:32:52.628820: | length/value: 28800 (0x7080)
Aug 26 18:32:52.628821: | ******parse ISAKMP IPsec DOI attribute:
Aug 26 18:32:52.628823: | af+type: AF+AUTH_ALGORITHM (0x8005)
Aug 26 18:32:52.628825: | length/value: 2 (0x2)
Aug 26 18:32:52.628826: | [2 is AUTH_ALGORITHM_HMAC_SHA1]
Aug 26 18:32:52.628828: | ******parse ISAKMP IPsec DOI attribute:
Aug 26 18:32:52.628829: | af+type: AF+KEY_LENGTH (0x8006)
Aug 26 18:32:52.628831: | length/value: 128 (0x80)
Aug 26 18:32:52.628833: | ESP IPsec Transform verified unconditionally; no alg_info to check against
Aug 26 18:32:52.628844: | started looking for secret for C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org->C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org of kind PKK_PSK
Aug 26 18:32:52.628848: | actually looking for secret for C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org->C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org of kind PKK_PSK
Aug 26 18:32:52.628854: | line 0: key type PKK_PSK(C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org) to type PKK_RSA
Aug 26 18:32:52.628857: | line 1: key type PKK_PSK(C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org) to type PKK_RSA
Aug 26 18:32:52.628859: | concluding with best_match=000 best=(nil) (lineno=-1)
Aug 26 18:32:52.628860: | no PreShared Key Found
Aug 26 18:32:52.628863: | adding quick outI2 DH work-order 4 for state #2
Aug 26 18:32:52.628865: | state #2 requesting EVENT_RETRANSMIT to be deleted
Aug 26 18:32:52.628868: | #2 STATE_QUICK_I1: retransmits: cleared
Aug 26 18:32:52.628870: | libevent_free: release ptr-libevent@0x55c66d961418
Aug 26 18:32:52.628872: | free_event_entry: release EVENT_RETRANSMIT-pe@0x55c66d95ef28
Aug 26 18:32:52.628874: | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55c66d95ef28
Aug 26 18:32:52.628877: | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #2
Aug 26 18:32:52.628879: | libevent_malloc: new ptr-libevent@0x7fbd14003f28 size 128
Aug 26 18:32:52.628885: | complete v1 state transition with STF_SUSPEND
Aug 26 18:32:52.628891: | [RE]START processing: state #2 connection "north-a-dpd" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648)
Aug 26 18:32:52.628892: | crypto helper 3 resuming
Aug 26 18:32:52.628893: | suspending state #2 and saving MD
Aug 26 18:32:52.628904: | crypto helper 3 starting work-order 4 for state #2
Aug 26 18:32:52.628906: | #2 is busy; has a suspended MD
Aug 26 18:32:52.628908: | crypto helper 3 doing compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 4
Aug 26 18:32:52.628911: | #2 spent 0.14 milliseconds in process_packet_tail()
Aug 26 18:32:52.628915: | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380)
Aug 26 18:32:52.628920: | stop processing: state #2 connection "north-a-dpd" from 192.1.2.23 (in process_md() at demux.c:382)
Aug 26 18:32:52.628923: | processing: STOP connection NULL (in process_md() at demux.c:383)
Aug 26 18:32:52.628927: | spent 0.387 milliseconds in comm_handle_cb() reading and processing packet
Aug 26 18:32:52.629584: | crypto helper 3 finished compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 4 time elapsed 0.000675 seconds
Aug 26 18:32:52.629595: | (#2) spent 0.683 milliseconds in crypto helper computing work-order 4: quick outI2 DH (pcr)
Aug 26 18:32:52.629599: | crypto helper 3 sending results from work-order 4 for state #2 to event queue
Aug 26 18:32:52.629603: | scheduling resume sending helper answer for #2
Aug 26 18:32:52.629607: | libevent_malloc: new ptr-libevent@0x7fbd08001f78 size 128
Aug 26 18:32:52.629614: | crypto helper 3 waiting (nothing to do)
Aug 26 18:32:52.629650: | processing resume sending helper answer for #2
Aug 26 18:32:52.629659: | start processing: state #2 connection "north-a-dpd" from 192.1.2.23 (in resume_handler() at server.c:797)
Aug 26 18:32:52.629663: | crypto helper 3 replies to request ID 4
Aug 26 18:32:52.629665: | calling continuation function 0x55c66cb6db50
Aug 26 18:32:52.629667: | quick_inR1_outI2_continue for #2: calculated ke+nonce, calculating DH
Aug 26 18:32:52.629671: | **emit ISAKMP Message:
Aug 26 18:32:52.629673: | initiator cookie:
Aug 26 18:32:52.629674: | 35 80 c1 69 e2 a9 e2 31
Aug 26 18:32:52.629676: | responder cookie:
Aug 26 18:32:52.629677: | 4b 16 40 1f 95 19 a0 1f
Aug 26 18:32:52.629679: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:52.629681: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:32:52.629683: | exchange type: ISAKMP_XCHG_QUICK (0x20)
Aug 26 18:32:52.629684: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:32:52.629686: | Message ID: 2305753576 (0x896f01e8)
Aug 26 18:32:52.629688: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Aug 26 18:32:52.629691: | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address
Aug 26 18:32:52.629692: | ID address c0 00 03 00
Aug 26 18:32:52.629694: | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask
Aug 26 18:32:52.629696: | ID mask ff ff ff 00
Aug 26 18:32:52.629699: | our client is subnet 192.0.3.0/24
Aug 26 18:32:52.629700: | our client protocol/port is 0/0
Aug 26 18:32:52.629702: | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address
Aug 26 18:32:52.629704: | ID address c0 00 16 00
Aug 26 18:32:52.629706: | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask
Aug 26 18:32:52.629707: | ID mask ff ff ff 00
Aug 26 18:32:52.629709: | peer client is subnet 192.0.22.0/24
Aug 26 18:32:52.629713: | peer client protocol/port is 0/0
Aug 26 18:32:52.629715: | ***emit ISAKMP Hash Payload:
Aug 26 18:32:52.629717: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:52.629719: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH)
Aug 26 18:32:52.629721: | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet'
Aug 26 18:32:52.629723: | emitting 32 zero bytes of HASH DATA into ISAKMP Hash Payload
Aug 26 18:32:52.629725: | emitting length of ISAKMP Hash Payload: 36
Aug 26 18:32:52.629743: | quick_inR1_outI2 HASH(3):
Aug 26 18:32:52.629745: | ba 12 f7 3e be de 83 31 3e f4 3e f4 3e 7c 80 3f
Aug 26 18:32:52.629747: | 99 b8 c9 8b 59 42 fb 78 54 47 d8 dd b1 63 66 6e
Aug 26 18:32:52.629749: | compute_proto_keymat: needed_len (after ESP enc)=16
Aug 26 18:32:52.629750: | compute_proto_keymat: needed_len (after ESP auth)=36
Aug 26 18:32:52.629813: | install_ipsec_sa() for #2: inbound and outbound
Aug 26 18:32:52.629816: | could_route called for north-a-dpd (kind=CK_PERMANENT)
Aug 26 18:32:52.629818: | FOR_EACH_CONNECTION_... in route_owner
Aug 26 18:32:52.629820: | conn north-a-dpd mark 0/00000000, 0/00000000 vs
Aug 26 18:32:52.629822: | conn north-a-dpd mark 0/00000000, 0/00000000
Aug 26 18:32:52.629824: | conn north-a-dpd mark 0/00000000, 0/00000000 vs
Aug 26 18:32:52.629826: | conn northnet-eastnet-b mark 0/00000000, 0/00000000
Aug 26 18:32:52.629828: | route owner of "north-a-dpd" unrouted: NULL; eroute owner: NULL
Aug 26 18:32:52.629830: | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96
Aug 26 18:32:52.629833: | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12
Aug 26 18:32:52.629835: | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20
Aug 26 18:32:52.629837: | setting IPsec SA replay-window to 32
Aug 26 18:32:52.629839: | NIC esp-hw-offload not for connection 'north-a-dpd' not available on interface eth1
Aug 26 18:32:52.629841: | netlink: enabling tunnel mode
Aug 26 18:32:52.629844: | netlink: setting IPsec SA replay-window to 32 using old-style req
Aug 26 18:32:52.629845: | netlink: esp-hw-offload not set for IPsec SA
Aug 26 18:32:52.629895: | netlink response for Add SA esp.dad52450@192.1.2.23 included non-error error
Aug 26 18:32:52.629899: | set up outgoing SA, ref=0/0
Aug 26 18:32:52.629907: | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96
Aug 26 18:32:52.629911: | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12
Aug 26 18:32:52.629915: | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20
Aug 26 18:32:52.629920: | setting IPsec SA replay-window to 32
Aug 26 18:32:52.629923: | NIC esp-hw-offload not for connection 'north-a-dpd' not available on interface eth1
Aug 26 18:32:52.629927: | netlink: enabling tunnel mode
Aug 26 18:32:52.629930: | netlink: setting IPsec SA replay-window to 32 using old-style req
Aug 26 18:32:52.629933: | netlink: esp-hw-offload not set for IPsec SA
Aug 26 18:32:52.629967: | netlink response for Add SA esp.93d21727@192.1.3.33 included non-error error
Aug 26 18:32:52.629971: | priority calculation of connection "north-a-dpd" is 0xfe7e7
Aug 26 18:32:52.629979: | add inbound eroute 192.0.22.0/24:0 --0-> 192.0.3.0/24:0 => tun.10000@192.1.3.33 (raw_eroute)
Aug 26 18:32:52.629984: | IPsec Sa SPD priority set to 1042407
Aug 26 18:32:52.630006: | raw_eroute result=success
Aug 26 18:32:52.630011: | set up incoming SA, ref=0/0
Aug 26 18:32:52.630014: | sr for #2: unrouted
Aug 26 18:32:52.630018: | route_and_eroute() for proto 0, and source port 0 dest port 0
Aug 26 18:32:52.630021: | FOR_EACH_CONNECTION_... in route_owner
Aug 26 18:32:52.630025: | conn north-a-dpd mark 0/00000000, 0/00000000 vs
Aug 26 18:32:52.630029: | conn north-a-dpd mark 0/00000000, 0/00000000
Aug 26 18:32:52.630032: | conn north-a-dpd mark 0/00000000, 0/00000000 vs
Aug 26 18:32:52.630036: | conn northnet-eastnet-b mark 0/00000000, 0/00000000
Aug 26 18:32:52.630042: | route owner of "north-a-dpd" unrouted: NULL; eroute owner: NULL
Aug 26 18:32:52.630047: | route_and_eroute with c: north-a-dpd (next: none) ero:null esr:{(nil)} ro:null rosr:{(nil)} and state: #2
Aug 26 18:32:52.630051: | priority calculation of connection "north-a-dpd" is 0xfe7e7
Aug 26 18:32:52.630056: | eroute_connection add eroute 192.0.3.0/24:0 --0-> 192.0.22.0/24:0 => tun.0@192.1.2.23 (raw_eroute)
Aug 26 18:32:52.630058: | IPsec Sa SPD priority set to 1042407
Aug 26 18:32:52.630069: | raw_eroute result=success
Aug 26 18:32:52.630072: | running updown command "ipsec _updown" for verb up
Aug 26 18:32:52.630074: | command executing up-client
Aug 26 18:32:52.630103: | trusted_ca_nss: trustee A = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:32:52.630108: | trusted_ca_nss: trustor B = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:32:52.630120: | executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='north-a-dpd' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.3.254' PLUTO_ME='192.1.3.33' PLUTO_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org' PLUTO_MY_CLIENT='192.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' PLUTO_PEER_CLIENT='192.0.22.0/24' PLUTO_PEER_CLIENT_NET='192.0.22.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='RSASIG+ENC
Aug 26 18:32:52.630122: | popen cmd is 1398 chars long
Aug 26 18:32:52.630124: | cmd( 0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='north-a-dpd' PLUTO_:
Aug 26 18:32:52.630126: | cmd( 80):INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.3.254' PLUTO_ME='192.1.3.33' PLUTO_MY_ID=:
Aug 26 18:32:52.630128: | cmd( 160):'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.:
Aug 26 18:32:52.630129: | cmd( 240):libreswan.org, E=user-north@testing.libreswan.org' PLUTO_MY_CLIENT='192.0.3.0/24:
Aug 26 18:32:52.630131: | cmd( 320):' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_:
Aug 26 18:32:52.630133: | cmd( 400):PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_:
Aug 26 18:32:52.630134: | cmd( 480):PEER='192.1.2.23' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Te:
Aug 26 18:32:52.630136: | cmd( 560):st Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org':
Aug 26 18:32:52.630138: | cmd( 640): PLUTO_PEER_CLIENT='192.0.22.0/24' PLUTO_PEER_CLIENT_NET='192.0.22.0' PLUTO_PEER:
Aug 26 18:32:52.630139: | cmd( 720):_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_P:
Aug 26 18:32:52.630141: | cmd( 800):EER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libresw:
Aug 26 18:32:52.630143: | cmd( 880):an test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='netkey' PLUTO_ADDTI:
Aug 26 18:32:52.630144: | cmd( 960):ME='0' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+I:
Aug 26 18:32:52.630146: | cmd(1040):KE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4:
Aug 26 18:32:52.630148: | cmd(1120):' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAI:
Aug 26 18:32:52.630149: | cmd(1200):N_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_N:
Aug 26 18:32:52.630151: | cmd(1280):M_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xdad52450:
Aug 26 18:32:52.630154: | cmd(1360): SPI_OUT=0x93d21727 ipsec _updown 2>&1:
Aug 26 18:32:52.639232: | route_and_eroute: firewall_notified: true
Aug 26 18:32:52.639248: | running updown command "ipsec _updown" for verb prepare
Aug 26 18:32:52.639252: | command executing prepare-client
Aug 26 18:32:52.639286: | trusted_ca_nss: trustee A = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:32:52.639300: | trusted_ca_nss: trustor B = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:32:52.639323: | executing prepare-client: PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='north-a-dpd' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.3.254' PLUTO_ME='192.1.3.33' PLUTO_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org' PLUTO_MY_CLIENT='192.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' PLUTO_PEER_CLIENT='192.0.22.0/24' PLUTO_PEER_CLIENT_NET='192.0.22.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='
Aug 26 18:32:52.639327: | popen cmd is 1403 chars long
Aug 26 18:32:52.639330: | cmd( 0):PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='north-a-dpd' P:
Aug 26 18:32:52.639333: | cmd( 80):LUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.3.254' PLUTO_ME='192.1.3.33' PLUTO_M:
Aug 26 18:32:52.639336: | cmd( 160):Y_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.tes:
Aug 26 18:32:52.639339: | cmd( 240):ting.libreswan.org, E=user-north@testing.libreswan.org' PLUTO_MY_CLIENT='192.0.3:
Aug 26 18:32:52.639342: | cmd( 320):.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUT:
Aug 26 18:32:52.639344: | cmd( 400):O_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' P:
Aug 26 18:32:52.639347: | cmd( 480):LUTO_PEER='192.1.2.23' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, :
Aug 26 18:32:52.639350: | cmd( 560):OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan:
Aug 26 18:32:52.639353: | cmd( 640):.org' PLUTO_PEER_CLIENT='192.0.22.0/24' PLUTO_PEER_CLIENT_NET='192.0.22.0' PLUTO:
Aug 26 18:32:52.639355: | cmd( 720):_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PL:
Aug 26 18:32:52.639358: | cmd( 800):UTO_PEER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Li:
Aug 26 18:32:52.639361: | cmd( 880):breswan test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='netkey' PLUTO_:
Aug 26 18:32:52.639363: | cmd( 960):ADDTIME='0' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TR:
Aug 26 18:32:52.639366: | cmd(1040):ACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY=:
Aug 26 18:32:52.639369: | cmd(1120):'ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_:
Aug 26 18:32:52.639372: | cmd(1200):DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PL:
Aug 26 18:32:52.639374: | cmd(1280):UTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xdad:
Aug 26 18:32:52.639377: | cmd(1360):52450 SPI_OUT=0x93d21727 ipsec _updown 2>&1:
Aug 26 18:32:52.649224: | running updown command "ipsec _updown" for verb route
Aug 26 18:32:52.649239: | command executing route-client
Aug 26 18:32:52.649263: | trusted_ca_nss: trustee A = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:32:52.649270: | trusted_ca_nss: trustor B = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:32:52.649285: | executing route-client: PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='north-a-dpd' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.3.254' PLUTO_ME='192.1.3.33' PLUTO_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org' PLUTO_MY_CLIENT='192.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' PLUTO_PEER_CLIENT='192.0.22.0/24' PLUTO_PEER_CLIENT_NET='192.0.22.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='RSAS
Aug 26 18:32:52.649298: | popen cmd is 1401 chars long
Aug 26 18:32:52.649302: | cmd( 0):PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='north-a-dpd' PLU:
Aug 26 18:32:52.649304: | cmd( 80):TO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.3.254' PLUTO_ME='192.1.3.33' PLUTO_MY_:
Aug 26 18:32:52.649306: | cmd( 160):ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testi:
Aug 26 18:32:52.649308: | cmd( 240):ng.libreswan.org, E=user-north@testing.libreswan.org' PLUTO_MY_CLIENT='192.0.3.0:
Aug 26 18:32:52.649309: | cmd( 320):/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_:
Aug 26 18:32:52.649311: | cmd( 400):MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLU:
Aug 26 18:32:52.649313: | cmd( 480):TO_PEER='192.1.2.23' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU:
Aug 26 18:32:52.649314: | cmd( 560):=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.o:
Aug 26 18:32:52.649316: | cmd( 640):rg' PLUTO_PEER_CLIENT='192.0.22.0/24' PLUTO_PEER_CLIENT_NET='192.0.22.0' PLUTO_P:
Aug 26 18:32:52.649318: | cmd( 720):EER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUT:
Aug 26 18:32:52.649319: | cmd( 800):O_PEER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libr:
Aug 26 18:32:52.649321: | cmd( 880):eswan test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='netkey' PLUTO_AD:
Aug 26 18:32:52.649323: | cmd( 960):DTIME='0' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRAC:
Aug 26 18:32:52.649324: | cmd(1040):K+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='i:
Aug 26 18:32:52.649326: | cmd(1120):pv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DO:
Aug 26 18:32:52.649328: | cmd(1200):MAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUT:
Aug 26 18:32:52.649329: | cmd(1280):O_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xdad52:
Aug 26 18:32:52.649331: | cmd(1360):450 SPI_OUT=0x93d21727 ipsec _updown 2>&1:
Aug 26 18:32:52.662613: | route_and_eroute: instance "north-a-dpd", setting eroute_owner {spd=0x55c66d948f98,sr=0x55c66d948f98} to #2 (was #0) (newest_ipsec_sa=#0)
Aug 26 18:32:52.663427: | #1 spent 2.43 milliseconds in install_ipsec_sa()
Aug 26 18:32:52.663441: | emitting 12 zero bytes of encryption padding into ISAKMP Message
Aug 26 18:32:52.663447: | no IKEv1 message padding required
Aug 26 18:32:52.663450: | emitting length of ISAKMP Message: 76
Aug 26 18:32:52.663491: | inR1_outI2: instance north-a-dpd[0], setting IKEv1 newest_ipsec_sa to #2 (was #0) (spd.eroute=#2) cloned from #1
Aug 26 18:32:52.663496: | DPD: dpd_init() called on IPsec SA
Aug 26 18:32:52.663503: | State DB: found IKEv1 state #1 in MAIN_I4 (find_state_ikev1)
Aug 26 18:32:52.663508: | event_schedule: new EVENT_DPD-pe@0x7fbd14004218
Aug 26 18:32:52.663513: | inserting event EVENT_DPD, timeout in 3 seconds for #2
Aug 26 18:32:52.663517: | libevent_malloc: new ptr-libevent@0x55c66d94a328 size 128
Aug 26 18:32:52.663527: | complete v1 state transition with STF_OK
Aug 26 18:32:52.663534: | [RE]START processing: state #2 connection "north-a-dpd" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673)
Aug 26 18:32:52.663537: | #2 is idle
Aug 26 18:32:52.663540: | doing_xauth:no, t_xauth_client_done:no
Aug 26 18:32:52.663544: | IKEv1: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Aug 26 18:32:52.663548: | child state #2: QUICK_I1(established CHILD SA) => QUICK_I2(established CHILD SA)
Aug 26 18:32:52.663551: | event_already_set, deleting event
Aug 26 18:32:52.663554: | state #2 requesting EVENT_CRYPTO_TIMEOUT to be deleted
Aug 26 18:32:52.663560: | libevent_free: release ptr-libevent@0x7fbd14003f28
Aug 26 18:32:52.663565: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55c66d95ef28
Aug 26 18:32:52.663573: | sending reply packet to 192.1.2.23:500 (from 192.1.3.33:500)
Aug 26 18:32:52.663585: | sending 76 bytes for STATE_QUICK_I1 through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #2)
Aug 26 18:32:52.663589: | 35 80 c1 69 e2 a9 e2 31 4b 16 40 1f 95 19 a0 1f
Aug 26 18:32:52.663592: | 08 10 20 01 89 6f 01 e8 00 00 00 4c 8d 8e 11 9f
Aug 26 18:32:52.663594: | 0c 9f be ee 35 ef 27 8d 76 60 25 70 fd b2 3c 39
Aug 26 18:32:52.663597: | 7f c9 f4 ac df b7 6d 60 9d 13 68 63 11 92 5e a7
Aug 26 18:32:52.663599: | 17 f9 4d d6 3c 15 70 7d 45 35 fa 7b
Aug 26 18:32:52.663659: | !event_already_set at reschedule
Aug 26 18:32:52.663666: | event_schedule: new EVENT_SA_REPLACE-pe@0x55c66d95ef28
Aug 26 18:32:52.663670: | inserting event EVENT_SA_REPLACE, timeout in 28048 seconds for #2
Aug 26 18:32:52.663673: | libevent_malloc: new ptr-libevent@0x7fbd14003f28 size 128
Aug 26 18:32:52.663676: | pstats #2 ikev1.ipsec established
Aug 26 18:32:52.663682: | NAT-T: encaps is 'auto'
Aug 26 18:32:52.663687: "north-a-dpd" #2: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0xdad52450 <0x93d21727 xfrm=AES_CBC_128-HMAC_SHA1_96 NATOA=none NATD=none DPD=active}
Aug 26 18:32:52.663698: | modecfg pull: noquirk policy:push not-client
Aug 26 18:32:52.663701: | phase 1 is done, looking for phase 2 to unpend
Aug 26 18:32:52.663708: | close_any(fd@25) (in release_whack() at state.c:654)
Aug 26 18:32:52.663713: | resume sending helper answer for #2 suppresed complete_v1_state_transition()
Aug 26 18:32:52.663720: | #2 spent 2.84 milliseconds in resume sending helper answer
Aug 26 18:32:52.663725: | stop processing: state #2 connection "north-a-dpd" from 192.1.2.23 (in resume_handler() at server.c:833)
Aug 26 18:32:52.663730: | libevent_free: release ptr-libevent@0x7fbd08001f78
Aug 26 18:32:52.663745: | processing signal PLUTO_SIGCHLD
Aug 26 18:32:52.663751: | waitpid returned ECHILD (no child processes left)
Aug 26 18:32:52.663755: | spent 0.00534 milliseconds in signal handler PLUTO_SIGCHLD
Aug 26 18:32:52.663758: | processing signal PLUTO_SIGCHLD
Aug 26 18:32:52.663762: | waitpid returned ECHILD (no child processes left)
Aug 26 18:32:52.663765: | spent 0.00374 milliseconds in signal handler PLUTO_SIGCHLD
Aug 26 18:32:52.663768: | processing signal PLUTO_SIGCHLD
Aug 26 18:32:52.663772: | waitpid returned ECHILD (no child processes left)
Aug 26 18:32:52.663776: | spent 0.00362 milliseconds in signal handler PLUTO_SIGCHLD
Aug 26 18:32:54.917650: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722)
Aug 26 18:32:54.917677: | FOR_EACH_STATE_... in show_traffic_status (sort_states)
Aug 26 18:32:54.917684: | FOR_EACH_STATE_... in sort_states
Aug 26 18:32:54.917692: | get_sa_info esp.93d21727@192.1.3.33
Aug 26 18:32:54.917716: | get_sa_info esp.dad52450@192.1.2.23
Aug 26 18:32:54.917746: | close_any(fd@16) (in whack_process() at rcv_whack.c:700)
Aug 26 18:32:54.917759: | spent 0.118 milliseconds in whack
Aug 26 18:32:55.021712: | kernel_process_msg_cb process netlink message
Aug 26 18:32:55.022007: | netlink_get: XFRM_MSG_EXPIRE message
Aug 26 18:32:55.022020: | spent 0.287 milliseconds in kernel message
Aug 26 18:32:55.631306: | timer_event_cb: processing event@0x7fbd14004218
Aug 26 18:32:55.631318: | handling event EVENT_DPD for child state #2
Aug 26 18:32:55.631325: | start processing: state #2 connection "north-a-dpd" from 192.1.2.23 (in timer_event_cb() at timer.c:250)
Aug 26 18:32:55.631329: | [RE]START processing: state #2 connection "north-a-dpd" from 192.1.2.23 (in dpd_event() at ikev1_dpd.c:360)
Aug 26 18:32:55.631331: | FOR_EACH_STATE_... in find_phase1_state
Aug 26 18:32:55.631334: | DPD: processing for state #2 ("north-a-dpd")
Aug 26 18:32:55.631339: | get_sa_info esp.93d21727@192.1.3.33
Aug 26 18:32:55.631355: | event_schedule: new EVENT_DPD-pe@0x55c66d8e2208
Aug 26 18:32:55.631358: | inserting event EVENT_DPD, timeout in 3 seconds for #2
Aug 26 18:32:55.631361: | libevent_malloc: new ptr-libevent@0x7fbd08001f78 size 128
Aug 26 18:32:55.631377: | DPD: scheduling timeout to 10
Aug 26 18:32:55.631381: | event_schedule: new EVENT_DPD_TIMEOUT-pe@0x55c66d974848
Aug 26 18:32:55.631383: | inserting event EVENT_DPD_TIMEOUT, timeout in 10 seconds for #1
Aug 26 18:32:55.631386: | libevent_malloc: new ptr-libevent@0x55c66d95d888 size 128
Aug 26 18:32:55.631389: | DPD: sending R_U_THERE 17352 to 192.1.2.23:500 (state #1)
Aug 26 18:32:55.631413: | **emit ISAKMP Message:
Aug 26 18:32:55.631415: | initiator cookie:
Aug 26 18:32:55.631417: | 35 80 c1 69 e2 a9 e2 31
Aug 26 18:32:55.631419: | responder cookie:
Aug 26 18:32:55.631420: | 4b 16 40 1f 95 19 a0 1f
Aug 26 18:32:55.631422: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:55.631424: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:32:55.631426: | exchange type: ISAKMP_XCHG_INFO (0x5)
Aug 26 18:32:55.631429: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:32:55.631431: | Message ID: 4022211571 (0xefbe13f3)
Aug 26 18:32:55.631433: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Aug 26 18:32:55.631435: | ***emit ISAKMP Hash Payload:
Aug 26 18:32:55.631437: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:55.631439: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH)
Aug 26 18:32:55.631441: | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'ISAKMP notify'
Aug 26 18:32:55.631443: | emitting 32 zero bytes of HASH DATA into ISAKMP Hash Payload
Aug 26 18:32:55.631445: | emitting length of ISAKMP Hash Payload: 36
Aug 26 18:32:55.631447: | ***emit ISAKMP Notification Payload:
Aug 26 18:32:55.631448: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:55.631450: | DOI: ISAKMP_DOI_IPSEC (0x1)
Aug 26 18:32:55.631452: | protocol ID: 1 (0x1)
Aug 26 18:32:55.631453: | SPI size: 16 (0x10)
Aug 26 18:32:55.631455: | Notify Message Type: R_U_THERE (0x8d28)
Aug 26 18:32:55.631457: | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Notification Payload (11:ISAKMP_NEXT_N)
Aug 26 18:32:55.631459: | next payload chain: saving location 'ISAKMP Notification Payload'.'next payload type' in 'ISAKMP notify'
Aug 26 18:32:55.631461: | emitting 8 raw bytes of notify icookie into ISAKMP Notification Payload
Aug 26 18:32:55.631463: | notify icookie 35 80 c1 69 e2 a9 e2 31
Aug 26 18:32:55.631465: | emitting 8 raw bytes of notify rcookie into ISAKMP Notification Payload
Aug 26 18:32:55.631466: | notify rcookie 4b 16 40 1f 95 19 a0 1f
Aug 26 18:32:55.631468: | emitting 4 raw bytes of notify data into ISAKMP Notification Payload
Aug 26 18:32:55.631470: | notify data 00 00 43 c8
Aug 26 18:32:55.631471: | emitting length of ISAKMP Notification Payload: 32
Aug 26 18:32:55.631506: | notification HASH(1):
Aug 26 18:32:55.631509: | 3c ac 8e 24 e4 f3 41 42 58 c7 76 f3 98 67 7f f9
Aug 26 18:32:55.631512: | a1 d5 ca 8e e7 f4 17 f5 9a 75 11 45 31 e9 db e5
Aug 26 18:32:55.631520: | emitting 12 zero bytes of encryption padding into ISAKMP Message
Aug 26 18:32:55.631522: | no IKEv1 message padding required
Aug 26 18:32:55.631523: | emitting length of ISAKMP Message: 108
Aug 26 18:32:55.631535: | sending 108 bytes for ISAKMP notify through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #1)
Aug 26 18:32:55.631537: | 35 80 c1 69 e2 a9 e2 31 4b 16 40 1f 95 19 a0 1f
Aug 26 18:32:55.631538: | 08 10 05 01 ef be 13 f3 00 00 00 6c 9a 9c 23 3c
Aug 26 18:32:55.631540: | 87 c9 a3 94 d5 11 f6 ae 61 b4 de b2 1e c3 ab 07
Aug 26 18:32:55.631541: | fc 8d 17 a0 34 d9 05 d5 51 f4 65 ae e7 0d 4e 11
Aug 26 18:32:55.631543: | e1 7d 75 87 fc af 54 99 47 eb f6 52 b6 13 64 96
Aug 26 18:32:55.631544: | 3b 40 e7 58 6a f1 38 73 31 aa 79 a6 37 7e 99 c1
Aug 26 18:32:55.631546: | a6 3e 2b 59 83 f0 53 fd 1c f5 c7 34
Aug 26 18:32:55.631785: ERROR: "north-a-dpd" #2: sendto on eth1 to 192.1.2.23:500 failed in ISAKMP notify. Errno 113: No route to host
Aug 26 18:32:55.631790: | libevent_free: release ptr-libevent@0x55c66d94a328
Aug 26 18:32:55.631793: | free_event_entry: release EVENT_DPD-pe@0x7fbd14004218
Aug 26 18:32:55.631799: | #2 spent 0.494 milliseconds in timer_event_cb() EVENT_DPD
Aug 26 18:32:55.631802: | stop processing: state #2 connection "north-a-dpd" from 192.1.2.23 (in timer_event_cb() at timer.c:557)
Aug 26 18:32:58.634359: | timer_event_cb: processing event@0x55c66d8e2208
Aug 26 18:32:58.634400: | handling event EVENT_DPD for child state #2
Aug 26 18:32:58.634421: | start processing: state #2 connection "north-a-dpd" from 192.1.2.23 (in timer_event_cb() at timer.c:250)
Aug 26 18:32:58.634439: | [RE]START processing: state #2 connection "north-a-dpd" from 192.1.2.23 (in dpd_event() at ikev1_dpd.c:360)
Aug 26 18:32:58.634447: | FOR_EACH_STATE_... in find_phase1_state
Aug 26 18:32:58.634458: | DPD: processing for state #2 ("north-a-dpd")
Aug 26 18:32:58.634475: | get_sa_info esp.93d21727@192.1.3.33
Aug 26 18:32:58.634520: | event_schedule: new EVENT_DPD-pe@0x7fbd14004218
Aug 26 18:32:58.634532: | inserting event EVENT_DPD, timeout in 3 seconds for #2
Aug 26 18:32:58.634543: | libevent_malloc: new ptr-libevent@0x55c66d960ba8 size 128
Aug 26 18:32:58.634556: | DPD: sending R_U_THERE 17353 to 192.1.2.23:500 (state #1)
Aug 26 18:32:58.634589: | **emit ISAKMP Message:
Aug 26 18:32:58.634599: | initiator cookie:
Aug 26 18:32:58.634606: | 35 80 c1 69 e2 a9 e2 31
Aug 26 18:32:58.634613: | responder cookie:
Aug 26 18:32:58.634620: | 4b 16 40 1f 95 19 a0 1f
Aug 26 18:32:58.634628: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:58.634636: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:32:58.634643: | exchange type: ISAKMP_XCHG_INFO (0x5)
Aug 26 18:32:58.634651: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:32:58.634659: | Message ID: 3887767278 (0xe7ba9eee)
Aug 26 18:32:58.634667: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Aug 26 18:32:58.634676: | ***emit ISAKMP Hash Payload:
Aug 26 18:32:58.634684: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:58.634693: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH)
Aug 26 18:32:58.634701: | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'ISAKMP notify'
Aug 26 18:32:58.634711: | emitting 32 zero bytes of HASH DATA into ISAKMP Hash Payload
Aug 26 18:32:58.634719: | emitting length of ISAKMP Hash Payload: 36
Aug 26 18:32:58.634726: | ***emit ISAKMP Notification Payload:
Aug 26 18:32:58.634734: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:32:58.634741: | DOI: ISAKMP_DOI_IPSEC (0x1)
Aug 26 18:32:58.634748: | protocol ID: 1 (0x1)
Aug 26 18:32:58.634755: | SPI size: 16 (0x10)
Aug 26 18:32:58.634763: | Notify Message Type: R_U_THERE (0x8d28)
Aug 26 18:32:58.634772: | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Notification Payload (11:ISAKMP_NEXT_N)
Aug 26 18:32:58.634790: | next payload chain: saving location 'ISAKMP Notification Payload'.'next payload type' in 'ISAKMP notify'
Aug 26 18:32:58.634801: | emitting 8 raw bytes of notify icookie into ISAKMP Notification Payload
Aug 26 18:32:58.634808: | notify icookie 35 80 c1 69 e2 a9 e2 31
Aug 26 18:32:58.634816: | emitting 8 raw bytes of notify rcookie into ISAKMP Notification Payload
Aug 26 18:32:58.634823: | notify rcookie 4b 16 40 1f 95 19 a0 1f
Aug 26 18:32:58.634830: | emitting 4 raw bytes of notify data into ISAKMP Notification Payload
Aug 26 18:32:58.634837: | notify data 00 00 43 c9
Aug 26 18:32:58.634844: | emitting length of ISAKMP Notification Payload: 32
Aug 26 18:32:58.634923: | notification HASH(1):
Aug 26 18:32:58.634934: | a4 97 b1 cd da 51 46 89 3d e6 f8 9c 4a f1 e8 42
Aug 26 18:32:58.634941: | 79 f6 96 ff 69 58 51 15 e9 a7 c6 99 3e ad 3d 13
Aug 26 18:32:58.634966: | emitting 12 zero bytes of encryption padding into ISAKMP Message
Aug 26 18:32:58.634974: | no IKEv1 message padding required
Aug 26 18:32:58.634981: | emitting length of ISAKMP Message: 108
Aug 26 18:32:58.635023: | sending 108 bytes for ISAKMP notify through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #1)
Aug 26 18:32:58.635032: | 35 80 c1 69 e2 a9 e2 31 4b 16 40 1f 95 19 a0 1f
Aug 26 18:32:58.635039: | 08 10 05 01 e7 ba 9e ee 00 00 00 6c 7d e0 b0 b8
Aug 26 18:32:58.635045: | 86 a4 3f 12 c6 4f 01 09 ed bc 7c 20 7b 22 58 0d
Aug 26 18:32:58.635052: | bb 57 12 50 f5 82 d4 a9 9c 36 b5 08 fd f5 1f d0
Aug 26 18:32:58.635058: | f9 12 2c 33 1d 5a 06 66 3d 3e 92 9c d0 42 e7 7d
Aug 26 18:32:58.635065: | ca 10 c7 47 42 a0 62 c6 25 10 e2 11 12 76 d9 51
Aug 26 18:32:58.635071: | 35 70 4c ed fe 20 29 bf ab 1d 52 1c
Aug 26 18:32:58.635107: ERROR: "north-a-dpd" #2: sendto on eth1 to 192.1.2.23:500 failed in ISAKMP notify. Errno 113: No route to host
Aug 26 18:32:58.635121: | libevent_free: release ptr-libevent@0x7fbd08001f78
Aug 26 18:32:58.635146: | free_event_entry: release EVENT_DPD-pe@0x55c66d8e2208
Aug 26 18:32:58.635177: | #2 spent 0.816 milliseconds in timer_event_cb() EVENT_DPD
Aug 26 18:32:58.635193: | stop processing: state #2 connection "north-a-dpd" from 192.1.2.23 (in timer_event_cb() at timer.c:557)
Aug 26 18:33:01.637312: | timer_event_cb: processing event@0x7fbd14004218
Aug 26 18:33:01.637330: | handling event EVENT_DPD for child state #2
Aug 26 18:33:01.637337: | start processing: state #2 connection "north-a-dpd" from 192.1.2.23 (in timer_event_cb() at timer.c:250)
Aug 26 18:33:01.637341: | [RE]START processing: state #2 connection "north-a-dpd" from 192.1.2.23 (in dpd_event() at ikev1_dpd.c:360)
Aug 26 18:33:01.637343: | FOR_EACH_STATE_... in find_phase1_state
Aug 26 18:33:01.637346: | DPD: processing for state #2 ("north-a-dpd")
Aug 26 18:33:01.637351: | get_sa_info esp.93d21727@192.1.3.33
Aug 26 18:33:01.637364: | event_schedule: new EVENT_DPD-pe@0x55c66d8e2208
Aug 26 18:33:01.637367: | inserting event EVENT_DPD, timeout in 3 seconds for #2
Aug 26 18:33:01.637370: | libevent_malloc: new ptr-libevent@0x55c66d94a328 size 128
Aug 26 18:33:01.637373: | DPD: sending R_U_THERE 17354 to 192.1.2.23:500 (state #1)
Aug 26 18:33:01.637384: | **emit ISAKMP Message:
Aug 26 18:33:01.637387: | initiator cookie:
Aug 26 18:33:01.637388: | 35 80 c1 69 e2 a9 e2 31
Aug 26 18:33:01.637390: | responder cookie:
Aug 26 18:33:01.637391: | 4b 16 40 1f 95 19 a0 1f
Aug 26 18:33:01.637393: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:01.637395: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:33:01.637397: | exchange type: ISAKMP_XCHG_INFO (0x5)
Aug 26 18:33:01.637399: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:33:01.637401: | Message ID: 1206718066 (0x47ed0e72)
Aug 26 18:33:01.637403: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Aug 26 18:33:01.637405: | ***emit ISAKMP Hash Payload:
Aug 26 18:33:01.637410: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:01.637418: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH)
Aug 26 18:33:01.637423: | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'ISAKMP notify'
Aug 26 18:33:01.637428: | emitting 32 zero bytes of HASH DATA into ISAKMP Hash Payload
Aug 26 18:33:01.637432: | emitting length of ISAKMP Hash Payload: 36
Aug 26 18:33:01.637435: | ***emit ISAKMP Notification Payload:
Aug 26 18:33:01.637439: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:01.637442: | DOI: ISAKMP_DOI_IPSEC (0x1)
Aug 26 18:33:01.637446: | protocol ID: 1 (0x1)
Aug 26 18:33:01.637462: | SPI size: 16 (0x10)
Aug 26 18:33:01.637465: | Notify Message Type: R_U_THERE (0x8d28)
Aug 26 18:33:01.637470: | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Notification Payload (11:ISAKMP_NEXT_N)
Aug 26 18:33:01.637474: | next payload chain: saving location 'ISAKMP Notification Payload'.'next payload type' in 'ISAKMP notify'
Aug 26 18:33:01.637479: | emitting 8 raw bytes of notify icookie into ISAKMP Notification Payload
Aug 26 18:33:01.637482: | notify icookie 35 80 c1 69 e2 a9 e2 31
Aug 26 18:33:01.637486: | emitting 8 raw bytes of notify rcookie into ISAKMP Notification Payload
Aug 26 18:33:01.637489: | notify rcookie 4b 16 40 1f 95 19 a0 1f
Aug 26 18:33:01.637493: | emitting 4 raw bytes of notify data into ISAKMP Notification Payload
Aug 26 18:33:01.637495: | notify data 00 00 43 ca
Aug 26 18:33:01.637499: | emitting length of ISAKMP Notification Payload: 32
Aug 26 18:33:01.637538: | notification HASH(1):
Aug 26 18:33:01.637542: | f4 4b ba 07 c8 0d 33 50 ce 65 c9 c1 1c 39 7e 52
Aug 26 18:33:01.637546: | e8 0a 95 07 fd 99 dc 41 c7 65 15 b1 bc 49 56 71
Aug 26 18:33:01.637569: | emitting 12 zero bytes of encryption padding into ISAKMP Message
Aug 26 18:33:01.637572: | no IKEv1 message padding required
Aug 26 18:33:01.637577: | emitting length of ISAKMP Message: 108
Aug 26 18:33:01.637600: | sending 108 bytes for ISAKMP notify through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #1)
Aug 26 18:33:01.637605: | 35 80 c1 69 e2 a9 e2 31 4b 16 40 1f 95 19 a0 1f
Aug 26 18:33:01.637608: | 08 10 05 01 47 ed 0e 72 00 00 00 6c 2b cf ec a2
Aug 26 18:33:01.637611: | cf b3 50 99 52 99 1e d6 dc 82 7a 62 c8 db 60 a2
Aug 26 18:33:01.637615: | a4 53 a4 a4 88 42 a3 fb 50 61 6f 44 f7 d5 5d 6b
Aug 26 18:33:01.637618: | dc 98 0d a5 c2 66 eb f1 d4 52 3a ec be 1f 9a c0
Aug 26 18:33:01.637621: | 19 6d a7 9a b9 d0 07 d2 6e ee 21 e5 1c 7b 1b 4d
Aug 26 18:33:01.637624: | 2b 89 7e ce 02 1b 4e 16 f1 53 1e cb
Aug 26 18:33:01.637638: ERROR: "north-a-dpd" #2: sendto on eth1 to 192.1.2.23:500 failed in ISAKMP notify. Errno 113: No route to host
Aug 26 18:33:01.637645: | libevent_free: release ptr-libevent@0x55c66d960ba8
Aug 26 18:33:01.637649: | free_event_entry: release EVENT_DPD-pe@0x7fbd14004218
Aug 26 18:33:01.637658: | #2 spent 0.347 milliseconds in timer_event_cb() EVENT_DPD
Aug 26 18:33:01.637665: | stop processing: state #2 connection "north-a-dpd" from 192.1.2.23 (in timer_event_cb() at timer.c:557)
Aug 26 18:33:04.640326: | timer_event_cb: processing event@0x55c66d8e2208
Aug 26 18:33:04.640360: | handling event EVENT_DPD for child state #2
Aug 26 18:33:04.640368: | start processing: state #2 connection "north-a-dpd" from 192.1.2.23 (in timer_event_cb() at timer.c:250)
Aug 26 18:33:04.640375: | [RE]START processing: state #2 connection "north-a-dpd" from 192.1.2.23 (in dpd_event() at ikev1_dpd.c:360)
Aug 26 18:33:04.640377: | FOR_EACH_STATE_... in find_phase1_state
Aug 26 18:33:04.640381: | DPD: processing for state #2 ("north-a-dpd")
Aug 26 18:33:04.640388: | get_sa_info esp.93d21727@192.1.3.33
Aug 26 18:33:04.640408: | event_schedule: new EVENT_DPD-pe@0x7fbd14004218
Aug 26 18:33:04.640412: | inserting event EVENT_DPD, timeout in 3 seconds for #2
Aug 26 18:33:04.640416: | libevent_malloc: new ptr-libevent@0x55c66d960d28 size 128
Aug 26 18:33:04.640424: | DPD: sending R_U_THERE 17355 to 192.1.2.23:500 (state #1)
Aug 26 18:33:04.640436: | **emit ISAKMP Message:
Aug 26 18:33:04.640439: | initiator cookie:
Aug 26 18:33:04.640442: | 35 80 c1 69 e2 a9 e2 31
Aug 26 18:33:04.640444: | responder cookie:
Aug 26 18:33:04.640446: | 4b 16 40 1f 95 19 a0 1f
Aug 26 18:33:04.640449: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:04.640453: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:33:04.640456: | exchange type: ISAKMP_XCHG_INFO (0x5)
Aug 26 18:33:04.640459: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:33:04.640461: | Message ID: 321619681 (0x132b86e1)
Aug 26 18:33:04.640464: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Aug 26 18:33:04.640468: | ***emit ISAKMP Hash Payload:
Aug 26 18:33:04.640470: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:04.640474: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH)
Aug 26 18:33:04.640477: | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'ISAKMP notify'
Aug 26 18:33:04.640480: | emitting 32 zero bytes of HASH DATA into ISAKMP Hash Payload
Aug 26 18:33:04.640483: | emitting length of ISAKMP Hash Payload: 36
Aug 26 18:33:04.640485: | ***emit ISAKMP Notification Payload:
Aug 26 18:33:04.640488: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:04.640491: | DOI: ISAKMP_DOI_IPSEC (0x1)
Aug 26 18:33:04.640493: | protocol ID: 1 (0x1)
Aug 26 18:33:04.640496: | SPI size: 16 (0x10)
Aug 26 18:33:04.640498: | Notify Message Type: R_U_THERE (0x8d28)
Aug 26 18:33:04.640502: | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Notification Payload (11:ISAKMP_NEXT_N)
Aug 26 18:33:04.640504: | next payload chain: saving location 'ISAKMP Notification Payload'.'next payload type' in 'ISAKMP notify'
Aug 26 18:33:04.640508: | emitting 8 raw bytes of notify icookie into ISAKMP Notification Payload
Aug 26 18:33:04.640510: | notify icookie 35 80 c1 69 e2 a9 e2 31
Aug 26 18:33:04.640513: | emitting 8 raw bytes of notify rcookie into ISAKMP Notification Payload
Aug 26 18:33:04.640516: | notify rcookie 4b 16 40 1f 95 19 a0 1f
Aug 26 18:33:04.640519: | emitting 4 raw bytes of notify data into ISAKMP Notification Payload
Aug 26 18:33:04.640521: | notify data 00 00 43 cb
Aug 26 18:33:04.640524: | emitting length of ISAKMP Notification Payload: 32
Aug 26 18:33:04.640557: | notification HASH(1):
Aug 26 18:33:04.640560: | 48 be 9d 83 9d c7 0c f4 e9 7f f7 a8 d2 df 3e 3e
Aug 26 18:33:04.640563: | 22 28 75 82 83 f8 32 3c 23 d9 32 cb 8b 2c 98 df
Aug 26 18:33:04.640572: | emitting 12 zero bytes of encryption padding into ISAKMP Message
Aug 26 18:33:04.640575: | no IKEv1 message padding required
Aug 26 18:33:04.640577: | emitting length of ISAKMP Message: 108
Aug 26 18:33:04.640591: | sending 108 bytes for ISAKMP notify through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #1)
Aug 26 18:33:04.640594: | 35 80 c1 69 e2 a9 e2 31 4b 16 40 1f 95 19 a0 1f
Aug 26 18:33:04.640597: | 08 10 05 01 13 2b 86 e1 00 00 00 6c 08 46 c6 f5
Aug 26 18:33:04.640599: | 2f 0b 07 ed bf 5e 49 db 83 03 c5 77 d2 fb e8 73
Aug 26 18:33:04.640602: | b9 4c 34 13 3d 5d c9 be 3c 98 c9 7d 48 0b 86 fa
Aug 26 18:33:04.640604: | 86 47 82 85 73 5d c8 c6 9f 77 df d8 a3 75 62 6a
Aug 26 18:33:04.640607: | 75 87 21 27 ea 10 04 02 76 16 fc 30 19 91 d2 85
Aug 26 18:33:04.640609: | 0c b3 85 34 34 f5 2b b2 1c 6c bf ca
Aug 26 18:33:04.640623: ERROR: "north-a-dpd" #2: sendto on eth1 to 192.1.2.23:500 failed in ISAKMP notify. Errno 113: No route to host
Aug 26 18:33:04.640628: | libevent_free: release ptr-libevent@0x55c66d94a328
Aug 26 18:33:04.640631: | free_event_entry: release EVENT_DPD-pe@0x55c66d8e2208
Aug 26 18:33:04.640638: | #2 spent 0.312 milliseconds in timer_event_cb() EVENT_DPD
Aug 26 18:33:04.640644: | stop processing: state #2 connection "north-a-dpd" from 192.1.2.23 (in timer_event_cb() at timer.c:557)
Aug 26 18:33:05.633427: | timer_event_cb: processing event@0x55c66d974848
Aug 26 18:33:05.633481: | handling event EVENT_DPD_TIMEOUT for parent state #1
Aug 26 18:33:05.633506: | start processing: state #1 connection "north-a-dpd" from 192.1.2.23 (in timer_event_cb() at timer.c:250)
Aug 26 18:33:05.633526: | [RE]START processing: state #1 connection "north-a-dpd" from 192.1.2.23 (in dpd_timeout() at ikev1_dpd.c:569)
Aug 26 18:33:05.633537: "north-a-dpd" #1: IKEv1 DPD action - restarting all connections that share this peer
Aug 26 18:33:05.633548: | FOR_EACH_CONNECTION_... in conn_by_name
Aug 26 18:33:05.633572: | start processing: connection "northnet-eastnet-b" (BACKGROUND) (in terminate_a_connection() at terminate.c:69)
Aug 26 18:33:05.633581: "north-a-dpd" #1: terminating SAs using this connection
Aug 26 18:33:05.633589: | connection 'northnet-eastnet-b' -POLICY_UP
Aug 26 18:33:05.633601: | connection not shared - terminating IKE and IPsec SA
Aug 26 18:33:05.633610: | Deleting states for connection - not including other IPsec SA's
Aug 26 18:33:05.633618: | pass 0
Aug 26 18:33:05.633627: | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete
Aug 26 18:33:05.633635: | state #2
Aug 26 18:33:05.633642: | state #1
Aug 26 18:33:05.633649: | pass 1
Aug 26 18:33:05.633657: | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete
Aug 26 18:33:05.633664: | state #2
Aug 26 18:33:05.633671: | state #1
Aug 26 18:33:05.633682: | stop processing: connection "northnet-eastnet-b" (BACKGROUND) (in terminate_a_connection() at terminate.c:87)
Aug 26 18:33:05.633690: | FOR_EACH_CONNECTION_... in conn_by_name
Aug 26 18:33:05.633701: | start processing: connection "north-a-dpd" (BACKGROUND) (in terminate_a_connection() at terminate.c:69)
Aug 26 18:33:05.633709: "north-a-dpd" #1: terminating SAs using this connection
Aug 26 18:33:05.633717: | connection 'north-a-dpd' -POLICY_UP
Aug 26 18:33:05.633725: | FOR_EACH_STATE_... in shared_phase1_connection
Aug 26 18:33:05.633734: | connection not shared - terminating IKE and IPsec SA
Aug 26 18:33:05.633742: | Deleting states for connection - not including other IPsec SA's
Aug 26 18:33:05.633750: | pass 0
Aug 26 18:33:05.633759: | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete
Aug 26 18:33:05.633767: | state #2
Aug 26 18:33:05.633782: | suspend processing: state #1 connection "north-a-dpd" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310)
Aug 26 18:33:05.633795: | start processing: state #2 connection "north-a-dpd" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310)
Aug 26 18:33:05.633805: | pstats #2 ikev1.ipsec deleted completed
Aug 26 18:33:05.633820: | [RE]START processing: state #2 connection "north-a-dpd" from 192.1.2.23 (in delete_state() at state.c:879)
Aug 26 18:33:05.633835: "north-a-dpd" #2: deleting state (STATE_QUICK_I2) aged 13.010s and sending notification
Aug 26 18:33:05.633848: | child state #2: QUICK_I2(established CHILD SA) => delete
Aug 26 18:33:05.633864: | get_sa_info esp.dad52450@192.1.2.23
Aug 26 18:33:05.633920: | get_sa_info esp.93d21727@192.1.3.33
Aug 26 18:33:05.633948: "north-a-dpd" #2: ESP traffic information: in=0B out=168B
Aug 26 18:33:05.633959: | state #2 requesting EVENT_DPD-pe@0x7fbd14004218 be deleted
Aug 26 18:33:05.633972: | libevent_free: release ptr-libevent@0x55c66d960d28
Aug 26 18:33:05.633984: | free_event_entry: release EVENT_DPD-pe@0x7fbd14004218
Aug 26 18:33:05.633994: | #2 send IKEv1 delete notification for STATE_QUICK_I2
Aug 26 18:33:05.634003: | FOR_EACH_STATE_... in find_phase1_state
Aug 26 18:33:05.634032: | **emit ISAKMP Message:
Aug 26 18:33:05.634043: | initiator cookie:
Aug 26 18:33:05.634052: | 35 80 c1 69 e2 a9 e2 31
Aug 26 18:33:05.634060: | responder cookie:
Aug 26 18:33:05.634067: | 4b 16 40 1f 95 19 a0 1f
Aug 26 18:33:05.634077: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:05.634085: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:33:05.634110: | exchange type: ISAKMP_XCHG_INFO (0x5)
Aug 26 18:33:05.634120: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:33:05.634129: | Message ID: 433582527 (0x19d7f1bf)
Aug 26 18:33:05.634138: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Aug 26 18:33:05.634149: | ***emit ISAKMP Hash Payload:
Aug 26 18:33:05.634157: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:05.634168: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH)
Aug 26 18:33:05.634177: | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg'
Aug 26 18:33:05.634188: | emitting 32 zero bytes of HASH DATA into ISAKMP Hash Payload
Aug 26 18:33:05.634196: | emitting length of ISAKMP Hash Payload: 36
Aug 26 18:33:05.634204: | ***emit ISAKMP Delete Payload:
Aug 26 18:33:05.634212: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:05.634220: | DOI: ISAKMP_DOI_IPSEC (0x1)
Aug 26 18:33:05.634228: | protocol ID: 3 (0x3)
Aug 26 18:33:05.634236: | SPI size: 4 (0x4)
Aug 26 18:33:05.634245: | number of SPIs: 1 (0x1)
Aug 26 18:33:05.634259: | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D)
Aug 26 18:33:05.634269: | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg'
Aug 26 18:33:05.634279: | emitting 4 raw bytes of delete payload into ISAKMP Delete Payload
Aug 26 18:33:05.634304: | delete payload 93 d2 17 27
Aug 26 18:33:05.634324: | emitting length of ISAKMP Delete Payload: 16
Aug 26 18:33:05.634412: | send delete HASH(1):
Aug 26 18:33:05.634424: | f3 c0 d8 4f 33 4f af 95 98 a9 58 7e 36 54 65 20
Aug 26 18:33:05.634431: | 0c 29 d6 2d 43 38 9a ea e2 97 41 72 bf 9d 6c 5e
Aug 26 18:33:05.634457: | emitting 12 zero bytes of encryption padding into ISAKMP Message
Aug 26 18:33:05.634466: | no IKEv1 message padding required
Aug 26 18:33:05.634475: | emitting length of ISAKMP Message: 92
Aug 26 18:33:05.634523: | sending 92 bytes for delete notify through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #1)
Aug 26 18:33:05.634537: | 35 80 c1 69 e2 a9 e2 31 4b 16 40 1f 95 19 a0 1f
Aug 26 18:33:05.634545: | 08 10 05 01 19 d7 f1 bf 00 00 00 5c 22 f3 87 48
Aug 26 18:33:05.634552: | 1e 15 9d af 5f be a6 04 16 62 09 ba 85 72 e6 10
Aug 26 18:33:05.634559: | 04 22 cd 8e 02 59 92 1e 34 c7 65 ee 25 96 cf 32
Aug 26 18:33:05.634567: | 92 4c ed c1 b0 f9 86 c1 20 21 1c 2a ac 75 5e bb
Aug 26 18:33:05.634574: | e9 4a 68 da af 84 65 5c 92 14 07 8d
Aug 26 18:33:05.634614: ERROR: "north-a-dpd" #2: sendto on eth1 to 192.1.2.23:500 failed in delete notify. Errno 113: No route to host
Aug 26 18:33:05.634626: | state #2 requesting EVENT_SA_REPLACE to be deleted
Aug 26 18:33:05.634637: | libevent_free: release ptr-libevent@0x7fbd14003f28
Aug 26 18:33:05.634647: | free_event_entry: release EVENT_SA_REPLACE-pe@0x55c66d95ef28
Aug 26 18:33:05.634964: | running updown command "ipsec _updown" for verb down
Aug 26 18:33:05.635001: | command executing down-client
Aug 26 18:33:05.635089: | trusted_ca_nss: trustee A = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:33:05.635109: | trusted_ca_nss: trustor B = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:33:05.635167: | executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='north-a-dpd' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.3.254' PLUTO_ME='192.1.3.33' PLUTO_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org' PLUTO_MY_CLIENT='192.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' PLUTO_PEER_CLIENT='192.0.22.0/24' PLUTO_PEER_CLIENT_NET='192.0.22.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='netkey' PLUTO_ADDTIME='1566844372' PLUTO_CONN_POLIC
Aug 26 18:33:05.635188: | popen cmd is 1406 chars long
Aug 26 18:33:05.635199: | cmd( 0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='north-a-dpd' PLUT:
Aug 26 18:33:05.635208: | cmd( 80):O_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.3.254' PLUTO_ME='192.1.3.33' PLUTO_MY_I:
Aug 26 18:33:05.635216: | cmd( 160):D='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testin:
Aug 26 18:33:05.635225: | cmd( 240):g.libreswan.org, E=user-north@testing.libreswan.org' PLUTO_MY_CLIENT='192.0.3.0/:
Aug 26 18:33:05.635233: | cmd( 320):24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_M:
Aug 26 18:33:05.635241: | cmd( 400):Y_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUT:
Aug 26 18:33:05.635249: | cmd( 480):O_PEER='192.1.2.23' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=:
Aug 26 18:33:05.635257: | cmd( 560):Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.or:
Aug 26 18:33:05.635265: | cmd( 640):g' PLUTO_PEER_CLIENT='192.0.22.0/24' PLUTO_PEER_CLIENT_NET='192.0.22.0' PLUTO_PE:
Aug 26 18:33:05.635273: | cmd( 720):ER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO:
Aug 26 18:33:05.635281: | cmd( 800):_PEER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libre:
Aug 26 18:33:05.635310: | cmd( 880):swan test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='netkey' PLUTO_ADD:
Aug 26 18:33:05.635330: | cmd( 960):TIME='1566844372' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+SAREF:
Aug 26 18:33:05.635338: | cmd(1040):_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMI:
Aug 26 18:33:05.635347: | cmd(1120):LY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PE:
Aug 26 18:33:05.635355: | cmd(1200):ER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0':
Aug 26 18:33:05.635363: | cmd(1280): PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x:
Aug 26 18:33:05.635371: | cmd(1360):dad52450 SPI_OUT=0x93d21727 ipsec _updown 2>&1:
Aug 26 18:33:05.669071: | shunt_eroute() called for connection 'north-a-dpd' to 'replace with shunt' for rt_kind 'prospective erouted' using protoports 0--0->-0
Aug 26 18:33:05.669109: | netlink_shunt_eroute for proto 0, and source port 0 dest port 0
Aug 26 18:33:05.669119: | priority calculation of connection "north-a-dpd" is 0xfe7e7
Aug 26 18:33:05.669130: | IPsec Sa SPD priority set to 1042407
Aug 26 18:33:05.669224: | delete esp.dad52450@192.1.2.23
Aug 26 18:33:05.669267: | netlink response for Del SA esp.dad52450@192.1.2.23 included non-error error
Aug 26 18:33:05.669277: | priority calculation of connection "north-a-dpd" is 0xfe7e7
Aug 26 18:33:05.669319: | delete inbound eroute 192.0.22.0/24:0 --0-> 192.0.3.0/24:0 => unk255.10000@192.1.3.33 (raw_eroute)
Aug 26 18:33:05.669389: | raw_eroute result=success
Aug 26 18:33:05.669401: | delete esp.93d21727@192.1.3.33
Aug 26 18:33:05.669441: | netlink response for Del SA esp.93d21727@192.1.3.33 included non-error error
Aug 26 18:33:05.669473: | stop processing: connection "north-a-dpd" (BACKGROUND) (in update_state_connection() at connections.c:4076)
Aug 26 18:33:05.669483: | start processing: connection NULL (in update_state_connection() at connections.c:4077)
Aug 26 18:33:05.669489: | in connection_discard for connection north-a-dpd
Aug 26 18:33:05.669495: | State DB: deleting IKEv1 state #2 in QUICK_I2
Aug 26 18:33:05.669509: | child state #2: QUICK_I2(established CHILD SA) => UNDEFINED(ignore)
Aug 26 18:33:05.669609: | stop processing: state #2 from 192.1.2.23 (in delete_state() at state.c:1143)
Aug 26 18:33:05.669670: | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312)
Aug 26 18:33:05.669681: | resume processing: state #1 connection "north-a-dpd" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1312)
Aug 26 18:33:05.669687: | state #1
Aug 26 18:33:05.669692: | pass 1
Aug 26 18:33:05.669697: | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete
Aug 26 18:33:05.669702: | state #1
Aug 26 18:33:05.669711: | [RE]START processing: state #1 connection "north-a-dpd" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310)
Aug 26 18:33:05.669718: | pstats #1 ikev1.isakmp deleted completed
Aug 26 18:33:05.669731: | [RE]START processing: state #1 connection "north-a-dpd" from 192.1.2.23 (in delete_state() at state.c:879)
Aug 26 18:33:05.669740: "north-a-dpd" #1: deleting state (STATE_MAIN_I4) aged 13.075s and sending notification
Aug 26 18:33:05.669747: | parent state #1: MAIN_I4(established IKE SA) => delete
Aug 26 18:33:05.669896: | #1 send IKEv1 delete notification for STATE_MAIN_I4
Aug 26 18:33:05.669944: | **emit ISAKMP Message:
Aug 26 18:33:05.669952: | initiator cookie:
Aug 26 18:33:05.669958: | 35 80 c1 69 e2 a9 e2 31
Aug 26 18:33:05.669963: | responder cookie:
Aug 26 18:33:05.669968: | 4b 16 40 1f 95 19 a0 1f
Aug 26 18:33:05.669974: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:05.669980: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:33:05.669986: | exchange type: ISAKMP_XCHG_INFO (0x5)
Aug 26 18:33:05.669995: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:33:05.670001: | Message ID: 1688857720 (0x64a9ec78)
Aug 26 18:33:05.670008: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Aug 26 18:33:05.670014: | ***emit ISAKMP Hash Payload:
Aug 26 18:33:05.670020: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:05.670027: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH)
Aug 26 18:33:05.670033: | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg'
Aug 26 18:33:05.670040: | emitting 32 zero bytes of HASH DATA into ISAKMP Hash Payload
Aug 26 18:33:05.670046: | emitting length of ISAKMP Hash Payload: 36
Aug 26 18:33:05.670052: | ***emit ISAKMP Delete Payload:
Aug 26 18:33:05.670057: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:05.670062: | DOI: ISAKMP_DOI_IPSEC (0x1)
Aug 26 18:33:05.670068: | protocol ID: 1 (0x1)
Aug 26 18:33:05.670073: | SPI size: 16 (0x10)
Aug 26 18:33:05.670078: | number of SPIs: 1 (0x1)
Aug 26 18:33:05.670085: | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D)
Aug 26 18:33:05.670091: | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg'
Aug 26 18:33:05.670098: | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload
Aug 26 18:33:05.670104: | initiator SPI 35 80 c1 69 e2 a9 e2 31
Aug 26 18:33:05.670110: | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload
Aug 26 18:33:05.670115: | responder SPI 4b 16 40 1f 95 19 a0 1f
Aug 26 18:33:05.670120: | emitting length of ISAKMP Delete Payload: 28
Aug 26 18:33:05.670192: | send delete HASH(1):
Aug 26 18:33:05.670200: | c1 31 08 a5 b9 d1 6c 47 ba a7 9a ff 9b be 13 67
Aug 26 18:33:05.670206: | fc dc 1a c3 8b ad 7d 6b e0 2e 9e fd 02 e4 ee f3
Aug 26 18:33:05.670223: | no IKEv1 message padding required
Aug 26 18:33:05.670229: | emitting length of ISAKMP Message: 92
Aug 26 18:33:05.670271: | sending 92 bytes for delete notify through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #1)
Aug 26 18:33:05.670281: | 35 80 c1 69 e2 a9 e2 31 4b 16 40 1f 95 19 a0 1f
Aug 26 18:33:05.670286: | 08 10 05 01 64 a9 ec 78 00 00 00 5c 44 69 fd 92
Aug 26 18:33:05.670322: | c7 b8 82 9c 11 8a 68 75 b6 13 86 f0 10 de 8c d5
Aug 26 18:33:05.670329: | 38 d1 c5 f2 a5 26 20 b7 d1 bc 90 f4 b3 e1 1d d4
Aug 26 18:33:05.670334: | 45 0f 85 6b 42 f0 02 cb 85 24 7d b0 c5 f7 e4 5b
Aug 26 18:33:05.670339: | cf 89 8a f9 4f 91 50 db 3b cd 51 33
Aug 26 18:33:05.670368: ERROR: "north-a-dpd" #1: sendto on eth1 to 192.1.2.23:500 failed in delete notify. Errno 113: No route to host
Aug 26 18:33:05.670376: | state #1 requesting EVENT_SA_REPLACE to be deleted
Aug 26 18:33:05.670391: | libevent_free: release ptr-libevent@0x55c66d976ab8
Aug 26 18:33:05.670401: | free_event_entry: release EVENT_SA_REPLACE-pe@0x55c66d954c08
Aug 26 18:33:05.670411: | State DB: IKEv1 state not found (flush_incomplete_children)
Aug 26 18:33:05.670419: | in connection_discard for connection north-a-dpd
Aug 26 18:33:05.670425: | State DB: deleting IKEv1 state #1 in MAIN_I4
Aug 26 18:33:05.670432: | parent state #1: MAIN_I4(established IKE SA) => UNDEFINED(ignore)
Aug 26 18:33:05.670451: | unreference key: 0x55c66d954b18 C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org cnt 2--
Aug 26 18:33:05.670495: | stop processing: state #1 from 192.1.2.23 (in delete_state() at state.c:1143)
Aug 26 18:33:05.670521: | unreference key: 0x55c66d954b18 C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org cnt 1--
Aug 26 18:33:05.670533: | unreference key: 0x55c66d9630d8 user-east@testing.libreswan.org cnt 1--
Aug 26 18:33:05.670541: | unreference key: 0x55c66d963328 @east.testing.libreswan.org cnt 1--
Aug 26 18:33:05.670551: | unreference key: 0x55c66d961578 east@testing.libreswan.org cnt 1--
Aug 26 18:33:05.670562: | unreference key: 0x55c66d961a28 192.1.2.23 cnt 1--
Aug 26 18:33:05.670613: | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312)
Aug 26 18:33:05.670622: | processing: STOP connection NULL (in terminate_a_connection() at terminate.c:87)
Aug 26 18:33:05.670630: | FOR_EACH_CONNECTION_... in conn_by_name
Aug 26 18:33:05.670645: | start processing: connection "northnet-eastnet-b" (in initiate_a_connection() at initiate.c:186)
Aug 26 18:33:05.670652: | empty esp_info, returning defaults for ENCRYPT
Aug 26 18:33:05.670660: | connection 'northnet-eastnet-b' +POLICY_UP
Aug 26 18:33:05.670667: | dup_any(fd@-1) -> fd@-1 (in initiate_a_connection() at initiate.c:342)
Aug 26 18:33:05.670673: | FOR_EACH_STATE_... in find_phase1_state
Aug 26 18:33:05.670686: | creating state object #3 at 0x55c66d956938
Aug 26 18:33:05.670692: | State DB: adding IKEv1 state #3 in UNDEFINED
Aug 26 18:33:05.670707: | pstats #3 ikev1.isakmp started
Aug 26 18:33:05.670721: | suspend processing: connection "northnet-eastnet-b" (in main_outI1() at ikev1_main.c:118)
Aug 26 18:33:05.670730: | start processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118)
Aug 26 18:33:05.670737: | parent state #3: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA)
Aug 26 18:33:05.670744: | dup_any(fd@-1) -> fd@-1 (in main_outI1() at ikev1_main.c:123)
Aug 26 18:33:05.670752: | Queuing pending IPsec SA negotiating with 192.1.2.23 "northnet-eastnet-b" IKE SA #3 "northnet-eastnet-b"
Aug 26 18:33:05.670760: "northnet-eastnet-b" #3: initiating Main Mode
Aug 26 18:33:05.670823: | **emit ISAKMP Message:
Aug 26 18:33:05.670829: | initiator cookie:
Aug 26 18:33:05.670835: | 09 eb 5d d0 b4 d5 55 61
Aug 26 18:33:05.670840: | responder cookie:
Aug 26 18:33:05.670845: | 00 00 00 00 00 00 00 00
Aug 26 18:33:05.670851: | next payload type: ISAKMP_NEXT_SA (0x1)
Aug 26 18:33:05.670856: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:33:05.670862: | exchange type: ISAKMP_XCHG_IDPROT (0x2)
Aug 26 18:33:05.670867: | flags: none (0x0)
Aug 26 18:33:05.670873: | Message ID: 0 (0x0)
Aug 26 18:33:05.670878: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Aug 26 18:33:05.670890: | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA
Aug 26 18:33:05.670897: | no specific IKE algorithms specified - using defaults
Aug 26 18:33:05.670947: | oakley_alg_makedb() processing ealg=aes=7 halg=sha2_256=4 modp=MODP2048=14 eklen=0
Aug 26 18:33:05.670962: | oakley_alg_makedb() processing ealg=aes=7 halg=sha2_512=6 modp=MODP2048=14 eklen=0
Aug 26 18:33:05.670973: | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=0
Aug 26 18:33:05.670984: | oakley_alg_makedb() processing ealg=aes=7 halg=sha2_256=4 modp=MODP1536=5 eklen=0
Aug 26 18:33:05.670996: | oakley_alg_makedb() processing ealg=aes=7 halg=sha2_512=6 modp=MODP1536=5 eklen=0
Aug 26 18:33:05.671012: | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP1536=5 eklen=0
Aug 26 18:33:05.671029: | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_256=4 modp=MODP2048=14 eklen=0
Aug 26 18:33:05.671041: | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_512=6 modp=MODP2048=14 eklen=0
Aug 26 18:33:05.671055: | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP2048=14 eklen=0
Aug 26 18:33:05.671066: | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_256=4 modp=MODP1536=5 eklen=0
Aug 26 18:33:05.671078: | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_512=6 modp=MODP1536=5 eklen=0
Aug 26 18:33:05.671089: | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP1536=5 eklen=0
Aug 26 18:33:05.671101: | oakley_alg_makedb() returning 0x55c66d957738
Aug 26 18:33:05.671114: | ***emit ISAKMP Security Association Payload:
Aug 26 18:33:05.671120: | next payload type: ISAKMP_NEXT_VID (0xd)
Aug 26 18:33:05.671125: | DOI: ISAKMP_DOI_IPSEC (0x1)
Aug 26 18:33:05.671132: | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
Aug 26 18:33:05.671138: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA)
Aug 26 18:33:05.671145: | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:05.671150: | ****emit IPsec DOI SIT:
Aug 26 18:33:05.671156: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
Aug 26 18:33:05.671162: | ikev1_out_sa pcn: 0 has 1 valid proposals
Aug 26 18:33:05.671169: | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 18
Aug 26 18:33:05.671174: | ****emit ISAKMP Proposal Payload:
Aug 26 18:33:05.671179: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:05.671185: | proposal number: 0 (0x0)
Aug 26 18:33:05.671190: | protocol ID: PROTO_ISAKMP (0x1)
Aug 26 18:33:05.671195: | SPI size: 0 (0x0)
Aug 26 18:33:05.671201: | number of transforms: 18 (0x12)
Aug 26 18:33:05.671207: | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type'
Aug 26 18:33:05.671213: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:05.671218: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.671223: | ISAKMP transform number: 0 (0x0)
Aug 26 18:33:05.671229: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:05.671235: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:05.671241: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671247: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:05.671253: | length/value: 1 (0x1)
Aug 26 18:33:05.671259: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:05.671264: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671270: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:05.671275: | length/value: 3600 (0xe10)
Aug 26 18:33:05.671281: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671286: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:05.671305: | length/value: 7 (0x7)
Aug 26 18:33:05.671312: | [7 is OAKLEY_AES_CBC]
Aug 26 18:33:05.671322: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671328: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:05.671333: | length/value: 4 (0x4)
Aug 26 18:33:05.671343: | [4 is OAKLEY_SHA2_256]
Aug 26 18:33:05.671349: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671354: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:05.671359: | length/value: 3 (0x3)
Aug 26 18:33:05.671364: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:05.671369: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671374: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:05.671379: | length/value: 14 (0xe)
Aug 26 18:33:05.671385: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:05.671390: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671395: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:33:05.671400: | length/value: 256 (0x100)
Aug 26 18:33:05.671406: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:33:05.671412: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:05.671417: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.671422: | ISAKMP transform number: 1 (0x1)
Aug 26 18:33:05.671427: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:05.671434: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.671440: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:05.671446: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671451: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:05.671456: | length/value: 1 (0x1)
Aug 26 18:33:05.671461: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:05.671466: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671472: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:05.671477: | length/value: 3600 (0xe10)
Aug 26 18:33:05.671482: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671487: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:05.671492: | length/value: 7 (0x7)
Aug 26 18:33:05.671497: | [7 is OAKLEY_AES_CBC]
Aug 26 18:33:05.671502: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671508: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:05.671513: | length/value: 4 (0x4)
Aug 26 18:33:05.671518: | [4 is OAKLEY_SHA2_256]
Aug 26 18:33:05.671523: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671528: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:05.671533: | length/value: 3 (0x3)
Aug 26 18:33:05.671538: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:05.671543: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671548: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:05.671553: | length/value: 14 (0xe)
Aug 26 18:33:05.671558: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:05.671563: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671568: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:33:05.671574: | length/value: 128 (0x80)
Aug 26 18:33:05.671579: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:33:05.671584: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:05.671589: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.671594: | ISAKMP transform number: 2 (0x2)
Aug 26 18:33:05.671599: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:05.671605: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.671611: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:05.671616: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671622: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:05.671627: | length/value: 1 (0x1)
Aug 26 18:33:05.671632: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:05.671637: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671645: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:05.671650: | length/value: 3600 (0xe10)
Aug 26 18:33:05.671655: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671661: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:05.671666: | length/value: 7 (0x7)
Aug 26 18:33:05.671671: | [7 is OAKLEY_AES_CBC]
Aug 26 18:33:05.671676: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671681: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:05.671686: | length/value: 6 (0x6)
Aug 26 18:33:05.671691: | [6 is OAKLEY_SHA2_512]
Aug 26 18:33:05.671696: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671701: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:05.671706: | length/value: 3 (0x3)
Aug 26 18:33:05.671711: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:05.671716: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671721: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:05.671726: | length/value: 14 (0xe)
Aug 26 18:33:05.671731: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:05.671736: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671742: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:33:05.671747: | length/value: 256 (0x100)
Aug 26 18:33:05.671752: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:33:05.671757: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:05.671762: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.671767: | ISAKMP transform number: 3 (0x3)
Aug 26 18:33:05.671772: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:05.671779: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.671785: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:05.671790: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671795: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:05.671800: | length/value: 1 (0x1)
Aug 26 18:33:05.671805: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:05.671810: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671815: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:05.671820: | length/value: 3600 (0xe10)
Aug 26 18:33:05.671825: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671831: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:05.671836: | length/value: 7 (0x7)
Aug 26 18:33:05.671841: | [7 is OAKLEY_AES_CBC]
Aug 26 18:33:05.671846: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671851: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:05.671856: | length/value: 6 (0x6)
Aug 26 18:33:05.671861: | [6 is OAKLEY_SHA2_512]
Aug 26 18:33:05.671866: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671871: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:05.671876: | length/value: 3 (0x3)
Aug 26 18:33:05.671881: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:05.671886: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671891: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:05.671896: | length/value: 14 (0xe)
Aug 26 18:33:05.671901: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:05.671906: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671911: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:33:05.671916: | length/value: 128 (0x80)
Aug 26 18:33:05.671922: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:33:05.671927: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:05.671932: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.671937: | ISAKMP transform number: 4 (0x4)
Aug 26 18:33:05.671942: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:05.671948: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.671956: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:05.671962: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671967: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:05.671972: | length/value: 1 (0x1)
Aug 26 18:33:05.671977: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:05.671982: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.671988: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:05.671993: | length/value: 3600 (0xe10)
Aug 26 18:33:05.671998: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672003: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:05.672008: | length/value: 7 (0x7)
Aug 26 18:33:05.672013: | [7 is OAKLEY_AES_CBC]
Aug 26 18:33:05.672018: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672023: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:05.672028: | length/value: 2 (0x2)
Aug 26 18:33:05.672033: | [2 is OAKLEY_SHA1]
Aug 26 18:33:05.672038: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672044: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:05.672049: | length/value: 3 (0x3)
Aug 26 18:33:05.672054: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:05.672059: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672064: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:05.672069: | length/value: 14 (0xe)
Aug 26 18:33:05.672074: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:05.672079: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672084: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:33:05.672089: | length/value: 256 (0x100)
Aug 26 18:33:05.672094: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:33:05.672099: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:05.672104: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.672109: | ISAKMP transform number: 5 (0x5)
Aug 26 18:33:05.672114: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:05.672121: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.672126: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:05.672132: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672137: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:05.672142: | length/value: 1 (0x1)
Aug 26 18:33:05.672147: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:05.672152: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672157: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:05.672162: | length/value: 3600 (0xe10)
Aug 26 18:33:05.672168: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672173: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:05.672178: | length/value: 7 (0x7)
Aug 26 18:33:05.672183: | [7 is OAKLEY_AES_CBC]
Aug 26 18:33:05.672188: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672193: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:05.672198: | length/value: 2 (0x2)
Aug 26 18:33:05.672203: | [2 is OAKLEY_SHA1]
Aug 26 18:33:05.672208: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672213: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:05.672218: | length/value: 3 (0x3)
Aug 26 18:33:05.672223: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:05.672228: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672233: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:05.672238: | length/value: 14 (0xe)
Aug 26 18:33:05.672243: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:05.672248: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672253: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:33:05.672258: | length/value: 128 (0x80)
Aug 26 18:33:05.672264: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:33:05.672269: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:05.672276: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.672282: | ISAKMP transform number: 6 (0x6)
Aug 26 18:33:05.672287: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:05.672305: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.672311: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:05.672317: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672322: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:05.672327: | length/value: 1 (0x1)
Aug 26 18:33:05.672332: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:05.672340: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672345: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:05.672351: | length/value: 3600 (0xe10)
Aug 26 18:33:05.672356: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672361: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:05.672366: | length/value: 7 (0x7)
Aug 26 18:33:05.672371: | [7 is OAKLEY_AES_CBC]
Aug 26 18:33:05.672376: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672381: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:05.672386: | length/value: 4 (0x4)
Aug 26 18:33:05.672391: | [4 is OAKLEY_SHA2_256]
Aug 26 18:33:05.672396: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672402: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:05.672407: | length/value: 3 (0x3)
Aug 26 18:33:05.672412: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:05.672417: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672422: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:05.672427: | length/value: 5 (0x5)
Aug 26 18:33:05.672432: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:33:05.672437: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672442: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:33:05.672447: | length/value: 256 (0x100)
Aug 26 18:33:05.672452: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:33:05.672457: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:05.672462: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.672467: | ISAKMP transform number: 7 (0x7)
Aug 26 18:33:05.672473: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:05.672479: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.672484: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:05.672490: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672495: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:05.672500: | length/value: 1 (0x1)
Aug 26 18:33:05.672505: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:05.672510: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672515: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:05.672520: | length/value: 3600 (0xe10)
Aug 26 18:33:05.672525: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672531: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:05.672536: | length/value: 7 (0x7)
Aug 26 18:33:05.672541: | [7 is OAKLEY_AES_CBC]
Aug 26 18:33:05.672545: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672551: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:05.672556: | length/value: 4 (0x4)
Aug 26 18:33:05.672561: | [4 is OAKLEY_SHA2_256]
Aug 26 18:33:05.672566: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672571: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:05.672576: | length/value: 3 (0x3)
Aug 26 18:33:05.672581: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:05.672586: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672591: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:05.672599: | length/value: 5 (0x5)
Aug 26 18:33:05.672604: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:33:05.672609: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672615: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:33:05.672620: | length/value: 128 (0x80)
Aug 26 18:33:05.672625: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:33:05.672630: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:05.672635: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.672640: | ISAKMP transform number: 8 (0x8)
Aug 26 18:33:05.672645: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:05.672651: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.672657: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:05.672662: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672668: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:05.672673: | length/value: 1 (0x1)
Aug 26 18:33:05.672678: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:05.672683: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672688: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:05.672693: | length/value: 3600 (0xe10)
Aug 26 18:33:05.672698: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672703: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:05.672708: | length/value: 7 (0x7)
Aug 26 18:33:05.672713: | [7 is OAKLEY_AES_CBC]
Aug 26 18:33:05.672718: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672724: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:05.672729: | length/value: 6 (0x6)
Aug 26 18:33:05.672734: | [6 is OAKLEY_SHA2_512]
Aug 26 18:33:05.672738: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672744: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:05.672749: | length/value: 3 (0x3)
Aug 26 18:33:05.672754: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:05.672759: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672764: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:05.672769: | length/value: 5 (0x5)
Aug 26 18:33:05.672774: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:33:05.672779: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672784: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:33:05.672789: | length/value: 256 (0x100)
Aug 26 18:33:05.672794: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:33:05.672799: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:05.672805: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.672810: | ISAKMP transform number: 9 (0x9)
Aug 26 18:33:05.672815: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:05.672821: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.672826: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:05.672832: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672837: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:05.672842: | length/value: 1 (0x1)
Aug 26 18:33:05.672847: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:05.672852: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672857: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:05.672862: | length/value: 3600 (0xe10)
Aug 26 18:33:05.672868: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672873: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:05.672878: | length/value: 7 (0x7)
Aug 26 18:33:05.672883: | [7 is OAKLEY_AES_CBC]
Aug 26 18:33:05.672888: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672893: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:05.672898: | length/value: 6 (0x6)
Aug 26 18:33:05.672903: | [6 is OAKLEY_SHA2_512]
Aug 26 18:33:05.672910: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672916: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:05.672921: | length/value: 3 (0x3)
Aug 26 18:33:05.672926: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:05.672931: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672936: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:05.672941: | length/value: 5 (0x5)
Aug 26 18:33:05.672946: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:33:05.672951: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.672956: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:33:05.672961: | length/value: 128 (0x80)
Aug 26 18:33:05.672967: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:33:05.672972: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:05.672977: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.672982: | ISAKMP transform number: 10 (0xa)
Aug 26 18:33:05.672987: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:05.672993: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.672999: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:05.673004: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673009: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:05.673014: | length/value: 1 (0x1)
Aug 26 18:33:05.673020: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:05.673024: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673030: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:05.673035: | length/value: 3600 (0xe10)
Aug 26 18:33:05.673040: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673045: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:05.673050: | length/value: 7 (0x7)
Aug 26 18:33:05.673056: | [7 is OAKLEY_AES_CBC]
Aug 26 18:33:05.673060: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673066: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:05.673071: | length/value: 2 (0x2)
Aug 26 18:33:05.673076: | [2 is OAKLEY_SHA1]
Aug 26 18:33:05.673080: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673086: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:05.673091: | length/value: 3 (0x3)
Aug 26 18:33:05.673096: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:05.673101: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673106: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:05.673111: | length/value: 5 (0x5)
Aug 26 18:33:05.673116: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:33:05.673121: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673126: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:33:05.673131: | length/value: 256 (0x100)
Aug 26 18:33:05.673136: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:33:05.673142: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:05.673147: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.673152: | ISAKMP transform number: 11 (0xb)
Aug 26 18:33:05.673157: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:05.673163: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.673169: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:05.673174: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673179: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:05.673184: | length/value: 1 (0x1)
Aug 26 18:33:05.673189: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:05.673194: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673200: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:05.673205: | length/value: 3600 (0xe10)
Aug 26 18:33:05.673210: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673217: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:05.673223: | length/value: 7 (0x7)
Aug 26 18:33:05.673228: | [7 is OAKLEY_AES_CBC]
Aug 26 18:33:05.673233: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673238: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:05.673243: | length/value: 2 (0x2)
Aug 26 18:33:05.673248: | [2 is OAKLEY_SHA1]
Aug 26 18:33:05.673253: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673273: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:05.673277: | length/value: 3 (0x3)
Aug 26 18:33:05.673281: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:05.673285: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673295: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:05.673301: | length/value: 5 (0x5)
Aug 26 18:33:05.673305: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:33:05.673309: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673313: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:33:05.673317: | length/value: 128 (0x80)
Aug 26 18:33:05.673321: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:33:05.673325: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:05.673329: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.673334: | ISAKMP transform number: 12 (0xc)
Aug 26 18:33:05.673338: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:05.673343: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.673347: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:05.673351: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673355: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:05.673359: | length/value: 1 (0x1)
Aug 26 18:33:05.673363: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:05.673367: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673371: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:05.673375: | length/value: 3600 (0xe10)
Aug 26 18:33:05.673378: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673382: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:05.673386: | length/value: 5 (0x5)
Aug 26 18:33:05.673390: | [5 is OAKLEY_3DES_CBC]
Aug 26 18:33:05.673394: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673397: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:05.673401: | length/value: 4 (0x4)
Aug 26 18:33:05.673405: | [4 is OAKLEY_SHA2_256]
Aug 26 18:33:05.673409: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673413: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:05.673416: | length/value: 3 (0x3)
Aug 26 18:33:05.673420: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:05.673424: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673428: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:05.673431: | length/value: 14 (0xe)
Aug 26 18:33:05.673435: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:05.673439: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Aug 26 18:33:05.673443: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:05.673447: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.673451: | ISAKMP transform number: 13 (0xd)
Aug 26 18:33:05.673454: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:05.673459: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.673463: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:05.673467: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673471: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:05.673475: | length/value: 1 (0x1)
Aug 26 18:33:05.673479: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:05.673482: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673489: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:05.673493: | length/value: 3600 (0xe10)
Aug 26 18:33:05.673496: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673500: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:05.673504: | length/value: 5 (0x5)
Aug 26 18:33:05.673508: | [5 is OAKLEY_3DES_CBC]
Aug 26 18:33:05.673512: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673515: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:05.673519: | length/value: 6 (0x6)
Aug 26 18:33:05.673523: | [6 is OAKLEY_SHA2_512]
Aug 26 18:33:05.673527: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673531: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:05.673534: | length/value: 3 (0x3)
Aug 26 18:33:05.673538: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:05.673542: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673546: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:05.673549: | length/value: 14 (0xe)
Aug 26 18:33:05.673553: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:05.673557: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Aug 26 18:33:05.673561: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:05.673565: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.673568: | ISAKMP transform number: 14 (0xe)
Aug 26 18:33:05.673572: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:05.673577: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.673581: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:05.673585: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673589: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:05.673593: | length/value: 1 (0x1)
Aug 26 18:33:05.673597: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:05.673600: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673604: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:05.673608: | length/value: 3600 (0xe10)
Aug 26 18:33:05.673612: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673616: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:05.673619: | length/value: 5 (0x5)
Aug 26 18:33:05.673623: | [5 is OAKLEY_3DES_CBC]
Aug 26 18:33:05.673627: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673631: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:05.673635: | length/value: 2 (0x2)
Aug 26 18:33:05.673638: | [2 is OAKLEY_SHA1]
Aug 26 18:33:05.673642: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673646: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:05.673650: | length/value: 3 (0x3)
Aug 26 18:33:05.673653: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:05.673657: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673661: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:05.673665: | length/value: 14 (0xe)
Aug 26 18:33:05.673668: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:05.673672: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Aug 26 18:33:05.673676: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:05.673680: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.673684: | ISAKMP transform number: 15 (0xf)
Aug 26 18:33:05.673687: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:05.673692: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.673696: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:05.673700: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673704: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:05.673708: | length/value: 1 (0x1)
Aug 26 18:33:05.673712: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:05.673717: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673721: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:05.673725: | length/value: 3600 (0xe10)
Aug 26 18:33:05.673729: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673733: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:05.673737: | length/value: 5 (0x5)
Aug 26 18:33:05.673740: | [5 is OAKLEY_3DES_CBC]
Aug 26 18:33:05.673744: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673748: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:05.673752: | length/value: 4 (0x4)
Aug 26 18:33:05.673756: | [4 is OAKLEY_SHA2_256]
Aug 26 18:33:05.673759: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673763: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:05.673767: | length/value: 3 (0x3)
Aug 26 18:33:05.673771: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:05.673774: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673778: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:05.673782: | length/value: 5 (0x5)
Aug 26 18:33:05.673786: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:33:05.673790: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Aug 26 18:33:05.673793: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:05.673797: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.673801: | ISAKMP transform number: 16 (0x10)
Aug 26 18:33:05.673805: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:05.673809: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.673814: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:05.673817: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673821: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:05.673825: | length/value: 1 (0x1)
Aug 26 18:33:05.673829: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:05.673833: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673837: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:05.673841: | length/value: 3600 (0xe10)
Aug 26 18:33:05.673844: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673848: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:05.673852: | length/value: 5 (0x5)
Aug 26 18:33:05.673856: | [5 is OAKLEY_3DES_CBC]
Aug 26 18:33:05.673859: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673863: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:05.673867: | length/value: 6 (0x6)
Aug 26 18:33:05.673871: | [6 is OAKLEY_SHA2_512]
Aug 26 18:33:05.673875: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673878: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:05.673882: | length/value: 3 (0x3)
Aug 26 18:33:05.673886: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:05.673890: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673893: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:05.673897: | length/value: 5 (0x5)
Aug 26 18:33:05.673901: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:33:05.673905: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Aug 26 18:33:05.673909: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:05.673912: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:05.673916: | ISAKMP transform number: 17 (0x11)
Aug 26 18:33:05.673920: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:05.673925: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:05.673929: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:05.673933: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673937: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:05.673940: | length/value: 1 (0x1)
Aug 26 18:33:05.673946: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:05.673950: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673954: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:05.673958: | length/value: 3600 (0xe10)
Aug 26 18:33:05.673962: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673966: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:05.673969: | length/value: 5 (0x5)
Aug 26 18:33:05.673973: | [5 is OAKLEY_3DES_CBC]
Aug 26 18:33:05.673977: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673981: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:05.673984: | length/value: 2 (0x2)
Aug 26 18:33:05.673988: | [2 is OAKLEY_SHA1]
Aug 26 18:33:05.673992: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.673996: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:05.673999: | length/value: 3 (0x3)
Aug 26 18:33:05.674003: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:05.674007: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:05.674011: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:05.674015: | length/value: 5 (0x5)
Aug 26 18:33:05.674018: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:33:05.674022: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Aug 26 18:33:05.674026: | emitting length of ISAKMP Proposal Payload: 632
Aug 26 18:33:05.674031: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0
Aug 26 18:33:05.674035: | emitting length of ISAKMP Security Association Payload: 644
Aug 26 18:33:05.674040: | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0
Aug 26 18:33:05.674047: | out_vid(): sending [FRAGMENTATION]
Aug 26 18:33:05.674052: | ***emit ISAKMP Vendor ID Payload:
Aug 26 18:33:05.674056: | next payload type: ISAKMP_NEXT_VID (0xd)
Aug 26 18:33:05.674060: | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
Aug 26 18:33:05.674066: | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
Aug 26 18:33:05.674070: | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:05.674075: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Aug 26 18:33:05.674080: | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3
Aug 26 18:33:05.674084: | emitting length of ISAKMP Vendor ID Payload: 20
Aug 26 18:33:05.674088: | out_vid(): sending [Dead Peer Detection]
Aug 26 18:33:05.674092: | ***emit ISAKMP Vendor ID Payload:
Aug 26 18:33:05.674096: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:05.674101: | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
Aug 26 18:33:05.674105: | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:05.674109: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Aug 26 18:33:05.674113: | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00
Aug 26 18:33:05.674117: | emitting length of ISAKMP Vendor ID Payload: 20
Aug 26 18:33:05.674121: | nat add vid
Aug 26 18:33:05.674125: | sending draft and RFC NATT VIDs
Aug 26 18:33:05.674128: | out_vid(): sending [RFC 3947]
Aug 26 18:33:05.674132: | ***emit ISAKMP Vendor ID Payload:
Aug 26 18:33:05.674136: | next payload type: ISAKMP_NEXT_VID (0xd)
Aug 26 18:33:05.674141: | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
Aug 26 18:33:05.674145: | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
Aug 26 18:33:05.674150: | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:05.674154: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Aug 26 18:33:05.674160: | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
Aug 26 18:33:05.674164: | emitting length of ISAKMP Vendor ID Payload: 20
Aug 26 18:33:05.674167: | skipping VID_NATT_RFC
Aug 26 18:33:05.674172: | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03]
Aug 26 18:33:05.674175: | ***emit ISAKMP Vendor ID Payload:
Aug 26 18:33:05.674179: | next payload type: ISAKMP_NEXT_VID (0xd)
Aug 26 18:33:05.674184: | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
Aug 26 18:33:05.674188: | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
Aug 26 18:33:05.674193: | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:05.674197: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Aug 26 18:33:05.674201: | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56
Aug 26 18:33:05.674205: | emitting length of ISAKMP Vendor ID Payload: 20
Aug 26 18:33:05.674209: | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n]
Aug 26 18:33:05.674212: | ***emit ISAKMP Vendor ID Payload:
Aug 26 18:33:05.674216: | next payload type: ISAKMP_NEXT_VID (0xd)
Aug 26 18:33:05.674221: | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
Aug 26 18:33:05.674225: | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
Aug 26 18:33:05.674230: | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:05.674234: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Aug 26 18:33:05.674238: | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f
Aug 26 18:33:05.674242: | emitting length of ISAKMP Vendor ID Payload: 20
Aug 26 18:33:05.674245: | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02]
Aug 26 18:33:05.674249: | ***emit ISAKMP Vendor ID Payload:
Aug 26 18:33:05.674253: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:05.674258: | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
Aug 26 18:33:05.674262: | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:05.674266: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Aug 26 18:33:05.674270: | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48
Aug 26 18:33:05.674274: | emitting length of ISAKMP Vendor ID Payload: 20
Aug 26 18:33:05.674278: | no IKEv1 message padding required
Aug 26 18:33:05.674282: | emitting length of ISAKMP Message: 792
Aug 26 18:33:05.674321: | sending 792 bytes for reply packet for main_outI1 through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #3)
Aug 26 18:33:05.674327: | 09 eb 5d d0 b4 d5 55 61 00 00 00 00 00 00 00 00
Aug 26 18:33:05.674333: | 01 10 02 00 00 00 00 00 00 00 03 18 0d 00 02 84
Aug 26 18:33:05.674337: | 00 00 00 01 00 00 00 01 00 00 02 78 00 01 00 12
Aug 26 18:33:05.674341: | 03 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:05.674345: | 80 01 00 07 80 02 00 04 80 03 00 03 80 04 00 0e
Aug 26 18:33:05.674348: | 80 0e 01 00 03 00 00 24 01 01 00 00 80 0b 00 01
Aug 26 18:33:05.674352: | 80 0c 0e 10 80 01 00 07 80 02 00 04 80 03 00 03
Aug 26 18:33:05.674356: | 80 04 00 0e 80 0e 00 80 03 00 00 24 02 01 00 00
Aug 26 18:33:05.674359: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 06
Aug 26 18:33:05.674363: | 80 03 00 03 80 04 00 0e 80 0e 01 00 03 00 00 24
Aug 26 18:33:05.674367: | 03 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:05.674370: | 80 02 00 06 80 03 00 03 80 04 00 0e 80 0e 00 80
Aug 26 18:33:05.674374: | 03 00 00 24 04 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:05.674378: | 80 01 00 07 80 02 00 02 80 03 00 03 80 04 00 0e
Aug 26 18:33:05.674384: | 80 0e 01 00 03 00 00 24 05 01 00 00 80 0b 00 01
Aug 26 18:33:05.674388: | 80 0c 0e 10 80 01 00 07 80 02 00 02 80 03 00 03
Aug 26 18:33:05.674392: | 80 04 00 0e 80 0e 00 80 03 00 00 24 06 01 00 00
Aug 26 18:33:05.674395: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 04
Aug 26 18:33:05.674399: | 80 03 00 03 80 04 00 05 80 0e 01 00 03 00 00 24
Aug 26 18:33:05.674403: | 07 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:05.674406: | 80 02 00 04 80 03 00 03 80 04 00 05 80 0e 00 80
Aug 26 18:33:05.674410: | 03 00 00 24 08 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:05.674414: | 80 01 00 07 80 02 00 06 80 03 00 03 80 04 00 05
Aug 26 18:33:05.674417: | 80 0e 01 00 03 00 00 24 09 01 00 00 80 0b 00 01
Aug 26 18:33:05.674421: | 80 0c 0e 10 80 01 00 07 80 02 00 06 80 03 00 03
Aug 26 18:33:05.674425: | 80 04 00 05 80 0e 00 80 03 00 00 24 0a 01 00 00
Aug 26 18:33:05.674428: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 02
Aug 26 18:33:05.674432: | 80 03 00 03 80 04 00 05 80 0e 01 00 03 00 00 24
Aug 26 18:33:05.674436: | 0b 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:05.674439: | 80 02 00 02 80 03 00 03 80 04 00 05 80 0e 00 80
Aug 26 18:33:05.674443: | 03 00 00 20 0c 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:05.674447: | 80 01 00 05 80 02 00 04 80 03 00 03 80 04 00 0e
Aug 26 18:33:05.674450: | 03 00 00 20 0d 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:05.674454: | 80 01 00 05 80 02 00 06 80 03 00 03 80 04 00 0e
Aug 26 18:33:05.674457: | 03 00 00 20 0e 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:05.674461: | 80 01 00 05 80 02 00 02 80 03 00 03 80 04 00 0e
Aug 26 18:33:05.674465: | 03 00 00 20 0f 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:05.674468: | 80 01 00 05 80 02 00 04 80 03 00 03 80 04 00 05
Aug 26 18:33:05.674472: | 03 00 00 20 10 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:05.674476: | 80 01 00 05 80 02 00 06 80 03 00 03 80 04 00 05
Aug 26 18:33:05.674479: | 00 00 00 20 11 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:05.674483: | 80 01 00 05 80 02 00 02 80 03 00 03 80 04 00 05
Aug 26 18:33:05.674487: | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f
Aug 26 18:33:05.674490: | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9
Aug 26 18:33:05.674494: | 6b 86 96 fc 77 57 01 00 0d 00 00 14 4a 13 1c 81
Aug 26 18:33:05.674498: | 07 03 58 45 5c 57 28 f2 0e 95 45 2f 0d 00 00 14
Aug 26 18:33:05.674501: | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56
Aug 26 18:33:05.674505: | 0d 00 00 14 90 cb 80 91 3e bb 69 6e 08 63 81 b5
Aug 26 18:33:05.674509: | ec 42 7b 1f 00 00 00 14 cd 60 46 43 35 df 21 f8
Aug 26 18:33:05.674512: | 7c fd b2 fc 68 b6 a4 48
Aug 26 18:33:05.674526: ERROR: "northnet-eastnet-b" #3: sendto on eth1 to 192.1.2.23:500 failed in reply packet for main_outI1. Errno 113: No route to host
Aug 26 18:33:05.674534: | event_schedule: new EVENT_RETRANSMIT-pe@0x55c66d954c08
Aug 26 18:33:05.674541: | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #3
Aug 26 18:33:05.674546: | libevent_malloc: new ptr-libevent@0x55c66d960ba8 size 128
Aug 26 18:33:05.674557: | #3 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29671.416999
Aug 26 18:33:05.674568: | #3 spent 3.88 milliseconds in main_outI1()
Aug 26 18:33:05.674576: | stop processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228)
Aug 26 18:33:05.674581: | resume processing: connection "northnet-eastnet-b" (in main_outI1() at ikev1_main.c:228)
Aug 26 18:33:05.674587: | stop processing: connection "northnet-eastnet-b" (in initiate_a_connection() at initiate.c:349)
Aug 26 18:33:05.674591: | FOR_EACH_CONNECTION_... in conn_by_name
Aug 26 18:33:05.674598: | start processing: connection "north-a-dpd" (in initiate_a_connection() at initiate.c:186)
Aug 26 18:33:05.674602: | empty esp_info, returning defaults for ENCRYPT
Aug 26 18:33:05.674613: | connection 'north-a-dpd' +POLICY_UP
Aug 26 18:33:05.674618: | dup_any(fd@-1) -> fd@-1 (in initiate_a_connection() at initiate.c:342)
Aug 26 18:33:05.674623: | FOR_EACH_STATE_... in find_phase1_state
Aug 26 18:33:05.674630: | Queuing pending IPsec SA negotiating with 192.1.2.23 "north-a-dpd" IKE SA #3 "northnet-eastnet-b"
Aug 26 18:33:05.674637: | stop processing: connection "north-a-dpd" (in initiate_a_connection() at initiate.c:349)
Aug 26 18:33:05.674642: | libevent_free: release ptr-libevent@0x55c66d95d888
Aug 26 18:33:05.674647: | free_event_entry: release EVENT_DPD_TIMEOUT-pe@0x55c66d974848
Aug 26 18:33:05.674652: | in statetime_stop() and could not find #1
Aug 26 18:33:05.674657: | processing: STOP state #0 (in timer_event_cb() at timer.c:557)
Aug 26 18:33:05.674678: | processing signal PLUTO_SIGCHLD
Aug 26 18:33:05.674687: | waitpid returned ECHILD (no child processes left)
Aug 26 18:33:05.674695: | spent 0.00834 milliseconds in signal handler PLUTO_SIGCHLD
Aug 26 18:33:06.135329: | timer_event_cb: processing event@0x55c66d954c08
Aug 26 18:33:06.135347: | handling event EVENT_RETRANSMIT for parent state #3
Aug 26 18:33:06.135353: | start processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in timer_event_cb() at timer.c:250)
Aug 26 18:33:06.135368: | IKEv1 retransmit event
Aug 26 18:33:06.135371: | [RE]START processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:61)
Aug 26 18:33:06.135375: | handling event EVENT_RETRANSMIT for 192.1.2.23 "northnet-eastnet-b" #3 keying attempt 1 of 0; retransmit 1
Aug 26 18:33:06.135379: | retransmits: current time 29671.877844; retransmit count 0 exceeds limit? NO; deltatime 0.5 exceeds limit? NO; monotime 0.460845 exceeds limit? NO
Aug 26 18:33:06.135381: | event_schedule: new EVENT_RETRANSMIT-pe@0x55c66d94da38
Aug 26 18:33:06.135384: | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #3
Aug 26 18:33:06.135387: | libevent_malloc: new ptr-libevent@0x55c66d95d888 size 128
Aug 26 18:33:06.135390: "northnet-eastnet-b" #3: STATE_MAIN_I1: retransmission; will wait 0.5 seconds for response
Aug 26 18:33:06.135394: | sending 792 bytes for EVENT_RETRANSMIT through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #3)
Aug 26 18:33:06.135396: | 09 eb 5d d0 b4 d5 55 61 00 00 00 00 00 00 00 00
Aug 26 18:33:06.135398: | 01 10 02 00 00 00 00 00 00 00 03 18 0d 00 02 84
Aug 26 18:33:06.135399: | 00 00 00 01 00 00 00 01 00 00 02 78 00 01 00 12
Aug 26 18:33:06.135401: | 03 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:06.135402: | 80 01 00 07 80 02 00 04 80 03 00 03 80 04 00 0e
Aug 26 18:33:06.135404: | 80 0e 01 00 03 00 00 24 01 01 00 00 80 0b 00 01
Aug 26 18:33:06.135405: | 80 0c 0e 10 80 01 00 07 80 02 00 04 80 03 00 03
Aug 26 18:33:06.135407: | 80 04 00 0e 80 0e 00 80 03 00 00 24 02 01 00 00
Aug 26 18:33:06.135408: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 06
Aug 26 18:33:06.135409: | 80 03 00 03 80 04 00 0e 80 0e 01 00 03 00 00 24
Aug 26 18:33:06.135411: | 03 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:06.135412: | 80 02 00 06 80 03 00 03 80 04 00 0e 80 0e 00 80
Aug 26 18:33:06.135414: | 03 00 00 24 04 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:06.135415: | 80 01 00 07 80 02 00 02 80 03 00 03 80 04 00 0e
Aug 26 18:33:06.135417: | 80 0e 01 00 03 00 00 24 05 01 00 00 80 0b 00 01
Aug 26 18:33:06.135418: | 80 0c 0e 10 80 01 00 07 80 02 00 02 80 03 00 03
Aug 26 18:33:06.135420: | 80 04 00 0e 80 0e 00 80 03 00 00 24 06 01 00 00
Aug 26 18:33:06.135421: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 04
Aug 26 18:33:06.135423: | 80 03 00 03 80 04 00 05 80 0e 01 00 03 00 00 24
Aug 26 18:33:06.135424: | 07 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:06.135426: | 80 02 00 04 80 03 00 03 80 04 00 05 80 0e 00 80
Aug 26 18:33:06.135427: | 03 00 00 24 08 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:06.135428: | 80 01 00 07 80 02 00 06 80 03 00 03 80 04 00 05
Aug 26 18:33:06.135433: | 80 0e 01 00 03 00 00 24 09 01 00 00 80 0b 00 01
Aug 26 18:33:06.135435: | 80 0c 0e 10 80 01 00 07 80 02 00 06 80 03 00 03
Aug 26 18:33:06.135436: | 80 04 00 05 80 0e 00 80 03 00 00 24 0a 01 00 00
Aug 26 18:33:06.135438: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 02
Aug 26 18:33:06.135439: | 80 03 00 03 80 04 00 05 80 0e 01 00 03 00 00 24
Aug 26 18:33:06.135441: | 0b 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:06.135442: | 80 02 00 02 80 03 00 03 80 04 00 05 80 0e 00 80
Aug 26 18:33:06.135444: | 03 00 00 20 0c 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:06.135445: | 80 01 00 05 80 02 00 04 80 03 00 03 80 04 00 0e
Aug 26 18:33:06.135447: | 03 00 00 20 0d 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:06.135448: | 80 01 00 05 80 02 00 06 80 03 00 03 80 04 00 0e
Aug 26 18:33:06.135450: | 03 00 00 20 0e 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:06.135451: | 80 01 00 05 80 02 00 02 80 03 00 03 80 04 00 0e
Aug 26 18:33:06.135453: | 03 00 00 20 0f 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:06.135454: | 80 01 00 05 80 02 00 04 80 03 00 03 80 04 00 05
Aug 26 18:33:06.135456: | 03 00 00 20 10 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:06.135457: | 80 01 00 05 80 02 00 06 80 03 00 03 80 04 00 05
Aug 26 18:33:06.135458: | 00 00 00 20 11 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:06.135460: | 80 01 00 05 80 02 00 02 80 03 00 03 80 04 00 05
Aug 26 18:33:06.135461: | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f
Aug 26 18:33:06.135463: | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9
Aug 26 18:33:06.135464: | 6b 86 96 fc 77 57 01 00 0d 00 00 14 4a 13 1c 81
Aug 26 18:33:06.135466: | 07 03 58 45 5c 57 28 f2 0e 95 45 2f 0d 00 00 14
Aug 26 18:33:06.135467: | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56
Aug 26 18:33:06.135469: | 0d 00 00 14 90 cb 80 91 3e bb 69 6e 08 63 81 b5
Aug 26 18:33:06.135470: | ec 42 7b 1f 00 00 00 14 cd 60 46 43 35 df 21 f8
Aug 26 18:33:06.135472: | 7c fd b2 fc 68 b6 a4 48
Aug 26 18:33:06.135483: ERROR: "northnet-eastnet-b" #3: sendto on eth1 to 192.1.2.23:500 failed in EVENT_RETRANSMIT. Errno 113: No route to host
Aug 26 18:33:06.135486: | libevent_free: release ptr-libevent@0x55c66d960ba8
Aug 26 18:33:06.135488: | free_event_entry: release EVENT_RETRANSMIT-pe@0x55c66d954c08
Aug 26 18:33:06.135494: | #3 spent 0.187 milliseconds in timer_event_cb() EVENT_RETRANSMIT
Aug 26 18:33:06.135497: | stop processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in timer_event_cb() at timer.c:557)
Aug 26 18:33:06.636058: | timer_event_cb: processing event@0x55c66d94da38
Aug 26 18:33:06.636119: | handling event EVENT_RETRANSMIT for parent state #3
Aug 26 18:33:06.636153: | start processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in timer_event_cb() at timer.c:250)
Aug 26 18:33:06.636172: | IKEv1 retransmit event
Aug 26 18:33:06.636195: | [RE]START processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:61)
Aug 26 18:33:06.636217: | handling event EVENT_RETRANSMIT for 192.1.2.23 "northnet-eastnet-b" #3 keying attempt 1 of 0; retransmit 2
Aug 26 18:33:06.636244: | retransmits: current time 29672.378696; retransmit count 1 exceeds limit? NO; deltatime 1 exceeds limit? NO; monotime 0.961697 exceeds limit? NO
Aug 26 18:33:06.636261: | event_schedule: new EVENT_RETRANSMIT-pe@0x55c66d954c08
Aug 26 18:33:06.636279: | inserting event EVENT_RETRANSMIT, timeout in 1 seconds for #3
Aug 26 18:33:06.636330: | libevent_malloc: new ptr-libevent@0x55c66d960ba8 size 128
Aug 26 18:33:06.636359: "northnet-eastnet-b" #3: STATE_MAIN_I1: retransmission; will wait 1 seconds for response
Aug 26 18:33:06.636391: | sending 792 bytes for EVENT_RETRANSMIT through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #3)
Aug 26 18:33:06.636405: | 09 eb 5d d0 b4 d5 55 61 00 00 00 00 00 00 00 00
Aug 26 18:33:06.636416: | 01 10 02 00 00 00 00 00 00 00 03 18 0d 00 02 84
Aug 26 18:33:06.636440: | 00 00 00 01 00 00 00 01 00 00 02 78 00 01 00 12
Aug 26 18:33:06.636453: | 03 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:06.636465: | 80 01 00 07 80 02 00 04 80 03 00 03 80 04 00 0e
Aug 26 18:33:06.636477: | 80 0e 01 00 03 00 00 24 01 01 00 00 80 0b 00 01
Aug 26 18:33:06.636490: | 80 0c 0e 10 80 01 00 07 80 02 00 04 80 03 00 03
Aug 26 18:33:06.636501: | 80 04 00 0e 80 0e 00 80 03 00 00 24 02 01 00 00
Aug 26 18:33:06.636512: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 06
Aug 26 18:33:06.636524: | 80 03 00 03 80 04 00 0e 80 0e 01 00 03 00 00 24
Aug 26 18:33:06.636535: | 03 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:06.636545: | 80 02 00 06 80 03 00 03 80 04 00 0e 80 0e 00 80
Aug 26 18:33:06.636556: | 03 00 00 24 04 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:06.636566: | 80 01 00 07 80 02 00 02 80 03 00 03 80 04 00 0e
Aug 26 18:33:06.636576: | 80 0e 01 00 03 00 00 24 05 01 00 00 80 0b 00 01
Aug 26 18:33:06.636587: | 80 0c 0e 10 80 01 00 07 80 02 00 02 80 03 00 03
Aug 26 18:33:06.636597: | 80 04 00 0e 80 0e 00 80 03 00 00 24 06 01 00 00
Aug 26 18:33:06.636608: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 04
Aug 26 18:33:06.636619: | 80 03 00 03 80 04 00 05 80 0e 01 00 03 00 00 24
Aug 26 18:33:06.636630: | 07 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:06.636641: | 80 02 00 04 80 03 00 03 80 04 00 05 80 0e 00 80
Aug 26 18:33:06.636651: | 03 00 00 24 08 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:06.636662: | 80 01 00 07 80 02 00 06 80 03 00 03 80 04 00 05
Aug 26 18:33:06.636673: | 80 0e 01 00 03 00 00 24 09 01 00 00 80 0b 00 01
Aug 26 18:33:06.636685: | 80 0c 0e 10 80 01 00 07 80 02 00 06 80 03 00 03
Aug 26 18:33:06.636697: | 80 04 00 05 80 0e 00 80 03 00 00 24 0a 01 00 00
Aug 26 18:33:06.636709: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 02
Aug 26 18:33:06.636721: | 80 03 00 03 80 04 00 05 80 0e 01 00 03 00 00 24
Aug 26 18:33:06.636733: | 0b 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:06.636745: | 80 02 00 02 80 03 00 03 80 04 00 05 80 0e 00 80
Aug 26 18:33:06.636756: | 03 00 00 20 0c 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:06.636768: | 80 01 00 05 80 02 00 04 80 03 00 03 80 04 00 0e
Aug 26 18:33:06.636780: | 03 00 00 20 0d 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:06.636791: | 80 01 00 05 80 02 00 06 80 03 00 03 80 04 00 0e
Aug 26 18:33:06.636803: | 03 00 00 20 0e 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:06.636814: | 80 01 00 05 80 02 00 02 80 03 00 03 80 04 00 0e
Aug 26 18:33:06.636826: | 03 00 00 20 0f 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:06.636838: | 80 01 00 05 80 02 00 04 80 03 00 03 80 04 00 05
Aug 26 18:33:06.636850: | 03 00 00 20 10 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:06.636862: | 80 01 00 05 80 02 00 06 80 03 00 03 80 04 00 05
Aug 26 18:33:06.636873: | 00 00 00 20 11 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:06.636885: | 80 01 00 05 80 02 00 02 80 03 00 03 80 04 00 05
Aug 26 18:33:06.636897: | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f
Aug 26 18:33:06.636909: | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9
Aug 26 18:33:06.636921: | 6b 86 96 fc 77 57 01 00 0d 00 00 14 4a 13 1c 81
Aug 26 18:33:06.636933: | 07 03 58 45 5c 57 28 f2 0e 95 45 2f 0d 00 00 14
Aug 26 18:33:06.636944: | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56
Aug 26 18:33:06.636956: | 0d 00 00 14 90 cb 80 91 3e bb 69 6e 08 63 81 b5
Aug 26 18:33:06.636968: | ec 42 7b 1f 00 00 00 14 cd 60 46 43 35 df 21 f8
Aug 26 18:33:06.636980: | 7c fd b2 fc 68 b6 a4 48
Aug 26 18:33:06.637029: ERROR: "northnet-eastnet-b" #3: sendto on eth1 to 192.1.2.23:500 failed in EVENT_RETRANSMIT. Errno 113: No route to host
Aug 26 18:33:06.637050: | libevent_free: release ptr-libevent@0x55c66d95d888
Aug 26 18:33:06.637065: | free_event_entry: release EVENT_RETRANSMIT-pe@0x55c66d94da38
Aug 26 18:33:06.637102: | #3 spent 1.02 milliseconds in timer_event_cb() EVENT_RETRANSMIT
Aug 26 18:33:06.637126: | stop processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in timer_event_cb() at timer.c:557)
Aug 26 18:33:07.637311: | timer_event_cb: processing event@0x55c66d954c08
Aug 26 18:33:07.637325: | handling event EVENT_RETRANSMIT for parent state #3
Aug 26 18:33:07.637331: | start processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in timer_event_cb() at timer.c:250)
Aug 26 18:33:07.637334: | IKEv1 retransmit event
Aug 26 18:33:07.637338: | [RE]START processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:61)
Aug 26 18:33:07.637342: | handling event EVENT_RETRANSMIT for 192.1.2.23 "northnet-eastnet-b" #3 keying attempt 1 of 0; retransmit 3
Aug 26 18:33:07.637347: | retransmits: current time 29673.379812; retransmit count 2 exceeds limit? NO; deltatime 2 exceeds limit? NO; monotime 1.962813 exceeds limit? NO
Aug 26 18:33:07.637350: | event_schedule: new EVENT_RETRANSMIT-pe@0x55c66d94da38
Aug 26 18:33:07.637353: | inserting event EVENT_RETRANSMIT, timeout in 2 seconds for #3
Aug 26 18:33:07.637357: | libevent_malloc: new ptr-libevent@0x55c66d95d888 size 128
Aug 26 18:33:07.637361: "northnet-eastnet-b" #3: STATE_MAIN_I1: retransmission; will wait 2 seconds for response
Aug 26 18:33:07.637366: | sending 792 bytes for EVENT_RETRANSMIT through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #3)
Aug 26 18:33:07.637369: | 09 eb 5d d0 b4 d5 55 61 00 00 00 00 00 00 00 00
Aug 26 18:33:07.637371: | 01 10 02 00 00 00 00 00 00 00 03 18 0d 00 02 84
Aug 26 18:33:07.637373: | 00 00 00 01 00 00 00 01 00 00 02 78 00 01 00 12
Aug 26 18:33:07.637374: | 03 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:07.637376: | 80 01 00 07 80 02 00 04 80 03 00 03 80 04 00 0e
Aug 26 18:33:07.637378: | 80 0e 01 00 03 00 00 24 01 01 00 00 80 0b 00 01
Aug 26 18:33:07.637380: | 80 0c 0e 10 80 01 00 07 80 02 00 04 80 03 00 03
Aug 26 18:33:07.637382: | 80 04 00 0e 80 0e 00 80 03 00 00 24 02 01 00 00
Aug 26 18:33:07.637384: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 06
Aug 26 18:33:07.637385: | 80 03 00 03 80 04 00 0e 80 0e 01 00 03 00 00 24
Aug 26 18:33:07.637387: | 03 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:07.637389: | 80 02 00 06 80 03 00 03 80 04 00 0e 80 0e 00 80
Aug 26 18:33:07.637391: | 03 00 00 24 04 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:07.637393: | 80 01 00 07 80 02 00 02 80 03 00 03 80 04 00 0e
Aug 26 18:33:07.637395: | 80 0e 01 00 03 00 00 24 05 01 00 00 80 0b 00 01
Aug 26 18:33:07.637396: | 80 0c 0e 10 80 01 00 07 80 02 00 02 80 03 00 03
Aug 26 18:33:07.637398: | 80 04 00 0e 80 0e 00 80 03 00 00 24 06 01 00 00
Aug 26 18:33:07.637400: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 04
Aug 26 18:33:07.637402: | 80 03 00 03 80 04 00 05 80 0e 01 00 03 00 00 24
Aug 26 18:33:07.637404: | 07 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:07.637406: | 80 02 00 04 80 03 00 03 80 04 00 05 80 0e 00 80
Aug 26 18:33:07.637407: | 03 00 00 24 08 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:07.637409: | 80 01 00 07 80 02 00 06 80 03 00 03 80 04 00 05
Aug 26 18:33:07.637411: | 80 0e 01 00 03 00 00 24 09 01 00 00 80 0b 00 01
Aug 26 18:33:07.637413: | 80 0c 0e 10 80 01 00 07 80 02 00 06 80 03 00 03
Aug 26 18:33:07.637415: | 80 04 00 05 80 0e 00 80 03 00 00 24 0a 01 00 00
Aug 26 18:33:07.637416: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 02
Aug 26 18:33:07.637418: | 80 03 00 03 80 04 00 05 80 0e 01 00 03 00 00 24
Aug 26 18:33:07.637420: | 0b 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:07.637422: | 80 02 00 02 80 03 00 03 80 04 00 05 80 0e 00 80
Aug 26 18:33:07.637424: | 03 00 00 20 0c 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:07.637426: | 80 01 00 05 80 02 00 04 80 03 00 03 80 04 00 0e
Aug 26 18:33:07.637427: | 03 00 00 20 0d 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:07.637432: | 80 01 00 05 80 02 00 06 80 03 00 03 80 04 00 0e
Aug 26 18:33:07.637434: | 03 00 00 20 0e 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:07.637436: | 80 01 00 05 80 02 00 02 80 03 00 03 80 04 00 0e
Aug 26 18:33:07.637438: | 03 00 00 20 0f 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:07.637439: | 80 01 00 05 80 02 00 04 80 03 00 03 80 04 00 05
Aug 26 18:33:07.637441: | 03 00 00 20 10 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:07.637443: | 80 01 00 05 80 02 00 06 80 03 00 03 80 04 00 05
Aug 26 18:33:07.637445: | 00 00 00 20 11 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:07.637447: | 80 01 00 05 80 02 00 02 80 03 00 03 80 04 00 05
Aug 26 18:33:07.637449: | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f
Aug 26 18:33:07.637450: | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9
Aug 26 18:33:07.637452: | 6b 86 96 fc 77 57 01 00 0d 00 00 14 4a 13 1c 81
Aug 26 18:33:07.637454: | 07 03 58 45 5c 57 28 f2 0e 95 45 2f 0d 00 00 14
Aug 26 18:33:07.637456: | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56
Aug 26 18:33:07.637458: | 0d 00 00 14 90 cb 80 91 3e bb 69 6e 08 63 81 b5
Aug 26 18:33:07.637460: | ec 42 7b 1f 00 00 00 14 cd 60 46 43 35 df 21 f8
Aug 26 18:33:07.637461: | 7c fd b2 fc 68 b6 a4 48
Aug 26 18:33:07.637475: ERROR: "northnet-eastnet-b" #3: sendto on eth1 to 192.1.2.23:500 failed in EVENT_RETRANSMIT. Errno 113: No route to host
Aug 26 18:33:07.637478: | libevent_free: release ptr-libevent@0x55c66d960ba8
Aug 26 18:33:07.637481: | free_event_entry: release EVENT_RETRANSMIT-pe@0x55c66d954c08
Aug 26 18:33:07.637488: | #3 spent 0.177 milliseconds in timer_event_cb() EVENT_RETRANSMIT
Aug 26 18:33:07.637494: | stop processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in timer_event_cb() at timer.c:557)
Aug 26 18:33:09.639351: | timer_event_cb: processing event@0x55c66d94da38
Aug 26 18:33:09.639372: | handling event EVENT_RETRANSMIT for parent state #3
Aug 26 18:33:09.639383: | start processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in timer_event_cb() at timer.c:250)
Aug 26 18:33:09.639387: | IKEv1 retransmit event
Aug 26 18:33:09.639393: | [RE]START processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:61)
Aug 26 18:33:09.639398: | handling event EVENT_RETRANSMIT for 192.1.2.23 "northnet-eastnet-b" #3 keying attempt 1 of 0; retransmit 4
Aug 26 18:33:09.639406: | retransmits: current time 29675.381869; retransmit count 3 exceeds limit? NO; deltatime 4 exceeds limit? NO; monotime 3.96487 exceeds limit? NO
Aug 26 18:33:09.639410: | event_schedule: new EVENT_RETRANSMIT-pe@0x55c66d954c08
Aug 26 18:33:09.639415: | inserting event EVENT_RETRANSMIT, timeout in 4 seconds for #3
Aug 26 18:33:09.639419: | libevent_malloc: new ptr-libevent@0x55c66d960ba8 size 128
Aug 26 18:33:09.639425: "northnet-eastnet-b" #3: STATE_MAIN_I1: retransmission; will wait 4 seconds for response
Aug 26 18:33:09.639432: | sending 792 bytes for EVENT_RETRANSMIT through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #3)
Aug 26 18:33:09.639436: | 09 eb 5d d0 b4 d5 55 61 00 00 00 00 00 00 00 00
Aug 26 18:33:09.639438: | 01 10 02 00 00 00 00 00 00 00 03 18 0d 00 02 84
Aug 26 18:33:09.639441: | 00 00 00 01 00 00 00 01 00 00 02 78 00 01 00 12
Aug 26 18:33:09.639444: | 03 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:09.639447: | 80 01 00 07 80 02 00 04 80 03 00 03 80 04 00 0e
Aug 26 18:33:09.639449: | 80 0e 01 00 03 00 00 24 01 01 00 00 80 0b 00 01
Aug 26 18:33:09.639452: | 80 0c 0e 10 80 01 00 07 80 02 00 04 80 03 00 03
Aug 26 18:33:09.639455: | 80 04 00 0e 80 0e 00 80 03 00 00 24 02 01 00 00
Aug 26 18:33:09.639457: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 06
Aug 26 18:33:09.639460: | 80 03 00 03 80 04 00 0e 80 0e 01 00 03 00 00 24
Aug 26 18:33:09.639463: | 03 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:09.639465: | 80 02 00 06 80 03 00 03 80 04 00 0e 80 0e 00 80
Aug 26 18:33:09.639473: | 03 00 00 24 04 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:09.639476: | 80 01 00 07 80 02 00 02 80 03 00 03 80 04 00 0e
Aug 26 18:33:09.639479: | 80 0e 01 00 03 00 00 24 05 01 00 00 80 0b 00 01
Aug 26 18:33:09.639482: | 80 0c 0e 10 80 01 00 07 80 02 00 02 80 03 00 03
Aug 26 18:33:09.639484: | 80 04 00 0e 80 0e 00 80 03 00 00 24 06 01 00 00
Aug 26 18:33:09.639487: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 04
Aug 26 18:33:09.639490: | 80 03 00 03 80 04 00 05 80 0e 01 00 03 00 00 24
Aug 26 18:33:09.639492: | 07 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:09.639495: | 80 02 00 04 80 03 00 03 80 04 00 05 80 0e 00 80
Aug 26 18:33:09.639498: | 03 00 00 24 08 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:09.639500: | 80 01 00 07 80 02 00 06 80 03 00 03 80 04 00 05
Aug 26 18:33:09.639503: | 80 0e 01 00 03 00 00 24 09 01 00 00 80 0b 00 01
Aug 26 18:33:09.639506: | 80 0c 0e 10 80 01 00 07 80 02 00 06 80 03 00 03
Aug 26 18:33:09.639509: | 80 04 00 05 80 0e 00 80 03 00 00 24 0a 01 00 00
Aug 26 18:33:09.639511: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 02
Aug 26 18:33:09.639514: | 80 03 00 03 80 04 00 05 80 0e 01 00 03 00 00 24
Aug 26 18:33:09.639517: | 0b 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:09.639519: | 80 02 00 02 80 03 00 03 80 04 00 05 80 0e 00 80
Aug 26 18:33:09.639522: | 03 00 00 20 0c 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:09.639525: | 80 01 00 05 80 02 00 04 80 03 00 03 80 04 00 0e
Aug 26 18:33:09.639527: | 03 00 00 20 0d 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:09.639530: | 80 01 00 05 80 02 00 06 80 03 00 03 80 04 00 0e
Aug 26 18:33:09.639533: | 03 00 00 20 0e 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:09.639535: | 80 01 00 05 80 02 00 02 80 03 00 03 80 04 00 0e
Aug 26 18:33:09.639538: | 03 00 00 20 0f 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:09.639541: | 80 01 00 05 80 02 00 04 80 03 00 03 80 04 00 05
Aug 26 18:33:09.639543: | 03 00 00 20 10 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:09.639546: | 80 01 00 05 80 02 00 06 80 03 00 03 80 04 00 05
Aug 26 18:33:09.639549: | 00 00 00 20 11 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:09.639551: | 80 01 00 05 80 02 00 02 80 03 00 03 80 04 00 05
Aug 26 18:33:09.639554: | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f
Aug 26 18:33:09.639557: | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9
Aug 26 18:33:09.639559: | 6b 86 96 fc 77 57 01 00 0d 00 00 14 4a 13 1c 81
Aug 26 18:33:09.639562: | 07 03 58 45 5c 57 28 f2 0e 95 45 2f 0d 00 00 14
Aug 26 18:33:09.639565: | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56
Aug 26 18:33:09.639567: | 0d 00 00 14 90 cb 80 91 3e bb 69 6e 08 63 81 b5
Aug 26 18:33:09.639570: | ec 42 7b 1f 00 00 00 14 cd 60 46 43 35 df 21 f8
Aug 26 18:33:09.639573: | 7c fd b2 fc 68 b6 a4 48
Aug 26 18:33:09.639591: ERROR: "northnet-eastnet-b" #3: sendto on eth1 to 192.1.2.23:500 failed in EVENT_RETRANSMIT. Errno 113: No route to host
Aug 26 18:33:09.639596: | libevent_free: release ptr-libevent@0x55c66d95d888
Aug 26 18:33:09.639600: | free_event_entry: release EVENT_RETRANSMIT-pe@0x55c66d94da38
Aug 26 18:33:09.639609: | #3 spent 0.259 milliseconds in timer_event_cb() EVENT_RETRANSMIT
Aug 26 18:33:09.639614: | stop processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in timer_event_cb() at timer.c:557)
Aug 26 18:33:12.253419: | processing global timer EVENT_SHUNT_SCAN
Aug 26 18:33:12.253484: | expiring aged bare shunts from shunt table
Aug 26 18:33:12.253516: | spent 0.0267 milliseconds in global timer EVENT_SHUNT_SCAN
Aug 26 18:33:12.599899: | processing global timer EVENT_NAT_T_KEEPALIVE
Aug 26 18:33:12.599922: | FOR_EACH_STATE_... in nat_traversal_ka_event (for_each_state)
Aug 26 18:33:12.599931: | start processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in for_each_state() at state.c:1575)
Aug 26 18:33:12.599935: | not behind NAT: no NAT-T KEEP-ALIVE required for conn northnet-eastnet-b
Aug 26 18:33:12.599945: | stop processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in for_each_state() at state.c:1577)
Aug 26 18:33:12.599952: | spent 0.0295 milliseconds in global timer EVENT_NAT_T_KEEPALIVE
Aug 26 18:33:12.599965: | spent 0.00279 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
Aug 26 18:33:12.599979: | NAT-T keep-alive (bogus ?) should not reach this point. Ignored. Sender: 192.1.2.23:500
Aug 26 18:33:12.599985: | spent 0.0139 milliseconds in comm_handle_cb() reading and processing packet
Aug 26 18:33:13.641352: | timer_event_cb: processing event@0x55c66d954c08
Aug 26 18:33:13.641379: | handling event EVENT_RETRANSMIT for parent state #3
Aug 26 18:33:13.641386: | start processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in timer_event_cb() at timer.c:250)
Aug 26 18:33:13.641388: | IKEv1 retransmit event
Aug 26 18:33:13.641391: | [RE]START processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:61)
Aug 26 18:33:13.641395: | handling event EVENT_RETRANSMIT for 192.1.2.23 "northnet-eastnet-b" #3 keying attempt 1 of 0; retransmit 5
Aug 26 18:33:13.641399: | retransmits: current time 29679.383864; retransmit count 4 exceeds limit? NO; deltatime 8 exceeds limit? NO; monotime 7.966865 exceeds limit? NO
Aug 26 18:33:13.641402: | event_schedule: new EVENT_RETRANSMIT-pe@0x55c66d94da38
Aug 26 18:33:13.641404: | inserting event EVENT_RETRANSMIT, timeout in 8 seconds for #3
Aug 26 18:33:13.641407: | libevent_malloc: new ptr-libevent@0x55c66d95d888 size 128
Aug 26 18:33:13.641410: "northnet-eastnet-b" #3: STATE_MAIN_I1: retransmission; will wait 8 seconds for response
Aug 26 18:33:13.641415: | sending 792 bytes for EVENT_RETRANSMIT through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #3)
Aug 26 18:33:13.641416: | 09 eb 5d d0 b4 d5 55 61 00 00 00 00 00 00 00 00
Aug 26 18:33:13.641418: | 01 10 02 00 00 00 00 00 00 00 03 18 0d 00 02 84
Aug 26 18:33:13.641419: | 00 00 00 01 00 00 00 01 00 00 02 78 00 01 00 12
Aug 26 18:33:13.641421: | 03 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:13.641422: | 80 01 00 07 80 02 00 04 80 03 00 03 80 04 00 0e
Aug 26 18:33:13.641424: | 80 0e 01 00 03 00 00 24 01 01 00 00 80 0b 00 01
Aug 26 18:33:13.641425: | 80 0c 0e 10 80 01 00 07 80 02 00 04 80 03 00 03
Aug 26 18:33:13.641427: | 80 04 00 0e 80 0e 00 80 03 00 00 24 02 01 00 00
Aug 26 18:33:13.641428: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 06
Aug 26 18:33:13.641430: | 80 03 00 03 80 04 00 0e 80 0e 01 00 03 00 00 24
Aug 26 18:33:13.641431: | 03 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:13.641433: | 80 02 00 06 80 03 00 03 80 04 00 0e 80 0e 00 80
Aug 26 18:33:13.641434: | 03 00 00 24 04 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:13.641435: | 80 01 00 07 80 02 00 02 80 03 00 03 80 04 00 0e
Aug 26 18:33:13.641437: | 80 0e 01 00 03 00 00 24 05 01 00 00 80 0b 00 01
Aug 26 18:33:13.641438: | 80 0c 0e 10 80 01 00 07 80 02 00 02 80 03 00 03
Aug 26 18:33:13.641440: | 80 04 00 0e 80 0e 00 80 03 00 00 24 06 01 00 00
Aug 26 18:33:13.641441: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 04
Aug 26 18:33:13.641443: | 80 03 00 03 80 04 00 05 80 0e 01 00 03 00 00 24
Aug 26 18:33:13.641444: | 07 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:13.641446: | 80 02 00 04 80 03 00 03 80 04 00 05 80 0e 00 80
Aug 26 18:33:13.641447: | 03 00 00 24 08 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:13.641449: | 80 01 00 07 80 02 00 06 80 03 00 03 80 04 00 05
Aug 26 18:33:13.641450: | 80 0e 01 00 03 00 00 24 09 01 00 00 80 0b 00 01
Aug 26 18:33:13.641452: | 80 0c 0e 10 80 01 00 07 80 02 00 06 80 03 00 03
Aug 26 18:33:13.641453: | 80 04 00 05 80 0e 00 80 03 00 00 24 0a 01 00 00
Aug 26 18:33:13.641454: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 02
Aug 26 18:33:13.641456: | 80 03 00 03 80 04 00 05 80 0e 01 00 03 00 00 24
Aug 26 18:33:13.641461: | 0b 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:13.641463: | 80 02 00 02 80 03 00 03 80 04 00 05 80 0e 00 80
Aug 26 18:33:13.641465: | 03 00 00 20 0c 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:13.641466: | 80 01 00 05 80 02 00 04 80 03 00 03 80 04 00 0e
Aug 26 18:33:13.641467: | 03 00 00 20 0d 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:13.641469: | 80 01 00 05 80 02 00 06 80 03 00 03 80 04 00 0e
Aug 26 18:33:13.641470: | 03 00 00 20 0e 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:13.641472: | 80 01 00 05 80 02 00 02 80 03 00 03 80 04 00 0e
Aug 26 18:33:13.641473: | 03 00 00 20 0f 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:13.641475: | 80 01 00 05 80 02 00 04 80 03 00 03 80 04 00 05
Aug 26 18:33:13.641476: | 03 00 00 20 10 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:13.641478: | 80 01 00 05 80 02 00 06 80 03 00 03 80 04 00 05
Aug 26 18:33:13.641479: | 00 00 00 20 11 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:13.641481: | 80 01 00 05 80 02 00 02 80 03 00 03 80 04 00 05
Aug 26 18:33:13.641482: | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f
Aug 26 18:33:13.641484: | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9
Aug 26 18:33:13.641485: | 6b 86 96 fc 77 57 01 00 0d 00 00 14 4a 13 1c 81
Aug 26 18:33:13.641487: | 07 03 58 45 5c 57 28 f2 0e 95 45 2f 0d 00 00 14
Aug 26 18:33:13.641488: | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56
Aug 26 18:33:13.641489: | 0d 00 00 14 90 cb 80 91 3e bb 69 6e 08 63 81 b5
Aug 26 18:33:13.641491: | ec 42 7b 1f 00 00 00 14 cd 60 46 43 35 df 21 f8
Aug 26 18:33:13.641492: | 7c fd b2 fc 68 b6 a4 48
Aug 26 18:33:13.641504: ERROR: "northnet-eastnet-b" #3: sendto on eth1 to 192.1.2.23:500 failed in EVENT_RETRANSMIT. Errno 113: No route to host
Aug 26 18:33:13.641507: | libevent_free: release ptr-libevent@0x55c66d960ba8
Aug 26 18:33:13.641509: | free_event_entry: release EVENT_RETRANSMIT-pe@0x55c66d954c08
Aug 26 18:33:13.641515: | #3 spent 0.164 milliseconds in timer_event_cb() EVENT_RETRANSMIT
Aug 26 18:33:13.641518: | stop processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in timer_event_cb() at timer.c:557)
Aug 26 18:33:21.649346: | timer_event_cb: processing event@0x55c66d94da38
Aug 26 18:33:21.649361: | handling event EVENT_RETRANSMIT for parent state #3
Aug 26 18:33:21.649367: | start processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in timer_event_cb() at timer.c:250)
Aug 26 18:33:21.649370: | IKEv1 retransmit event
Aug 26 18:33:21.649373: | [RE]START processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:61)
Aug 26 18:33:21.649376: | handling event EVENT_RETRANSMIT for 192.1.2.23 "northnet-eastnet-b" #3 keying attempt 1 of 0; retransmit 6
Aug 26 18:33:21.649380: | retransmits: current time 29687.391845; retransmit count 5 exceeds limit? NO; deltatime 16 exceeds limit? NO; monotime 15.974846 exceeds limit? NO
Aug 26 18:33:21.649383: | event_schedule: new EVENT_RETRANSMIT-pe@0x55c66d954c08
Aug 26 18:33:21.649385: | inserting event EVENT_RETRANSMIT, timeout in 16 seconds for #3
Aug 26 18:33:21.649388: | libevent_malloc: new ptr-libevent@0x55c66d960ba8 size 128
Aug 26 18:33:21.649391: "northnet-eastnet-b" #3: STATE_MAIN_I1: retransmission; will wait 16 seconds for response
Aug 26 18:33:21.649395: | sending 792 bytes for EVENT_RETRANSMIT through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #3)
Aug 26 18:33:21.649397: | 09 eb 5d d0 b4 d5 55 61 00 00 00 00 00 00 00 00
Aug 26 18:33:21.649399: | 01 10 02 00 00 00 00 00 00 00 03 18 0d 00 02 84
Aug 26 18:33:21.649400: | 00 00 00 01 00 00 00 01 00 00 02 78 00 01 00 12
Aug 26 18:33:21.649402: | 03 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:21.649403: | 80 01 00 07 80 02 00 04 80 03 00 03 80 04 00 0e
Aug 26 18:33:21.649405: | 80 0e 01 00 03 00 00 24 01 01 00 00 80 0b 00 01
Aug 26 18:33:21.649406: | 80 0c 0e 10 80 01 00 07 80 02 00 04 80 03 00 03
Aug 26 18:33:21.649411: | 80 04 00 0e 80 0e 00 80 03 00 00 24 02 01 00 00
Aug 26 18:33:21.649412: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 06
Aug 26 18:33:21.649414: | 80 03 00 03 80 04 00 0e 80 0e 01 00 03 00 00 24
Aug 26 18:33:21.649415: | 03 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:21.649417: | 80 02 00 06 80 03 00 03 80 04 00 0e 80 0e 00 80
Aug 26 18:33:21.649418: | 03 00 00 24 04 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:21.649420: | 80 01 00 07 80 02 00 02 80 03 00 03 80 04 00 0e
Aug 26 18:33:21.649421: | 80 0e 01 00 03 00 00 24 05 01 00 00 80 0b 00 01
Aug 26 18:33:21.649423: | 80 0c 0e 10 80 01 00 07 80 02 00 02 80 03 00 03
Aug 26 18:33:21.649424: | 80 04 00 0e 80 0e 00 80 03 00 00 24 06 01 00 00
Aug 26 18:33:21.649426: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 04
Aug 26 18:33:21.649427: | 80 03 00 03 80 04 00 05 80 0e 01 00 03 00 00 24
Aug 26 18:33:21.649429: | 07 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:21.649430: | 80 02 00 04 80 03 00 03 80 04 00 05 80 0e 00 80
Aug 26 18:33:21.649432: | 03 00 00 24 08 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:21.649433: | 80 01 00 07 80 02 00 06 80 03 00 03 80 04 00 05
Aug 26 18:33:21.649435: | 80 0e 01 00 03 00 00 24 09 01 00 00 80 0b 00 01
Aug 26 18:33:21.649436: | 80 0c 0e 10 80 01 00 07 80 02 00 06 80 03 00 03
Aug 26 18:33:21.649438: | 80 04 00 05 80 0e 00 80 03 00 00 24 0a 01 00 00
Aug 26 18:33:21.649439: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 02
Aug 26 18:33:21.649441: | 80 03 00 03 80 04 00 05 80 0e 01 00 03 00 00 24
Aug 26 18:33:21.649442: | 0b 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:21.649444: | 80 02 00 02 80 03 00 03 80 04 00 05 80 0e 00 80
Aug 26 18:33:21.649445: | 03 00 00 20 0c 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:21.649447: | 80 01 00 05 80 02 00 04 80 03 00 03 80 04 00 0e
Aug 26 18:33:21.649448: | 03 00 00 20 0d 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:21.649450: | 80 01 00 05 80 02 00 06 80 03 00 03 80 04 00 0e
Aug 26 18:33:21.649451: | 03 00 00 20 0e 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:21.649453: | 80 01 00 05 80 02 00 02 80 03 00 03 80 04 00 0e
Aug 26 18:33:21.649454: | 03 00 00 20 0f 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:21.649456: | 80 01 00 05 80 02 00 04 80 03 00 03 80 04 00 05
Aug 26 18:33:21.649457: | 03 00 00 20 10 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:21.649459: | 80 01 00 05 80 02 00 06 80 03 00 03 80 04 00 05
Aug 26 18:33:21.649460: | 00 00 00 20 11 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:21.649462: | 80 01 00 05 80 02 00 02 80 03 00 03 80 04 00 05
Aug 26 18:33:21.649463: | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f
Aug 26 18:33:21.649465: | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9
Aug 26 18:33:21.649466: | 6b 86 96 fc 77 57 01 00 0d 00 00 14 4a 13 1c 81
Aug 26 18:33:21.649468: | 07 03 58 45 5c 57 28 f2 0e 95 45 2f 0d 00 00 14
Aug 26 18:33:21.649469: | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56
Aug 26 18:33:21.649471: | 0d 00 00 14 90 cb 80 91 3e bb 69 6e 08 63 81 b5
Aug 26 18:33:21.649472: | ec 42 7b 1f 00 00 00 14 cd 60 46 43 35 df 21 f8
Aug 26 18:33:21.649474: | 7c fd b2 fc 68 b6 a4 48
Aug 26 18:33:21.649485: ERROR: "northnet-eastnet-b" #3: sendto on eth1 to 192.1.2.23:500 failed in EVENT_RETRANSMIT. Errno 113: No route to host
Aug 26 18:33:21.649488: | libevent_free: release ptr-libevent@0x55c66d95d888
Aug 26 18:33:21.649490: | free_event_entry: release EVENT_RETRANSMIT-pe@0x55c66d94da38
Aug 26 18:33:21.649496: | #3 spent 0.151 milliseconds in timer_event_cb() EVENT_RETRANSMIT
Aug 26 18:33:21.649499: | stop processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in timer_event_cb() at timer.c:557)
Aug 26 18:33:32.263208: | processing global timer EVENT_SHUNT_SCAN
Aug 26 18:33:32.263242: | expiring aged bare shunts from shunt table
Aug 26 18:33:32.263252: | spent 0.00807 milliseconds in global timer EVENT_SHUNT_SCAN
Aug 26 18:33:32.601758: | spent 0.0111 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
Aug 26 18:33:32.601830: | NAT-T keep-alive (bogus ?) should not reach this point. Ignored. Sender: 192.1.2.23:500
Aug 26 18:33:32.601847: | spent 0.0392 milliseconds in comm_handle_cb() reading and processing packet
Aug 26 18:33:35.232714: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722)
Aug 26 18:33:35.233158: | FOR_EACH_CONNECTION_... in show_connections_status
Aug 26 18:33:35.233163: | FOR_EACH_CONNECTION_... in show_connections_status
Aug 26 18:33:35.233284: | FOR_EACH_STATE_... in show_states_status (sort_states)
Aug 26 18:33:35.233301: | FOR_EACH_STATE_... in sort_states
Aug 26 18:33:35.233321: | close_any(fd@16) (in whack_process() at rcv_whack.c:700)
Aug 26 18:33:35.233327: | spent 0.61 milliseconds in whack
Aug 26 18:33:35.285667: | kernel_process_msg_cb process netlink message
Aug 26 18:33:35.285685: | netlink_get: XFRM_MSG_UPDPOLICY message
Aug 26 18:33:35.285691: | spent 0.00781 milliseconds in kernel message
Aug 26 18:33:36.461761: | kernel_process_msg_cb process netlink message
Aug 26 18:33:36.461792: | netlink_get: XFRM_MSG_ACQUIRE message
Aug 26 18:33:36.461794: | xfrm netlink msg len 376
Aug 26 18:33:36.461796: | xfrm acquire rtattribute type 5
Aug 26 18:33:36.461797: | xfrm acquire rtattribute type 16
Aug 26 18:33:36.461807: | add bare shunt 0x55c66d949fb8 192.0.3.254/32:8 --1--> 192.0.22.254/32:0 => %hold 0 %acquire-netlink
Aug 26 18:33:36.461812: initiate on demand from 192.0.3.254:8 to 192.0.22.254:0 proto=1 because: acquire
Aug 26 18:33:36.461815: | find_connection: looking for policy for connection: 192.0.3.254:1/8 -> 192.0.22.254:1/0
Aug 26 18:33:36.461817: | FOR_EACH_CONNECTION_... in find_connection_for_clients
Aug 26 18:33:36.461821: | find_connection: conn "north-a-dpd" has compatible peers: 192.0.3.0/24 -> 192.0.22.0/24 [pri: 25214986]
Aug 26 18:33:36.461823: | find_connection: first OK "north-a-dpd" [pri:25214986]{0x55c66d948e48} (child none)
Aug 26 18:33:36.461825: | find_connection: concluding with "north-a-dpd" [pri:25214986]{0x55c66d948e48} kind=CK_PERMANENT
Aug 26 18:33:36.461828: | assign hold, routing was prospective erouted, needs to be erouted HOLD
Aug 26 18:33:36.461829: | assign_holdpass() need broad(er) shunt
Aug 26 18:33:36.461831: | priority calculation of connection "north-a-dpd" is 0xfe7e7
Aug 26 18:33:36.461835: | eroute_connection replace %trap with broad %pass or %hold eroute 192.0.3.0/24:0 --0-> 192.0.22.0/24:0 => %hold>%hold (raw_eroute)
Aug 26 18:33:36.461840: | netlink_raw_eroute: SPI_HOLD implemented as no-op
Aug 26 18:33:36.461842: | raw_eroute result=success
Aug 26 18:33:36.461843: | assign_holdpass() eroute_connection() done
Aug 26 18:33:36.461845: | fiddle_bare_shunt called
Aug 26 18:33:36.461847: | fiddle_bare_shunt with transport_proto 1
Aug 26 18:33:36.461848: | removing specific host-to-host bare shunt
Aug 26 18:33:36.461851: | delete narrow %hold eroute 192.0.3.254/32:8 --1-> 192.0.22.254/32:0 => %hold (raw_eroute)
Aug 26 18:33:36.461853: | netlink_raw_eroute: SPI_PASS
Aug 26 18:33:36.461868: | raw_eroute result=success
Aug 26 18:33:36.461870: | raw_eroute with op='delete' for transport_proto='1' kernel shunt succeeded, bare shunt lookup succeeded
Aug 26 18:33:36.461874: | delete bare shunt 0x55c66d949fb8 192.0.3.254/32:8 --1--> 192.0.22.254/32:0 => %hold 0 %acquire-netlink
Aug 26 18:33:36.461876: assign_holdpass() delete_bare_shunt() failed
Aug 26 18:33:36.461877: initiate_ondemand_body() failed to install negotiation_shunt,
Aug 26 18:33:36.461879: | FOR_EACH_STATE_... in find_phase1_state
Aug 26 18:33:36.461883: | Ignored already queued up pending IPsec SA negotiation with 192.1.2.23 "north-a-dpd"
Aug 26 18:33:36.461886: | initiate on demand using RSASIG from 192.0.3.254 to 192.0.22.254
Aug 26 18:33:36.461891: | spent 0.101 milliseconds in kernel message
Aug 26 18:33:37.650316: | timer_event_cb: processing event@0x55c66d954c08
Aug 26 18:33:37.650335: | handling event EVENT_RETRANSMIT for parent state #3
Aug 26 18:33:37.650345: | start processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in timer_event_cb() at timer.c:250)
Aug 26 18:33:37.650349: | IKEv1 retransmit event
Aug 26 18:33:37.650352: | [RE]START processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in retransmit_v1_msg() at retry.c:61)
Aug 26 18:33:37.650356: | handling event EVENT_RETRANSMIT for 192.1.2.23 "northnet-eastnet-b" #3 keying attempt 1 of 0; retransmit 7
Aug 26 18:33:37.650361: | retransmits: current time 29703.392825; retransmit count 6 exceeds limit? NO; deltatime 32 exceeds limit? NO; monotime 31.975826 exceeds limit? NO
Aug 26 18:33:37.650364: | event_schedule: new EVENT_RETRANSMIT-pe@0x55c66d94da38
Aug 26 18:33:37.650367: | inserting event EVENT_RETRANSMIT, timeout in 32 seconds for #3
Aug 26 18:33:37.650370: | libevent_malloc: new ptr-libevent@0x55c66d95d888 size 128
Aug 26 18:33:37.650374: "northnet-eastnet-b" #3: STATE_MAIN_I1: retransmission; will wait 32 seconds for response
Aug 26 18:33:37.650379: | sending 792 bytes for EVENT_RETRANSMIT through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #3)
Aug 26 18:33:37.650381: | 09 eb 5d d0 b4 d5 55 61 00 00 00 00 00 00 00 00
Aug 26 18:33:37.650383: | 01 10 02 00 00 00 00 00 00 00 03 18 0d 00 02 84
Aug 26 18:33:37.650384: | 00 00 00 01 00 00 00 01 00 00 02 78 00 01 00 12
Aug 26 18:33:37.650386: | 03 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:37.650388: | 80 01 00 07 80 02 00 04 80 03 00 03 80 04 00 0e
Aug 26 18:33:37.650390: | 80 0e 01 00 03 00 00 24 01 01 00 00 80 0b 00 01
Aug 26 18:33:37.650391: | 80 0c 0e 10 80 01 00 07 80 02 00 04 80 03 00 03
Aug 26 18:33:37.650393: | 80 04 00 0e 80 0e 00 80 03 00 00 24 02 01 00 00
Aug 26 18:33:37.650395: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 06
Aug 26 18:33:37.650396: | 80 03 00 03 80 04 00 0e 80 0e 01 00 03 00 00 24
Aug 26 18:33:37.650398: | 03 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:37.650400: | 80 02 00 06 80 03 00 03 80 04 00 0e 80 0e 00 80
Aug 26 18:33:37.650402: | 03 00 00 24 04 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:37.650403: | 80 01 00 07 80 02 00 02 80 03 00 03 80 04 00 0e
Aug 26 18:33:37.650405: | 80 0e 01 00 03 00 00 24 05 01 00 00 80 0b 00 01
Aug 26 18:33:37.650407: | 80 0c 0e 10 80 01 00 07 80 02 00 02 80 03 00 03
Aug 26 18:33:37.650408: | 80 04 00 0e 80 0e 00 80 03 00 00 24 06 01 00 00
Aug 26 18:33:37.650410: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 04
Aug 26 18:33:37.650412: | 80 03 00 03 80 04 00 05 80 0e 01 00 03 00 00 24
Aug 26 18:33:37.650414: | 07 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:37.650415: | 80 02 00 04 80 03 00 03 80 04 00 05 80 0e 00 80
Aug 26 18:33:37.650417: | 03 00 00 24 08 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:37.650419: | 80 01 00 07 80 02 00 06 80 03 00 03 80 04 00 05
Aug 26 18:33:37.650420: | 80 0e 01 00 03 00 00 24 09 01 00 00 80 0b 00 01
Aug 26 18:33:37.650422: | 80 0c 0e 10 80 01 00 07 80 02 00 06 80 03 00 03
Aug 26 18:33:37.650424: | 80 04 00 05 80 0e 00 80 03 00 00 24 0a 01 00 00
Aug 26 18:33:37.650426: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 02
Aug 26 18:33:37.650427: | 80 03 00 03 80 04 00 05 80 0e 01 00 03 00 00 24
Aug 26 18:33:37.650429: | 0b 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:37.650431: | 80 02 00 02 80 03 00 03 80 04 00 05 80 0e 00 80
Aug 26 18:33:37.650432: | 03 00 00 20 0c 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:37.650434: | 80 01 00 05 80 02 00 04 80 03 00 03 80 04 00 0e
Aug 26 18:33:37.650436: | 03 00 00 20 0d 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:37.650438: | 80 01 00 05 80 02 00 06 80 03 00 03 80 04 00 0e
Aug 26 18:33:37.650439: | 03 00 00 20 0e 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:37.650441: | 80 01 00 05 80 02 00 02 80 03 00 03 80 04 00 0e
Aug 26 18:33:37.650443: | 03 00 00 20 0f 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:37.650446: | 80 01 00 05 80 02 00 04 80 03 00 03 80 04 00 05
Aug 26 18:33:37.650448: | 03 00 00 20 10 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:37.650449: | 80 01 00 05 80 02 00 06 80 03 00 03 80 04 00 05
Aug 26 18:33:37.650451: | 00 00 00 20 11 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:37.650453: | 80 01 00 05 80 02 00 02 80 03 00 03 80 04 00 05
Aug 26 18:33:37.650454: | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f
Aug 26 18:33:37.650456: | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9
Aug 26 18:33:37.650458: | 6b 86 96 fc 77 57 01 00 0d 00 00 14 4a 13 1c 81
Aug 26 18:33:37.650460: | 07 03 58 45 5c 57 28 f2 0e 95 45 2f 0d 00 00 14
Aug 26 18:33:37.650461: | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56
Aug 26 18:33:37.650463: | 0d 00 00 14 90 cb 80 91 3e bb 69 6e 08 63 81 b5
Aug 26 18:33:37.650465: | ec 42 7b 1f 00 00 00 14 cd 60 46 43 35 df 21 f8
Aug 26 18:33:37.650466: | 7c fd b2 fc 68 b6 a4 48
Aug 26 18:33:37.650745: | libevent_free: release ptr-libevent@0x55c66d960ba8
Aug 26 18:33:37.650750: | free_event_entry: release EVENT_RETRANSMIT-pe@0x55c66d954c08
Aug 26 18:33:37.650756: | #3 spent 0.442 milliseconds in timer_event_cb() EVENT_RETRANSMIT
Aug 26 18:33:37.650760: | stop processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in timer_event_cb() at timer.c:557)
Aug 26 18:33:37.651471: | spent 0.00234 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
Aug 26 18:33:37.651490: | *received 144 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500)
Aug 26 18:33:37.651494: | 09 eb 5d d0 b4 d5 55 61 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:37.651498: | 01 10 02 00 00 00 00 00 00 00 00 90 0d 00 00 38
Aug 26 18:33:37.651500: | 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01
Aug 26 18:33:37.651503: | 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:37.651506: | 80 01 00 07 80 02 00 04 80 03 00 03 80 04 00 0e
Aug 26 18:33:37.651509: | 80 0e 01 00 0d 00 00 14 40 48 b7 d5 6e bc e8 85
Aug 26 18:33:37.651512: | 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14 af ca d7 13
Aug 26 18:33:37.651515: | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14
Aug 26 18:33:37.651518: | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
Aug 26 18:33:37.651522: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378)
Aug 26 18:33:37.651524: | **parse ISAKMP Message:
Aug 26 18:33:37.651526: | initiator cookie:
Aug 26 18:33:37.651528: | 09 eb 5d d0 b4 d5 55 61
Aug 26 18:33:37.651530: | responder cookie:
Aug 26 18:33:37.651532: | 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:37.651534: | next payload type: ISAKMP_NEXT_SA (0x1)
Aug 26 18:33:37.651536: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:33:37.651538: | exchange type: ISAKMP_XCHG_IDPROT (0x2)
Aug 26 18:33:37.651540: | flags: none (0x0)
Aug 26 18:33:37.651542: | Message ID: 0 (0x0)
Aug 26 18:33:37.651544: | length: 144 (0x90)
Aug 26 18:33:37.651546: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2)
Aug 26 18:33:37.651548: | State DB: IKEv1 state not found (find_state_ikev1)
Aug 26 18:33:37.651551: | State DB: found IKEv1 state #3 in MAIN_I1 (find_state_ikev1_init)
Aug 26 18:33:37.651554: | start processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459)
Aug 26 18:33:37.651557: | #3 is idle
Aug 26 18:33:37.651558: | #3 idle
Aug 26 18:33:37.651561: | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080
Aug 26 18:33:37.651564: | ***parse ISAKMP Security Association Payload:
Aug 26 18:33:37.651566: | next payload type: ISAKMP_NEXT_VID (0xd)
Aug 26 18:33:37.651568: | length: 56 (0x38)
Aug 26 18:33:37.651569: | DOI: ISAKMP_DOI_IPSEC (0x1)
Aug 26 18:33:37.651572: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080
Aug 26 18:33:37.651574: | ***parse ISAKMP Vendor ID Payload:
Aug 26 18:33:37.651575: | next payload type: ISAKMP_NEXT_VID (0xd)
Aug 26 18:33:37.651577: | length: 20 (0x14)
Aug 26 18:33:37.651581: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080
Aug 26 18:33:37.651583: | ***parse ISAKMP Vendor ID Payload:
Aug 26 18:33:37.651585: | next payload type: ISAKMP_NEXT_VID (0xd)
Aug 26 18:33:37.651587: | length: 20 (0x14)
Aug 26 18:33:37.651589: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080
Aug 26 18:33:37.651590: | ***parse ISAKMP Vendor ID Payload:
Aug 26 18:33:37.651592: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.651594: | length: 20 (0x14)
Aug 26 18:33:37.651596: | message 'main_inR1_outI2' HASH payload not checked early
Aug 26 18:33:37.651600: | received Vendor ID payload [FRAGMENTATION]
Aug 26 18:33:37.651602: | received Vendor ID payload [Dead Peer Detection]
Aug 26 18:33:37.651604: | quirks.qnat_traversal_vid set to=117 [RFC 3947]
Aug 26 18:33:37.651606: | received Vendor ID payload [RFC 3947]
Aug 26 18:33:37.651609: | ****parse IPsec DOI SIT:
Aug 26 18:33:37.651612: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
Aug 26 18:33:37.651614: | ****parse ISAKMP Proposal Payload:
Aug 26 18:33:37.651615: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.651617: | length: 44 (0x2c)
Aug 26 18:33:37.651619: | proposal number: 0 (0x0)
Aug 26 18:33:37.651621: | protocol ID: PROTO_ISAKMP (0x1)
Aug 26 18:33:37.651623: | SPI size: 0 (0x0)
Aug 26 18:33:37.651625: | number of transforms: 1 (0x1)
Aug 26 18:33:37.651627: | *****parse ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:37.651629: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.651630: | length: 36 (0x24)
Aug 26 18:33:37.651632: | ISAKMP transform number: 0 (0x0)
Aug 26 18:33:37.651634: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:37.651636: | ******parse ISAKMP Oakley attribute:
Aug 26 18:33:37.651638: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:37.651640: | length/value: 1 (0x1)
Aug 26 18:33:37.651642: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:37.651644: | ******parse ISAKMP Oakley attribute:
Aug 26 18:33:37.651646: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:37.651648: | length/value: 3600 (0xe10)
Aug 26 18:33:37.651649: | ******parse ISAKMP Oakley attribute:
Aug 26 18:33:37.651651: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:37.651653: | length/value: 7 (0x7)
Aug 26 18:33:37.651655: | [7 is OAKLEY_AES_CBC]
Aug 26 18:33:37.651657: | ******parse ISAKMP Oakley attribute:
Aug 26 18:33:37.651659: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:37.651661: | length/value: 4 (0x4)
Aug 26 18:33:37.651663: | [4 is OAKLEY_SHA2_256]
Aug 26 18:33:37.651665: | ******parse ISAKMP Oakley attribute:
Aug 26 18:33:37.651667: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:37.651668: | length/value: 3 (0x3)
Aug 26 18:33:37.651670: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:37.651672: | ******parse ISAKMP Oakley attribute:
Aug 26 18:33:37.651674: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:37.651675: | length/value: 14 (0xe)
Aug 26 18:33:37.651677: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:37.651679: | ******parse ISAKMP Oakley attribute:
Aug 26 18:33:37.651681: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:33:37.651683: | length/value: 256 (0x100)
Aug 26 18:33:37.651685: | OAKLEY proposal verified unconditionally; no alg_info to check against
Aug 26 18:33:37.651687: | Oakley Transform 0 accepted
Aug 26 18:33:37.651689: | sender checking NAT-T: enabled; VID 117
Aug 26 18:33:37.651691: | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC
Aug 26 18:33:37.651693: | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Aug 26 18:33:37.651697: | adding outI2 KE work-order 5 for state #3
Aug 26 18:33:37.651699: | state #3 requesting EVENT_RETRANSMIT to be deleted
Aug 26 18:33:37.651701: | #3 STATE_MAIN_I1: retransmits: cleared
Aug 26 18:33:37.651704: | libevent_free: release ptr-libevent@0x55c66d95d888
Aug 26 18:33:37.651706: | free_event_entry: release EVENT_RETRANSMIT-pe@0x55c66d94da38
Aug 26 18:33:37.651710: | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55c66d94da38
Aug 26 18:33:37.651713: | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #3
Aug 26 18:33:37.651715: | libevent_malloc: new ptr-libevent@0x55c66d960ba8 size 128
Aug 26 18:33:37.651723: | complete v1 state transition with STF_SUSPEND
Aug 26 18:33:37.651729: | [RE]START processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648)
Aug 26 18:33:37.651730: | crypto helper 1 resuming
Aug 26 18:33:37.651732: | suspending state #3 and saving MD
Aug 26 18:33:37.651741: | crypto helper 1 starting work-order 5 for state #3
Aug 26 18:33:37.651745: | #3 is busy; has a suspended MD
Aug 26 18:33:37.651752: | crypto helper 1 doing build KE and nonce (outI2 KE); request ID 5
Aug 26 18:33:37.651759: | #3 spent 0.143 milliseconds in process_packet_tail()
Aug 26 18:33:37.651765: | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380)
Aug 26 18:33:37.651771: | stop processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in process_md() at demux.c:382)
Aug 26 18:33:37.651775: | processing: STOP connection NULL (in process_md() at demux.c:383)
Aug 26 18:33:37.651780: | spent 0.293 milliseconds in comm_handle_cb() reading and processing packet
Aug 26 18:33:37.652412: | crypto helper 1 finished build KE and nonce (outI2 KE); request ID 5 time elapsed 0.00066 seconds
Aug 26 18:33:37.652422: | (#3) spent 0.659 milliseconds in crypto helper computing work-order 5: outI2 KE (pcr)
Aug 26 18:33:37.652425: | crypto helper 1 sending results from work-order 5 for state #3 to event queue
Aug 26 18:33:37.652427: | scheduling resume sending helper answer for #3
Aug 26 18:33:37.652430: | libevent_malloc: new ptr-libevent@0x7fbd0c002888 size 128
Aug 26 18:33:37.652436: | crypto helper 1 waiting (nothing to do)
Aug 26 18:33:37.652443: | processing resume sending helper answer for #3
Aug 26 18:33:37.652450: | start processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in resume_handler() at server.c:797)
Aug 26 18:33:37.652454: | crypto helper 1 replies to request ID 5
Aug 26 18:33:37.652455: | calling continuation function 0x55c66cb6db50
Aug 26 18:33:37.652458: | main_inR1_outI2_continue for #3: calculated ke+nonce, sending I2
Aug 26 18:33:37.652462: | **emit ISAKMP Message:
Aug 26 18:33:37.652464: | initiator cookie:
Aug 26 18:33:37.652466: | 09 eb 5d d0 b4 d5 55 61
Aug 26 18:33:37.652468: | responder cookie:
Aug 26 18:33:37.652469: | 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:37.652471: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.652473: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:33:37.652475: | exchange type: ISAKMP_XCHG_IDPROT (0x2)
Aug 26 18:33:37.652477: | flags: none (0x0)
Aug 26 18:33:37.652479: | Message ID: 0 (0x0)
Aug 26 18:33:37.652481: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Aug 26 18:33:37.652484: | ***emit ISAKMP Key Exchange Payload:
Aug 26 18:33:37.652486: | next payload type: ISAKMP_NEXT_NONCE (0xa)
Aug 26 18:33:37.652488: | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE
Aug 26 18:33:37.652490: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE)
Aug 26 18:33:37.652493: | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:37.652495: | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload
Aug 26 18:33:37.652497: | keyex value 1e 40 df 6d aa 21 c1 c5 0a 61 6d 2c 0a 5f 5a 42
Aug 26 18:33:37.652499: | keyex value 75 59 2c 9f ee 20 ef 45 ee d4 c9 fc df a9 c6 48
Aug 26 18:33:37.652501: | keyex value 6f 53 00 d5 23 47 e8 16 09 2e e7 e9 f4 05 ed ec
Aug 26 18:33:37.652502: | keyex value bd e9 c6 0c 94 2a 10 d1 50 97 fb 45 4e 1c 6e ff
Aug 26 18:33:37.652504: | keyex value e4 5c d1 b3 87 50 94 b1 c1 38 ba 7e 32 a9 95 d9
Aug 26 18:33:37.652508: | keyex value bd 55 9c da 73 b4 09 1f a4 62 54 c1 1e 08 df e8
Aug 26 18:33:37.652510: | keyex value b3 ce 51 07 bf a6 57 35 c6 ec 7f 08 12 10 7d 45
Aug 26 18:33:37.652512: | keyex value 18 a5 ca b8 69 be af 0b 68 44 27 94 62 19 7c 28
Aug 26 18:33:37.652513: | keyex value 29 a4 3f 74 64 83 f0 59 1f 09 16 c6 3e 4b 72 e6
Aug 26 18:33:37.652515: | keyex value e7 d8 a3 56 9e 7e 69 e1 0a 19 a9 ab 11 d4 39 19
Aug 26 18:33:37.652517: | keyex value cb 36 39 b2 56 f6 e3 91 97 95 d3 35 13 96 70 7f
Aug 26 18:33:37.652519: | keyex value 9e 08 44 53 9f 7c 3b 3b cb 99 80 35 49 8e 4d 90
Aug 26 18:33:37.652520: | keyex value 54 a9 48 2b 0b 47 95 44 7b a5 d4 6d a5 81 28 31
Aug 26 18:33:37.652522: | keyex value 16 ac 5a 00 00 c1 7f 82 44 0c 49 39 b5 86 62 93
Aug 26 18:33:37.652524: | keyex value 0c 40 dd 55 34 f1 7b 10 07 af e5 f8 26 47 bd 53
Aug 26 18:33:37.652526: | keyex value 08 5b 8b b0 ce e2 f7 f9 ea 79 0f 65 c5 02 ba 22
Aug 26 18:33:37.652528: | emitting length of ISAKMP Key Exchange Payload: 260
Aug 26 18:33:37.652530: | ***emit ISAKMP Nonce Payload:
Aug 26 18:33:37.652532: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.652534: | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE)
Aug 26 18:33:37.652536: | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:37.652538: | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload
Aug 26 18:33:37.652540: | Ni 4b ad 06 c4 bf 5d 16 5d a2 b1 95 ed 41 19 b4 0d
Aug 26 18:33:37.652542: | Ni 64 e7 ca 38 fb ef 9a 5a 10 0b 82 f2 e1 3c 12 91
Aug 26 18:33:37.652544: | emitting length of ISAKMP Nonce Payload: 36
Aug 26 18:33:37.652545: | NAT-T checking st_nat_traversal
Aug 26 18:33:37.652547: | NAT-T found (implies NAT_T_WITH_NATD)
Aug 26 18:33:37.652549: | sending NAT-D payloads
Aug 26 18:33:37.652558: | natd_hash: hasher=0x55c66cc42ca0(32)
Aug 26 18:33:37.652561: | natd_hash: icookie= 09 eb 5d d0 b4 d5 55 61
Aug 26 18:33:37.652563: | natd_hash: rcookie= 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:37.652565: | natd_hash: ip= c0 01 02 17
Aug 26 18:33:37.652568: | natd_hash: port=500
Aug 26 18:33:37.652571: | natd_hash: hash= c6 bd c2 70 ba b7 51 49 af 0d 55 6a 13 c6 68 56
Aug 26 18:33:37.652574: | natd_hash: hash= 65 69 4b ea f4 b9 f5 9e c7 e0 b8 fc 7d de 4a 69
Aug 26 18:33:37.652578: | ***emit ISAKMP NAT-D Payload:
Aug 26 18:33:37.652581: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14)
Aug 26 18:33:37.652585: | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC
Aug 26 18:33:37.652589: | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC)
Aug 26 18:33:37.652592: | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:37.652596: | emitting 32 raw bytes of NAT-D into ISAKMP NAT-D Payload
Aug 26 18:33:37.652599: | NAT-D c6 bd c2 70 ba b7 51 49 af 0d 55 6a 13 c6 68 56
Aug 26 18:33:37.652602: | NAT-D 65 69 4b ea f4 b9 f5 9e c7 e0 b8 fc 7d de 4a 69
Aug 26 18:33:37.652606: | emitting length of ISAKMP NAT-D Payload: 36
Aug 26 18:33:37.652614: | natd_hash: hasher=0x55c66cc42ca0(32)
Aug 26 18:33:37.652618: | natd_hash: icookie= 09 eb 5d d0 b4 d5 55 61
Aug 26 18:33:37.652621: | natd_hash: rcookie= 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:37.652624: | natd_hash: ip= c0 01 03 21
Aug 26 18:33:37.652627: | natd_hash: port=500
Aug 26 18:33:37.652630: | natd_hash: hash= 6f 8d 63 6a d4 19 20 d8 5f 86 45 16 14 68 51 73
Aug 26 18:33:37.652633: | natd_hash: hash= 9e 95 60 2c 4f e8 46 93 aa 77 0f 1c 2c da bd f8
Aug 26 18:33:37.652636: | ***emit ISAKMP NAT-D Payload:
Aug 26 18:33:37.652639: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.652643: | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC)
Aug 26 18:33:37.652649: | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:37.652652: | emitting 32 raw bytes of NAT-D into ISAKMP NAT-D Payload
Aug 26 18:33:37.652656: | NAT-D 6f 8d 63 6a d4 19 20 d8 5f 86 45 16 14 68 51 73
Aug 26 18:33:37.652659: | NAT-D 9e 95 60 2c 4f e8 46 93 aa 77 0f 1c 2c da bd f8
Aug 26 18:33:37.652662: | emitting length of ISAKMP NAT-D Payload: 36
Aug 26 18:33:37.652665: | no IKEv1 message padding required
Aug 26 18:33:37.652668: | emitting length of ISAKMP Message: 396
Aug 26 18:33:37.652671: | State DB: re-hashing IKEv1 state #3 IKE SPIi and SPI[ir]
Aug 26 18:33:37.652675: | complete v1 state transition with STF_OK
Aug 26 18:33:37.652681: | [RE]START processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673)
Aug 26 18:33:37.652684: | #3 is idle
Aug 26 18:33:37.652687: | doing_xauth:no, t_xauth_client_done:no
Aug 26 18:33:37.652690: | peer supports fragmentation
Aug 26 18:33:37.652693: | peer supports DPD
Aug 26 18:33:37.652697: | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Aug 26 18:33:37.652701: | parent state #3: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA)
Aug 26 18:33:37.652704: | event_already_set, deleting event
Aug 26 18:33:37.652708: | state #3 requesting EVENT_CRYPTO_TIMEOUT to be deleted
Aug 26 18:33:37.652713: | libevent_free: release ptr-libevent@0x55c66d960ba8
Aug 26 18:33:37.652717: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55c66d94da38
Aug 26 18:33:37.652725: | sending reply packet to 192.1.2.23:500 (from 192.1.3.33:500)
Aug 26 18:33:37.652733: | sending 396 bytes for STATE_MAIN_I1 through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #3)
Aug 26 18:33:37.652737: | 09 eb 5d d0 b4 d5 55 61 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:37.652739: | 04 10 02 00 00 00 00 00 00 00 01 8c 0a 00 01 04
Aug 26 18:33:37.652742: | 1e 40 df 6d aa 21 c1 c5 0a 61 6d 2c 0a 5f 5a 42
Aug 26 18:33:37.652745: | 75 59 2c 9f ee 20 ef 45 ee d4 c9 fc df a9 c6 48
Aug 26 18:33:37.652748: | 6f 53 00 d5 23 47 e8 16 09 2e e7 e9 f4 05 ed ec
Aug 26 18:33:37.652750: | bd e9 c6 0c 94 2a 10 d1 50 97 fb 45 4e 1c 6e ff
Aug 26 18:33:37.652753: | e4 5c d1 b3 87 50 94 b1 c1 38 ba 7e 32 a9 95 d9
Aug 26 18:33:37.652756: | bd 55 9c da 73 b4 09 1f a4 62 54 c1 1e 08 df e8
Aug 26 18:33:37.652759: | b3 ce 51 07 bf a6 57 35 c6 ec 7f 08 12 10 7d 45
Aug 26 18:33:37.652761: | 18 a5 ca b8 69 be af 0b 68 44 27 94 62 19 7c 28
Aug 26 18:33:37.652764: | 29 a4 3f 74 64 83 f0 59 1f 09 16 c6 3e 4b 72 e6
Aug 26 18:33:37.652767: | e7 d8 a3 56 9e 7e 69 e1 0a 19 a9 ab 11 d4 39 19
Aug 26 18:33:37.652770: | cb 36 39 b2 56 f6 e3 91 97 95 d3 35 13 96 70 7f
Aug 26 18:33:37.652772: | 9e 08 44 53 9f 7c 3b 3b cb 99 80 35 49 8e 4d 90
Aug 26 18:33:37.652775: | 54 a9 48 2b 0b 47 95 44 7b a5 d4 6d a5 81 28 31
Aug 26 18:33:37.652778: | 16 ac 5a 00 00 c1 7f 82 44 0c 49 39 b5 86 62 93
Aug 26 18:33:37.652781: | 0c 40 dd 55 34 f1 7b 10 07 af e5 f8 26 47 bd 53
Aug 26 18:33:37.652783: | 08 5b 8b b0 ce e2 f7 f9 ea 79 0f 65 c5 02 ba 22
Aug 26 18:33:37.652786: | 14 00 00 24 4b ad 06 c4 bf 5d 16 5d a2 b1 95 ed
Aug 26 18:33:37.652789: | 41 19 b4 0d 64 e7 ca 38 fb ef 9a 5a 10 0b 82 f2
Aug 26 18:33:37.652791: | e1 3c 12 91 14 00 00 24 c6 bd c2 70 ba b7 51 49
Aug 26 18:33:37.652794: | af 0d 55 6a 13 c6 68 56 65 69 4b ea f4 b9 f5 9e
Aug 26 18:33:37.652797: | c7 e0 b8 fc 7d de 4a 69 00 00 00 24 6f 8d 63 6a
Aug 26 18:33:37.652800: | d4 19 20 d8 5f 86 45 16 14 68 51 73 9e 95 60 2c
Aug 26 18:33:37.652802: | 4f e8 46 93 aa 77 0f 1c 2c da bd f8
Aug 26 18:33:37.652840: | !event_already_set at reschedule
Aug 26 18:33:37.652846: | event_schedule: new EVENT_RETRANSMIT-pe@0x55c66d94da38
Aug 26 18:33:37.652851: | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #3
Aug 26 18:33:37.652855: | libevent_malloc: new ptr-libevent@0x55c66d94a328 size 128
Aug 26 18:33:37.652863: | #3 STATE_MAIN_I2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29703.395312
Aug 26 18:33:37.652867: "northnet-eastnet-b" #3: STATE_MAIN_I2: sent MI2, expecting MR2
Aug 26 18:33:37.652871: | modecfg pull: noquirk policy:push not-client
Aug 26 18:33:37.652874: | phase 1 is done, looking for phase 2 to unpend
Aug 26 18:33:37.652878: | resume sending helper answer for #3 suppresed complete_v1_state_transition()
Aug 26 18:33:37.652885: | #3 spent 0.408 milliseconds in resume sending helper answer
Aug 26 18:33:37.652891: | stop processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in resume_handler() at server.c:833)
Aug 26 18:33:37.652895: | libevent_free: release ptr-libevent@0x7fbd0c002888
Aug 26 18:33:37.654387: | spent 0.00301 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
Aug 26 18:33:37.654411: | *received 576 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500)
Aug 26 18:33:37.654416: | 09 eb 5d d0 b4 d5 55 61 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:37.654419: | 04 10 02 00 00 00 00 00 00 00 02 40 0a 00 01 04
Aug 26 18:33:37.654422: | 6e 14 b4 f2 7a 7e cf 82 80 4a db 09 4a 20 50 58
Aug 26 18:33:37.654425: | 60 bc e2 0c a7 b1 23 b9 ff d0 ea 52 26 62 48 43
Aug 26 18:33:37.654427: | 2b 71 54 cf 0d 12 84 cb d4 f4 a8 fd d6 73 49 5c
Aug 26 18:33:37.654430: | bf d0 91 d1 95 1f 11 7e b7 07 60 d5 e4 3a 5a bb
Aug 26 18:33:37.654433: | c8 5a 76 7d d3 88 a4 45 42 8f 5a 86 6b 58 af 71
Aug 26 18:33:37.654436: | bb 18 47 20 7e ac e1 26 63 3a 96 04 8e cc 0b c6
Aug 26 18:33:37.654439: | a1 63 48 af cd 6d cf 88 71 a5 78 55 45 12 fe 5a
Aug 26 18:33:37.654442: | b2 13 7e df dc 7a ae af eb 83 09 66 d4 25 14 29
Aug 26 18:33:37.654445: | 74 70 f3 30 cb 16 d7 4e b0 d2 5a aa cc 6a 56 95
Aug 26 18:33:37.654448: | af d0 37 cc c5 d3 df 72 f0 8f 41 79 1a d4 8b aa
Aug 26 18:33:37.654451: | 7a 44 79 52 ff 31 bb 8e c7 5e 99 fa 99 e3 9c 58
Aug 26 18:33:37.654454: | eb c2 8e 3f 17 6f d7 1f f1 55 fd 7c 0a bb b9 23
Aug 26 18:33:37.654457: | b3 84 7c 55 0a 46 64 2d d8 b6 1e 58 0a 94 07 07
Aug 26 18:33:37.654460: | c6 c1 66 95 e4 5a 36 fc 75 0d 3f 73 a8 33 77 4d
Aug 26 18:33:37.654462: | 3d d2 da 56 6a d3 bd e0 f3 c9 42 c2 8f d6 3e 6e
Aug 26 18:33:37.654465: | 94 b6 48 79 7f 9d 3d 3e 65 62 54 b7 08 ea b3 62
Aug 26 18:33:37.654468: | 07 00 00 24 3f 7c 53 c2 08 4d d1 48 27 23 4b 93
Aug 26 18:33:37.654471: | de d1 5d d0 01 71 ab 77 b8 cc 37 74 c8 07 e9 da
Aug 26 18:33:37.654474: | 1d 7c 3f 66 14 00 00 b4 04 30 81 ac 31 0b 30 09
Aug 26 18:33:37.654476: | 06 03 55 04 06 13 02 43 41 31 10 30 0e 06 03 55
Aug 26 18:33:37.654479: | 04 08 0c 07 4f 6e 74 61 72 69 6f 31 10 30 0e 06
Aug 26 18:33:37.654482: | 03 55 04 07 0c 07 54 6f 72 6f 6e 74 6f 31 12 30
Aug 26 18:33:37.654485: | 10 06 03 55 04 0a 0c 09 4c 69 62 72 65 73 77 61
Aug 26 18:33:37.654488: | 6e 31 18 30 16 06 03 55 04 0b 0c 0f 54 65 73 74
Aug 26 18:33:37.654491: | 20 44 65 70 61 72 74 6d 65 6e 74 31 25 30 23 06
Aug 26 18:33:37.654493: | 03 55 04 03 0c 1c 4c 69 62 72 65 73 77 61 6e 20
Aug 26 18:33:37.654496: | 74 65 73 74 20 43 41 20 66 6f 72 20 6d 61 69 6e
Aug 26 18:33:37.654499: | 63 61 31 24 30 22 06 09 2a 86 48 86 f7 0d 01 09
Aug 26 18:33:37.654501: | 01 16 15 74 65 73 74 69 6e 67 40 6c 69 62 72 65
Aug 26 18:33:37.654504: | 73 77 61 6e 2e 6f 72 67 14 00 00 24 6f 8d 63 6a
Aug 26 18:33:37.654507: | d4 19 20 d8 5f 86 45 16 14 68 51 73 9e 95 60 2c
Aug 26 18:33:37.654509: | 4f e8 46 93 aa 77 0f 1c 2c da bd f8 00 00 00 24
Aug 26 18:33:37.654512: | c6 bd c2 70 ba b7 51 49 af 0d 55 6a 13 c6 68 56
Aug 26 18:33:37.654515: | 65 69 4b ea f4 b9 f5 9e c7 e0 b8 fc 7d de 4a 69
Aug 26 18:33:37.654521: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378)
Aug 26 18:33:37.654526: | **parse ISAKMP Message:
Aug 26 18:33:37.654530: | initiator cookie:
Aug 26 18:33:37.654535: | 09 eb 5d d0 b4 d5 55 61
Aug 26 18:33:37.654539: | responder cookie:
Aug 26 18:33:37.654542: | 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:37.654545: | next payload type: ISAKMP_NEXT_KE (0x4)
Aug 26 18:33:37.654549: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:33:37.654552: | exchange type: ISAKMP_XCHG_IDPROT (0x2)
Aug 26 18:33:37.654556: | flags: none (0x0)
Aug 26 18:33:37.654559: | Message ID: 0 (0x0)
Aug 26 18:33:37.654562: | length: 576 (0x240)
Aug 26 18:33:37.654566: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2)
Aug 26 18:33:37.654570: | State DB: found IKEv1 state #3 in MAIN_I2 (find_state_ikev1)
Aug 26 18:33:37.654577: | start processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459)
Aug 26 18:33:37.654581: | #3 is idle
Aug 26 18:33:37.654584: | #3 idle
Aug 26 18:33:37.654588: | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080
Aug 26 18:33:37.654592: | ***parse ISAKMP Key Exchange Payload:
Aug 26 18:33:37.654595: | next payload type: ISAKMP_NEXT_NONCE (0xa)
Aug 26 18:33:37.654599: | length: 260 (0x104)
Aug 26 18:33:37.654603: | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080
Aug 26 18:33:37.654606: | ***parse ISAKMP Nonce Payload:
Aug 26 18:33:37.654609: | next payload type: ISAKMP_NEXT_CR (0x7)
Aug 26 18:33:37.654612: | length: 36 (0x24)
Aug 26 18:33:37.654615: | got payload 0x80 (ISAKMP_NEXT_CR) needed: 0x0 opt: 0x102080
Aug 26 18:33:37.654619: | ***parse ISAKMP Certificate RequestPayload:
Aug 26 18:33:37.654623: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14)
Aug 26 18:33:37.654626: | length: 180 (0xb4)
Aug 26 18:33:37.654630: | cert type: CERT_X509_SIGNATURE (0x4)
Aug 26 18:33:37.654633: | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080
Aug 26 18:33:37.654637: | ***parse ISAKMP NAT-D Payload:
Aug 26 18:33:37.654640: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14)
Aug 26 18:33:37.654644: | length: 36 (0x24)
Aug 26 18:33:37.654647: | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080
Aug 26 18:33:37.654651: | ***parse ISAKMP NAT-D Payload:
Aug 26 18:33:37.654654: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.654657: | length: 36 (0x24)
Aug 26 18:33:37.654661: | message 'main_inR2_outI3' HASH payload not checked early
Aug 26 18:33:37.654679: | started looking for secret for C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org->C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org of kind PKK_PSK
Aug 26 18:33:37.654689: | actually looking for secret for C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org->C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org of kind PKK_PSK
Aug 26 18:33:37.654702: | line 0: key type PKK_PSK(C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org) to type PKK_RSA
Aug 26 18:33:37.654707: | line 1: key type PKK_PSK(C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org) to type PKK_RSA
Aug 26 18:33:37.654711: | concluding with best_match=000 best=(nil) (lineno=-1)
Aug 26 18:33:37.654714: | no PreShared Key Found
Aug 26 18:33:37.654719: | adding aggr outR1 DH work-order 6 for state #3
Aug 26 18:33:37.654723: | state #3 requesting EVENT_RETRANSMIT to be deleted
Aug 26 18:33:37.654726: | #3 STATE_MAIN_I2: retransmits: cleared
Aug 26 18:33:37.654731: | libevent_free: release ptr-libevent@0x55c66d94a328
Aug 26 18:33:37.654735: | free_event_entry: release EVENT_RETRANSMIT-pe@0x55c66d94da38
Aug 26 18:33:37.654739: | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7fbd0c002b78
Aug 26 18:33:37.654744: | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #3
Aug 26 18:33:37.654755: | libevent_malloc: new ptr-libevent@0x7fbd0c002888 size 128
Aug 26 18:33:37.654766: | complete v1 state transition with STF_SUSPEND
Aug 26 18:33:37.654773: | [RE]START processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648)
Aug 26 18:33:37.654776: | suspending state #3 and saving MD
Aug 26 18:33:37.654779: | #3 is busy; has a suspended MD
Aug 26 18:33:37.654785: | #3 spent 0.118 milliseconds in process_packet_tail()
Aug 26 18:33:37.654791: | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380)
Aug 26 18:33:37.654796: | stop processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in process_md() at demux.c:382)
Aug 26 18:33:37.654800: | processing: STOP connection NULL (in process_md() at demux.c:383)
Aug 26 18:33:37.654803: | crypto helper 6 resuming
Aug 26 18:33:37.654817: | crypto helper 6 starting work-order 6 for state #3
Aug 26 18:33:37.654805: | spent 0.403 milliseconds in comm_handle_cb() reading and processing packet
Aug 26 18:33:37.654823: | crypto helper 6 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 6
Aug 26 18:33:37.655602: | crypto helper 6 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 6 time elapsed 0.000778 seconds
Aug 26 18:33:37.655614: | (#3) spent 0.776 milliseconds in crypto helper computing work-order 6: aggr outR1 DH (pcr)
Aug 26 18:33:37.655617: | crypto helper 6 sending results from work-order 6 for state #3 to event queue
Aug 26 18:33:37.655619: | scheduling resume sending helper answer for #3
Aug 26 18:33:37.655622: | libevent_malloc: new ptr-libevent@0x7fbd00000f48 size 128
Aug 26 18:33:37.655629: | crypto helper 6 waiting (nothing to do)
Aug 26 18:33:37.655666: | processing resume sending helper answer for #3
Aug 26 18:33:37.655676: | start processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in resume_handler() at server.c:797)
Aug 26 18:33:37.655680: | crypto helper 6 replies to request ID 6
Aug 26 18:33:37.655682: | calling continuation function 0x55c66cb6db50
Aug 26 18:33:37.655685: | main_inR2_outI3_cryptotail for #3: calculated DH, sending R1
Aug 26 18:33:37.655689: | **emit ISAKMP Message:
Aug 26 18:33:37.655691: | initiator cookie:
Aug 26 18:33:37.655693: | 09 eb 5d d0 b4 d5 55 61
Aug 26 18:33:37.655695: | responder cookie:
Aug 26 18:33:37.655697: | 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:37.655699: | next payload type: ISAKMP_NEXT_ID (0x5)
Aug 26 18:33:37.655701: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:33:37.655703: | exchange type: ISAKMP_XCHG_IDPROT (0x2)
Aug 26 18:33:37.655705: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:33:37.655707: | Message ID: 0 (0x0)
Aug 26 18:33:37.655710: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Aug 26 18:33:37.655712: | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID
Aug 26 18:33:37.655715: | CR 30 81 ac 31 0b 30 09 06 03 55 04 06 13 02 43 41
Aug 26 18:33:37.655717: | CR 31 10 30 0e 06 03 55 04 08 0c 07 4f 6e 74 61 72
Aug 26 18:33:37.655718: | CR 69 6f 31 10 30 0e 06 03 55 04 07 0c 07 54 6f 72
Aug 26 18:33:37.655720: | CR 6f 6e 74 6f 31 12 30 10 06 03 55 04 0a 0c 09 4c
Aug 26 18:33:37.655722: | CR 69 62 72 65 73 77 61 6e 31 18 30 16 06 03 55 04
Aug 26 18:33:37.655724: | CR 0b 0c 0f 54 65 73 74 20 44 65 70 61 72 74 6d 65
Aug 26 18:33:37.655725: | CR 6e 74 31 25 30 23 06 03 55 04 03 0c 1c 4c 69 62
Aug 26 18:33:37.655727: | CR 72 65 73 77 61 6e 20 74 65 73 74 20 43 41 20 66
Aug 26 18:33:37.655729: | CR 6f 72 20 6d 61 69 6e 63 61 31 24 30 22 06 09 2a
Aug 26 18:33:37.655731: | CR 86 48 86 f7 0d 01 09 01 16 15 74 65 73 74 69 6e
Aug 26 18:33:37.655732: | CR 67 40 6c 69 62 72 65 73 77 61 6e 2e 6f 72 67
Aug 26 18:33:37.655738: | requested CA: 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:33:37.655743: | thinking about whether to send my certificate:
Aug 26 18:33:37.655746: | I have RSA key: OAKLEY_RSA_SIG cert.type: CERT_X509_SIGNATURE
Aug 26 18:33:37.655748: | sendcert: CERT_ALWAYSSEND and I did get a certificate request
Aug 26 18:33:37.655750: | so send cert.
Aug 26 18:33:37.655753: | I am sending a certificate request
Aug 26 18:33:37.655755: | I will NOT send an initial contact payload
Aug 26 18:33:37.655757: | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal)
Aug 26 18:33:37.655767: | natd_hash: hasher=0x55c66cc42ca0(32)
Aug 26 18:33:37.655770: | natd_hash: icookie= 09 eb 5d d0 b4 d5 55 61
Aug 26 18:33:37.655772: | natd_hash: rcookie= 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:37.655773: | natd_hash: ip= c0 01 03 21
Aug 26 18:33:37.655775: | natd_hash: port=500
Aug 26 18:33:37.655777: | natd_hash: hash= 6f 8d 63 6a d4 19 20 d8 5f 86 45 16 14 68 51 73
Aug 26 18:33:37.655779: | natd_hash: hash= 9e 95 60 2c 4f e8 46 93 aa 77 0f 1c 2c da bd f8
Aug 26 18:33:37.655783: | natd_hash: hasher=0x55c66cc42ca0(32)
Aug 26 18:33:37.655785: | natd_hash: icookie= 09 eb 5d d0 b4 d5 55 61
Aug 26 18:33:37.655787: | natd_hash: rcookie= 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:37.655789: | natd_hash: ip= c0 01 02 17
Aug 26 18:33:37.655790: | natd_hash: port=500
Aug 26 18:33:37.655792: | natd_hash: hash= c6 bd c2 70 ba b7 51 49 af 0d 55 6a 13 c6 68 56
Aug 26 18:33:37.655794: | natd_hash: hash= 65 69 4b ea f4 b9 f5 9e c7 e0 b8 fc 7d de 4a 69
Aug 26 18:33:37.655796: | expected NAT-D(me): 6f 8d 63 6a d4 19 20 d8 5f 86 45 16 14 68 51 73
Aug 26 18:33:37.655798: | expected NAT-D(me): 9e 95 60 2c 4f e8 46 93 aa 77 0f 1c 2c da bd f8
Aug 26 18:33:37.655799: | expected NAT-D(him):
Aug 26 18:33:37.655801: | c6 bd c2 70 ba b7 51 49 af 0d 55 6a 13 c6 68 56
Aug 26 18:33:37.655803: | 65 69 4b ea f4 b9 f5 9e c7 e0 b8 fc 7d de 4a 69
Aug 26 18:33:37.655805: | received NAT-D: 6f 8d 63 6a d4 19 20 d8 5f 86 45 16 14 68 51 73
Aug 26 18:33:37.655807: | received NAT-D: 9e 95 60 2c 4f e8 46 93 aa 77 0f 1c 2c da bd f8
Aug 26 18:33:37.655809: | received NAT-D: c6 bd c2 70 ba b7 51 49 af 0d 55 6a 13 c6 68 56
Aug 26 18:33:37.655811: | received NAT-D: 65 69 4b ea f4 b9 f5 9e c7 e0 b8 fc 7d de 4a 69
Aug 26 18:33:37.655812: | NAT_TRAVERSAL encaps using auto-detect
Aug 26 18:33:37.655814: | NAT_TRAVERSAL this end is NOT behind NAT
Aug 26 18:33:37.655816: | NAT_TRAVERSAL that end is NOT behind NAT
Aug 26 18:33:37.655818: | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23
Aug 26 18:33:37.655821: | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected
Aug 26 18:33:37.655822: | NAT_T_WITH_KA detected
Aug 26 18:33:37.655825: | global one-shot timer EVENT_NAT_T_KEEPALIVE scheduled in 20 seconds
Aug 26 18:33:37.655828: | ***emit ISAKMP Identification Payload (IPsec DOI):
Aug 26 18:33:37.655830: | next payload type: ISAKMP_NEXT_CERT (0x6)
Aug 26 18:33:37.655832: | ID type: ID_DER_ASN1_DN (0x9)
Aug 26 18:33:37.655834: | Protocol ID: 0 (0x0)
Aug 26 18:33:37.655836: | port: 0 (0x0)
Aug 26 18:33:37.655838: | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 6:ISAKMP_NEXT_CERT
Aug 26 18:33:37.655841: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID)
Aug 26 18:33:37.655843: | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet'
Aug 26 18:33:37.655845: | emitting 185 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI)
Aug 26 18:33:37.655847: | my identity 30 81 b6 31 0b 30 09 06 03 55 04 06 13 02 43 41
Aug 26 18:33:37.655849: | my identity 31 10 30 0e 06 03 55 04 08 0c 07 4f 6e 74 61 72
Aug 26 18:33:37.655851: | my identity 69 6f 31 10 30 0e 06 03 55 04 07 0c 07 54 6f 72
Aug 26 18:33:37.655853: | my identity 6f 6e 74 6f 31 12 30 10 06 03 55 04 0a 0c 09 4c
Aug 26 18:33:37.655856: | my identity 69 62 72 65 73 77 61 6e 31 18 30 16 06 03 55 04
Aug 26 18:33:37.655858: | my identity 0b 0c 0f 54 65 73 74 20 44 65 70 61 72 74 6d 65
Aug 26 18:33:37.655860: | my identity 6e 74 31 24 30 22 06 03 55 04 03 0c 1b 6e 6f 72
Aug 26 18:33:37.655861: | my identity 74 68 2e 74 65 73 74 69 6e 67 2e 6c 69 62 72 65
Aug 26 18:33:37.655863: | my identity 73 77 61 6e 2e 6f 72 67 31 2f 30 2d 06 09 2a 86
Aug 26 18:33:37.655865: | my identity 48 86 f7 0d 01 09 01 16 20 75 73 65 72 2d 6e 6f
Aug 26 18:33:37.655867: | my identity 72 74 68 40 74 65 73 74 69 6e 67 2e 6c 69 62 72
Aug 26 18:33:37.655869: | my identity 65 73 77 61 6e 2e 6f 72 67
Aug 26 18:33:37.655871: | emitting length of ISAKMP Identification Payload (IPsec DOI): 193
Aug 26 18:33:37.655873: "northnet-eastnet-b" #3: I am sending my cert
Aug 26 18:33:37.655875: | ***emit ISAKMP Certificate Payload:
Aug 26 18:33:37.655877: | next payload type: ISAKMP_NEXT_CR (0x7)
Aug 26 18:33:37.655879: | cert encoding: CERT_X509_SIGNATURE (0x4)
Aug 26 18:33:37.655881: | next payload chain: ignoring supplied 'ISAKMP Certificate Payload'.'next payload type' value 7:ISAKMP_NEXT_CR
Aug 26 18:33:37.655884: | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Certificate Payload (6:ISAKMP_NEXT_CERT)
Aug 26 18:33:37.655886: | next payload chain: saving location 'ISAKMP Certificate Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:37.655888: | emitting 1227 raw bytes of CERT into ISAKMP Certificate Payload
Aug 26 18:33:37.655890: | CERT 30 82 04 c7 30 82 04 30 a0 03 02 01 02 02 01 06
Aug 26 18:33:37.655892: | CERT 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30
Aug 26 18:33:37.655894: | CERT 81 ac 31 0b 30 09 06 03 55 04 06 13 02 43 41 31
Aug 26 18:33:37.655895: | CERT 10 30 0e 06 03 55 04 08 0c 07 4f 6e 74 61 72 69
Aug 26 18:33:37.655897: | CERT 6f 31 10 30 0e 06 03 55 04 07 0c 07 54 6f 72 6f
Aug 26 18:33:37.655899: | CERT 6e 74 6f 31 12 30 10 06 03 55 04 0a 0c 09 4c 69
Aug 26 18:33:37.655901: | CERT 62 72 65 73 77 61 6e 31 18 30 16 06 03 55 04 0b
Aug 26 18:33:37.655902: | CERT 0c 0f 54 65 73 74 20 44 65 70 61 72 74 6d 65 6e
Aug 26 18:33:37.655904: | CERT 74 31 25 30 23 06 03 55 04 03 0c 1c 4c 69 62 72
Aug 26 18:33:37.655906: | CERT 65 73 77 61 6e 20 74 65 73 74 20 43 41 20 66 6f
Aug 26 18:33:37.655908: | CERT 72 20 6d 61 69 6e 63 61 31 24 30 22 06 09 2a 86
Aug 26 18:33:37.655909: | CERT 48 86 f7 0d 01 09 01 16 15 74 65 73 74 69 6e 67
Aug 26 18:33:37.655911: | CERT 40 6c 69 62 72 65 73 77 61 6e 2e 6f 72 67 30 22
Aug 26 18:33:37.655913: | CERT 18 0f 32 30 31 39 30 38 32 34 30 39 30 37 35 33
Aug 26 18:33:37.655915: | CERT 5a 18 0f 32 30 32 32 30 38 32 33 30 39 30 37 35
Aug 26 18:33:37.655916: | CERT 33 5a 30 81 b6 31 0b 30 09 06 03 55 04 06 13 02
Aug 26 18:33:37.655918: | CERT 43 41 31 10 30 0e 06 03 55 04 08 0c 07 4f 6e 74
Aug 26 18:33:37.655920: | CERT 61 72 69 6f 31 10 30 0e 06 03 55 04 07 0c 07 54
Aug 26 18:33:37.655922: | CERT 6f 72 6f 6e 74 6f 31 12 30 10 06 03 55 04 0a 0c
Aug 26 18:33:37.655923: | CERT 09 4c 69 62 72 65 73 77 61 6e 31 18 30 16 06 03
Aug 26 18:33:37.655925: | CERT 55 04 0b 0c 0f 54 65 73 74 20 44 65 70 61 72 74
Aug 26 18:33:37.655927: | CERT 6d 65 6e 74 31 24 30 22 06 03 55 04 03 0c 1b 6e
Aug 26 18:33:37.655929: | CERT 6f 72 74 68 2e 74 65 73 74 69 6e 67 2e 6c 69 62
Aug 26 18:33:37.655930: | CERT 72 65 73 77 61 6e 2e 6f 72 67 31 2f 30 2d 06 09
Aug 26 18:33:37.655932: | CERT 2a 86 48 86 f7 0d 01 09 01 16 20 75 73 65 72 2d
Aug 26 18:33:37.655934: | CERT 6e 6f 72 74 68 40 74 65 73 74 69 6e 67 2e 6c 69
Aug 26 18:33:37.655936: | CERT 62 72 65 73 77 61 6e 2e 6f 72 67 30 82 01 a2 30
Aug 26 18:33:37.655937: | CERT 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82
Aug 26 18:33:37.655939: | CERT 01 8f 00 30 82 01 8a 02 82 01 81 00 c0 59 bd 4b
Aug 26 18:33:37.655941: | CERT 40 fd f4 2c e7 cf 9e f3 29 e6 61 73 de ab 42 3d
Aug 26 18:33:37.655944: | CERT cc 51 1a e8 79 d6 53 46 a1 fd 66 d1 9e ab b4 65
Aug 26 18:33:37.655945: | CERT 76 51 ad 3f 6f 8f ef d2 73 f9 fd 8f 44 b0 6c 36
Aug 26 18:33:37.655947: | CERT 4b 95 c3 b2 45 0f 31 0c e9 df 35 95 44 c0 19 53
Aug 26 18:33:37.655949: | CERT 8d df 6a 4b b2 af d6 d3 e8 dd f5 20 df 9c cd 8a
Aug 26 18:33:37.655951: | CERT f7 6a 09 92 60 00 45 44 39 4c 17 6c 06 02 91 37
Aug 26 18:33:37.655952: | CERT 4b f5 6a c3 5e 21 c6 64 32 32 98 1d b7 99 1f 3c
Aug 26 18:33:37.655954: | CERT 13 fe ec c7 a4 a5 3b 37 30 df e4 31 95 47 91 b1
Aug 26 18:33:37.655956: | CERT ca 96 66 b7 9e 49 65 a2 4c 79 54 17 ed 68 19 34
Aug 26 18:33:37.655958: | CERT 9d 7e 67 91 27 51 f0 ee cb b3 90 68 7c 1d fd 83
Aug 26 18:33:37.655959: | CERT 32 06 2e e6 6f d5 f0 62 00 4d ef 11 90 b6 ad 61
Aug 26 18:33:37.655961: | CERT 83 0b 21 94 18 d9 2b 88 09 0d 33 2e 3b 71 18 f4
Aug 26 18:33:37.655963: | CERT ce 4a 45 f3 37 f4 db c0 d6 ab c2 da da cd 6d e0
Aug 26 18:33:37.655964: | CERT a3 9d 21 53 19 34 b1 0c d9 63 7c 45 b7 26 a4 d9
Aug 26 18:33:37.655966: | CERT d6 93 25 1e 1f 74 3c 07 32 69 9b bc 0f db ba 3e
Aug 26 18:33:37.655968: | CERT 30 85 a4 3d ec 5c 70 fe fe 7d 64 3c 2c 48 b3 8a
Aug 26 18:33:37.655970: | CERT eb 26 bf 05 d4 33 1e c3 f7 1c 24 c9 99 e3 d1 99
Aug 26 18:33:37.655971: | CERT 91 df 32 10 d5 7c 31 7e 9e 6f 70 01 dc 0d d7 21
Aug 26 18:33:37.655973: | CERT 03 76 4d f5 b2 e3 87 30 94 8c b2 0a c0 b4 d9 0b
Aug 26 18:33:37.655975: | CERT d4 d9 37 e0 7a 73 13 50 8d 6f 93 9a 7c 5a 1a b2
Aug 26 18:33:37.655977: | CERT 87 7e 0c 64 60 cb 4b 2c ef 22 75 b1 7c 60 3e e3
Aug 26 18:33:37.655978: | CERT e5 f1 94 38 51 8f 00 e8 35 7b b5 01 ed c1 c4 fd
Aug 26 18:33:37.655980: | CERT a3 4b 56 42 d6 8b 64 38 74 95 c4 13 70 f0 f0 23
Aug 26 18:33:37.655982: | CERT 29 57 2b ef 74 97 97 76 8d 30 48 91 02 03 01 00
Aug 26 18:33:37.655984: | CERT 01 a3 81 e4 30 81 e1 30 09 06 03 55 1d 13 04 02
Aug 26 18:33:37.655985: | CERT 30 00 30 26 06 03 55 1d 11 04 1f 30 1d 82 1b 6e
Aug 26 18:33:37.655987: | CERT 6f 72 74 68 2e 74 65 73 74 69 6e 67 2e 6c 69 62
Aug 26 18:33:37.655989: | CERT 72 65 73 77 61 6e 2e 6f 72 67 30 0b 06 03 55 1d
Aug 26 18:33:37.655991: | CERT 0f 04 04 03 02 07 80 30 1d 06 03 55 1d 25 04 16
Aug 26 18:33:37.655992: | CERT 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06
Aug 26 18:33:37.655994: | CERT 01 05 05 07 03 02 30 41 06 08 2b 06 01 05 05 07
Aug 26 18:33:37.655996: | CERT 01 01 04 35 30 33 30 31 06 08 2b 06 01 05 05 07
Aug 26 18:33:37.655997: | CERT 30 01 86 25 68 74 74 70 3a 2f 2f 6e 69 63 2e 74
Aug 26 18:33:37.655999: | CERT 65 73 74 69 6e 67 2e 6c 69 62 72 65 73 77 61 6e
Aug 26 18:33:37.656001: | CERT 2e 6f 72 67 3a 32 35 36 30 30 3d 06 03 55 1d 1f
Aug 26 18:33:37.656003: | CERT 04 36 30 34 30 32 a0 30 a0 2e 86 2c 68 74 74 70
Aug 26 18:33:37.656004: | CERT 3a 2f 2f 6e 69 63 2e 74 65 73 74 69 6e 67 2e 6c
Aug 26 18:33:37.656006: | CERT 69 62 72 65 73 77 61 6e 2e 6f 72 67 2f 72 65 76
Aug 26 18:33:37.656008: | CERT 6f 6b 65 64 2e 63 72 6c 30 0d 06 09 2a 86 48 86
Aug 26 18:33:37.656010: | CERT f7 0d 01 01 0b 05 00 03 81 81 00 9e e9 26 57 73
Aug 26 18:33:37.656011: | CERT c2 4c 64 c6 ab d6 d3 1a 13 4f 6b 48 e3 17 b2 3d
Aug 26 18:33:37.656013: | CERT fb 30 93 2d 15 92 6e a3 60 29 10 1d 3e a7 93 48
Aug 26 18:33:37.656015: | CERT 3c 40 5b af 9e e5 93 b7 2f d5 4b 9f db bd ab 5d
Aug 26 18:33:37.656017: | CERT 03 57 3a 1a f9 81 87 13 dd 32 e7 93 b5 9e 3b 40
Aug 26 18:33:37.656018: | CERT 3c c6 c9 d5 ce c6 c7 5d da 89 36 3d d0 36 82 fd
Aug 26 18:33:37.656020: | CERT b2 ab 00 2a 7c 0e a7 ad 3e e2 b1 5a 0d 88 45 26
Aug 26 18:33:37.656022: | CERT 48 51 b3 c7 79 d7 04 e7 47 5f 28 f8 63 fb ae 58
Aug 26 18:33:37.656024: | CERT 52 8b ba 60 ce 19 ac fa 4e 65 7d
Aug 26 18:33:37.656026: | emitting length of ISAKMP Certificate Payload: 1232
Aug 26 18:33:37.656028: "northnet-eastnet-b" #3: I am sending a certificate request
Aug 26 18:33:37.656030: | ***emit ISAKMP Certificate RequestPayload:
Aug 26 18:33:37.656033: | next payload type: ISAKMP_NEXT_SIG (0x9)
Aug 26 18:33:37.656035: | cert type: CERT_X509_SIGNATURE (0x4)
Aug 26 18:33:37.656037: | next payload chain: ignoring supplied 'ISAKMP Certificate RequestPayload'.'next payload type' value 9:ISAKMP_NEXT_SIG
Aug 26 18:33:37.656039: | next payload chain: setting previous 'ISAKMP Certificate Payload'.'next payload type' to current ISAKMP Certificate RequestPayload (7:ISAKMP_NEXT_CR)
Aug 26 18:33:37.656041: | next payload chain: saving location 'ISAKMP Certificate RequestPayload'.'next payload type' in 'reply packet'
Aug 26 18:33:37.656043: | emitting 175 raw bytes of CA into ISAKMP Certificate RequestPayload
Aug 26 18:33:37.656045: | CA 30 81 ac 31 0b 30 09 06 03 55 04 06 13 02 43 41
Aug 26 18:33:37.656047: | CA 31 10 30 0e 06 03 55 04 08 0c 07 4f 6e 74 61 72
Aug 26 18:33:37.656049: | CA 69 6f 31 10 30 0e 06 03 55 04 07 0c 07 54 6f 72
Aug 26 18:33:37.656050: | CA 6f 6e 74 6f 31 12 30 10 06 03 55 04 0a 0c 09 4c
Aug 26 18:33:37.656052: | CA 69 62 72 65 73 77 61 6e 31 18 30 16 06 03 55 04
Aug 26 18:33:37.656054: | CA 0b 0c 0f 54 65 73 74 20 44 65 70 61 72 74 6d 65
Aug 26 18:33:37.656056: | CA 6e 74 31 25 30 23 06 03 55 04 03 0c 1c 4c 69 62
Aug 26 18:33:37.656057: | CA 72 65 73 77 61 6e 20 74 65 73 74 20 43 41 20 66
Aug 26 18:33:37.656059: | CA 6f 72 20 6d 61 69 6e 63 61 31 24 30 22 06 09 2a
Aug 26 18:33:37.656061: | CA 86 48 86 f7 0d 01 09 01 16 15 74 65 73 74 69 6e
Aug 26 18:33:37.656063: | CA 67 40 6c 69 62 72 65 73 77 61 6e 2e 6f 72 67
Aug 26 18:33:37.656065: | emitting length of ISAKMP Certificate RequestPayload: 180
Aug 26 18:33:37.656096: | started looking for secret for C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org->C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org of kind PKK_RSA
Aug 26 18:33:37.656214: | searching for certificate PKK_RSA:AwEAAcBZv vs PKK_RSA:AwEAAcBZv
Aug 26 18:33:37.662553: | ***emit ISAKMP Signature Payload:
Aug 26 18:33:37.662568: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.662571: | next payload chain: setting previous 'ISAKMP Certificate RequestPayload'.'next payload type' to current ISAKMP Signature Payload (9:ISAKMP_NEXT_SIG)
Aug 26 18:33:37.662574: | next payload chain: saving location 'ISAKMP Signature Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:37.662577: | emitting 384 raw bytes of SIG_I into ISAKMP Signature Payload
Aug 26 18:33:37.662579: | SIG_I 53 84 df d1 ef 08 42 f3 ee 32 ed f9 96 68 ea 74
Aug 26 18:33:37.662581: | SIG_I 9c e0 ee 66 de 87 81 9b 42 5f 90 96 3c ab 88 9e
Aug 26 18:33:37.662583: | SIG_I 45 07 50 4b 81 69 bc c1 91 6d b1 29 0f 69 39 90
Aug 26 18:33:37.662584: | SIG_I 41 65 6d e0 87 80 67 d8 aa 90 53 eb 7f e3 4a d9
Aug 26 18:33:37.662586: | SIG_I fd 0d f9 2f 26 09 80 ce c7 61 00 c7 f4 4e dd cb
Aug 26 18:33:37.662588: | SIG_I 1b c8 8e 9a e9 9f e7 03 6b e8 4a 1d a5 30 42 29
Aug 26 18:33:37.662590: | SIG_I 40 d6 2a 35 38 ca c3 76 70 98 84 5f 43 76 ce 1b
Aug 26 18:33:37.662591: | SIG_I a1 5f f4 9b 13 19 97 ae e2 c2 6d 0e e1 94 6e 2b
Aug 26 18:33:37.662593: | SIG_I 55 09 d7 d3 f8 77 a8 17 a8 b1 0d 0d 6d e6 48 03
Aug 26 18:33:37.662595: | SIG_I 76 ba 23 c7 3f da fe 9f a7 47 f2 9a 93 7b 2e 75
Aug 26 18:33:37.662597: | SIG_I 6e a4 3c 24 32 2a 57 12 98 b2 c2 69 19 3b 90 a6
Aug 26 18:33:37.662598: | SIG_I 7d 78 c9 df 2b 49 04 18 20 d5 20 c0 38 3a d9 9b
Aug 26 18:33:37.662600: | SIG_I 0f 84 8a b1 54 d2 9e b1 c1 2a a1 63 09 19 1c 2c
Aug 26 18:33:37.662602: | SIG_I 78 0d 79 18 7a 51 b4 2d 5c d5 37 2b ca 90 8c eb
Aug 26 18:33:37.662603: | SIG_I 33 e2 8f 56 fe ae 50 b9 64 d1 e7 cf 0e 09 57 fc
Aug 26 18:33:37.662605: | SIG_I fe 76 f2 fe 27 03 7e 6d 17 b5 3e 7a 4b 65 e0 e7
Aug 26 18:33:37.662607: | SIG_I 6a ec c8 ec c2 28 6f 77 1e f7 1b 63 f3 85 43 b3
Aug 26 18:33:37.662609: | SIG_I e2 d4 1e 31 7b 88 31 49 e6 98 41 33 34 fe f3 ad
Aug 26 18:33:37.662613: | SIG_I 5d e2 2b 67 19 2b 42 0b d0 05 3c df 07 df e9 3d
Aug 26 18:33:37.662615: | SIG_I 19 00 43 77 3e d9 f1 e9 15 2f ee 84 6d 29 26 b0
Aug 26 18:33:37.662617: | SIG_I 18 69 f6 a6 7b 5f 3b 9f ab 4c 22 7c d1 0a a1 06
Aug 26 18:33:37.662618: | SIG_I 7f 5b 8b 6f a1 04 56 9c c0 06 c1 1d bb d1 91 db
Aug 26 18:33:37.662620: | SIG_I 72 70 3f 80 d8 63 95 90 14 b8 92 54 f7 b3 01 7b
Aug 26 18:33:37.662622: | SIG_I dc 50 2f 2b a6 1a 77 10 f7 f9 1b bf 4f 59 7a e8
Aug 26 18:33:37.662624: | emitting length of ISAKMP Signature Payload: 388
Aug 26 18:33:37.662626: | Not sending INITIAL_CONTACT
Aug 26 18:33:37.662628: | emitting 7 zero bytes of encryption padding into ISAKMP Message
Aug 26 18:33:37.662630: | no IKEv1 message padding required
Aug 26 18:33:37.662632: | emitting length of ISAKMP Message: 2028
Aug 26 18:33:37.662644: | complete v1 state transition with STF_OK
Aug 26 18:33:37.662649: | [RE]START processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673)
Aug 26 18:33:37.662651: | #3 is idle
Aug 26 18:33:37.662654: | doing_xauth:no, t_xauth_client_done:no
Aug 26 18:33:37.662656: | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Aug 26 18:33:37.662658: | parent state #3: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA)
Aug 26 18:33:37.662660: | event_already_set, deleting event
Aug 26 18:33:37.662662: | state #3 requesting EVENT_CRYPTO_TIMEOUT to be deleted
Aug 26 18:33:37.662666: | libevent_free: release ptr-libevent@0x7fbd0c002888
Aug 26 18:33:37.662669: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7fbd0c002b78
Aug 26 18:33:37.662674: | sending reply packet to 192.1.2.23:500 (from 192.1.3.33:500)
Aug 26 18:33:37.662680: | sending 2028 bytes for STATE_MAIN_I2 through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #3)
Aug 26 18:33:37.662682: | 09 eb 5d d0 b4 d5 55 61 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:37.662684: | 05 10 02 01 00 00 00 00 00 00 07 ec 91 ac f7 d3
Aug 26 18:33:37.662685: | 9c 7e 86 61 20 06 6f 8c 1e 70 3b 00 30 44 74 9c
Aug 26 18:33:37.662687: | 8b 93 b4 41 14 30 0e 69 a3 bf 8a 11 0e d5 8c 5d
Aug 26 18:33:37.662689: | 68 37 cf c8 fd 1c 18 a7 6f c5 e1 f8 c4 bc 7e de
Aug 26 18:33:37.662690: | 1b 8f ef 79 30 62 7d 60 0f 35 9a 4a 46 ea 68 27
Aug 26 18:33:37.662692: | 9b 9a 6a ef 1d 4d 22 bd 41 3b ce 71 a5 ee 65 41
Aug 26 18:33:37.662694: | 61 ed 7c 4c ac d4 16 b1 e7 0c 4d d0 c1 e0 7c 96
Aug 26 18:33:37.662696: | 5c 62 4b 8b 62 38 00 2f f6 d2 ef ab a6 21 01 23
Aug 26 18:33:37.662697: | 22 9a d4 76 62 f7 37 97 91 e9 cd cd a5 a8 b6 92
Aug 26 18:33:37.662699: | e6 d7 cf 31 46 02 ce 6b 59 b6 07 d2 66 51 74 bd
Aug 26 18:33:37.662701: | ec 6c 99 31 0a 5b be 5b 25 68 77 cd 02 a0 81 18
Aug 26 18:33:37.662702: | e5 49 8b 3c a3 12 ca 98 5c e0 3f d9 c6 20 ca 64
Aug 26 18:33:37.662704: | 75 02 64 b4 1a a7 09 89 f8 a3 cf 04 e0 9b 78 4b
Aug 26 18:33:37.662706: | bd 92 15 8a 3f b1 af 03 10 56 86 34 51 a5 0c 17
Aug 26 18:33:37.662708: | ad 65 c5 c3 99 51 e6 99 77 3b cf 1f 47 58 8c 12
Aug 26 18:33:37.662709: | 51 6b 82 e8 d1 dc 29 dc 0c 35 4a 7d 15 8e ef 4f
Aug 26 18:33:37.662711: | b0 32 d0 82 ff e8 d7 0d 70 e9 68 97 c1 47 b9 3e
Aug 26 18:33:37.662713: | 74 8b 33 b4 ca 00 75 10 65 69 99 e7 c4 65 16 1a
Aug 26 18:33:37.662714: | 33 4b 42 ec 67 ff 7e 7c 19 f5 e2 de 38 bf 78 41
Aug 26 18:33:37.662716: | 54 38 47 57 3b d5 06 b4 27 0a 7a 73 87 81 09 06
Aug 26 18:33:37.662718: | f3 68 ea 26 07 e3 a3 49 28 07 1e fb 1d 13 24 c4
Aug 26 18:33:37.662720: | 85 82 7a fd e6 88 d7 a7 38 55 d4 cf 50 ee a2 09
Aug 26 18:33:37.662721: | 5f 68 26 a2 32 73 98 be fc 70 8d 76 c6 18 10 3d
Aug 26 18:33:37.662723: | e4 30 b9 b9 50 1b 5d 4d c0 c0 6f 74 8a 32 a5 84
Aug 26 18:33:37.662725: | 64 78 da e0 ec 04 73 af 7b c0 ee c3 3b 16 53 23
Aug 26 18:33:37.662726: | 6c 8a 50 ca e0 1e 14 9c 72 de 16 a7 a8 17 71 bf
Aug 26 18:33:37.662728: | af 4c c6 73 88 cf 72 9a f1 c2 7e 1b 64 17 e9 df
Aug 26 18:33:37.662731: | d8 ae ad 21 19 fc a4 9b 13 6c d3 2e ad b9 f6 09
Aug 26 18:33:37.662733: | 0d b5 9b 76 2d 41 af 10 36 54 9c b9 28 b7 0e e0
Aug 26 18:33:37.662735: | f1 b1 3f 09 e5 85 26 70 0e b0 40 e4 6d 7c 58 42
Aug 26 18:33:37.662737: | f9 52 60 f4 36 c1 04 d8 3f 7b 74 cd 8e 84 1b 97
Aug 26 18:33:37.662738: | d7 02 04 e7 fa a5 b1 16 3f d1 9e b6 1d ca e5 52
Aug 26 18:33:37.662740: | f2 45 a6 c7 51 89 ca b8 da d4 43 0a 5c 38 6c f8
Aug 26 18:33:37.662742: | 31 d8 5d 82 eb bc 8f 33 dd d3 f9 aa ea a2 ec bb
Aug 26 18:33:37.662744: | 9e 78 73 f6 1a 2b 27 48 39 33 a3 0e c6 ff bc 4c
Aug 26 18:33:37.662745: | 6a b8 b6 27 aa 0d 75 ee 5f 07 3c 46 cf a7 b4 1e
Aug 26 18:33:37.662747: | 0a d4 f6 d9 c8 20 2c e7 fb fa 05 a3 83 80 9a 07
Aug 26 18:33:37.662749: | 65 d0 2f 77 7a 8b 3c e6 03 6b 5a 77 a6 e3 b4 21
Aug 26 18:33:37.662750: | 5a 74 68 4b 6f b1 81 0d 1a c1 1c 81 6e 52 56 bc
Aug 26 18:33:37.662752: | 9a b3 86 bb 95 ae e5 b4 71 d8 e4 7c e4 ee 8e 55
Aug 26 18:33:37.662754: | a9 5d 4a 47 23 40 e6 1b 96 9a a8 ad 12 24 39 c9
Aug 26 18:33:37.662755: | 9d d6 5e c4 05 40 c6 01 d5 17 28 3d a6 41 8a d5
Aug 26 18:33:37.662757: | b9 fc e4 9b 11 93 df 30 9e bf 38 8b bc 64 68 8d
Aug 26 18:33:37.662759: | c0 d1 8c 96 ca 83 69 43 f3 12 6d 64 f2 62 22 80
Aug 26 18:33:37.662761: | fa 82 46 79 76 a7 81 ce 2c 02 8b 6a 0e 47 ab 5e
Aug 26 18:33:37.662762: | e9 41 1a c7 fc 32 ac 65 b5 05 90 0e 4e a3 a2 6b
Aug 26 18:33:37.662764: | 17 e4 49 9b a2 30 ef f9 df c6 f0 34 a3 e7 93 ff
Aug 26 18:33:37.662766: | 69 ca 32 d2 7e 9c 0e d5 2b f3 c2 ef 8d 4f a2 7a
Aug 26 18:33:37.662767: | ea 10 65 c6 a3 18 c2 43 93 d5 48 10 c9 bf 91 50
Aug 26 18:33:37.662769: | c5 34 2d a3 02 81 96 94 28 3d d7 b3 79 25 a5 db
Aug 26 18:33:37.662771: | f9 2e ff de 39 bc 91 95 18 19 aa 70 f4 3e 85 e9
Aug 26 18:33:37.662773: | d4 03 5c a7 c1 8c cd 1c 71 d8 54 e5 72 52 5f 01
Aug 26 18:33:37.662774: | e9 6e ff df 89 c6 40 b6 ef 96 b7 dc 41 1a 40 5d
Aug 26 18:33:37.662776: | 20 bf fa 55 d2 bb cb 7c 5c 42 18 53 14 7f e7 a6
Aug 26 18:33:37.662778: | 03 3b 8b 14 5f f5 9a b0 11 f8 21 84 ae fd 48 f7
Aug 26 18:33:37.662779: | af 7b 39 fe 99 04 59 66 c4 1c dc a5 58 18 72 e3
Aug 26 18:33:37.662781: | c1 3c 72 fc 46 f7 e9 48 72 74 56 fa eb 67 1a d9
Aug 26 18:33:37.662783: | 92 92 20 e8 e8 8a 4f d3 57 c1 77 b3 bb a9 cf a2
Aug 26 18:33:37.662785: | ac 6d 91 24 3a 45 f1 90 68 6d f9 7f 74 c5 78 f2
Aug 26 18:33:37.662786: | 85 c1 2a 53 72 9e ee d9 5b f6 4b 40 a7 3e 55 a6
Aug 26 18:33:37.662788: | 1d a2 89 5e d4 8c 0d c3 0a b0 11 80 9e 6b 3d 36
Aug 26 18:33:37.662790: | 9d 73 fa a5 fc 19 43 f7 80 0f bf af 83 94 b2 b2
Aug 26 18:33:37.662791: | 45 f6 60 9d a7 a2 25 5d 7d 48 ac 84 74 74 2f ac
Aug 26 18:33:37.662793: | cd 1d 17 f4 a9 0b 24 0f aa cb ea 5f 71 e9 3a 4c
Aug 26 18:33:37.662795: | 49 83 e4 4c 59 9b c1 15 79 82 f9 2e c6 69 62 b3
Aug 26 18:33:37.662797: | ae bc f1 02 06 42 21 ef b7 be 96 22 be f4 e2 9d
Aug 26 18:33:37.662798: | 06 8e 7b 36 d4 e0 b2 4f cb ff 4c 14 48 9e e4 42
Aug 26 18:33:37.662800: | 86 58 e0 9c f2 95 45 af c8 62 7b 44 c5 e2 0d fc
Aug 26 18:33:37.662802: | 46 90 c4 6c 9b 0d 36 56 f0 29 33 ec 8e 7a 94 db
Aug 26 18:33:37.662803: | 23 f6 4f f7 0f 5b b0 67 a1 85 07 44 18 e5 12 de
Aug 26 18:33:37.662805: | 13 71 aa 9e 8a 12 0c ef e7 65 e3 93 8f 66 47 15
Aug 26 18:33:37.662807: | af c8 0f d7 85 9d a3 44 47 0a 44 1e 14 03 69 d8
Aug 26 18:33:37.662809: | 15 6d db a7 2d e2 bf 23 47 00 c1 af af ab f1 a8
Aug 26 18:33:37.662810: | ec 90 12 31 5c ef ba 20 70 65 ea b0 3b 4f fa 46
Aug 26 18:33:37.662812: | 42 63 53 e9 89 af 11 85 1b 8c 2a fc 64 aa b0 85
Aug 26 18:33:37.662814: | 6a 53 59 8b 53 59 82 52 53 b6 f6 db 7d 51 bd 57
Aug 26 18:33:37.662815: | 67 f3 e1 1b be d6 6e 7a 6f b1 02 77 99 ad df ea
Aug 26 18:33:37.662817: | 1e b8 8f a7 e3 cc 57 6e 95 d7 4f 45 b7 c8 39 98
Aug 26 18:33:37.662819: | 4b 8b f6 aa 07 02 60 ba 16 c0 b1 a9 8e 8f 5f 37
Aug 26 18:33:37.662823: | 3e 24 fb 1e 97 31 b2 82 6a 43 ec dd ce c9 cc d6
Aug 26 18:33:37.662825: | 9c db 3e b1 d1 7b 1f c6 59 9b f4 df a2 76 af 54
Aug 26 18:33:37.662827: | 84 c5 13 cf a7 e3 5c c6 49 ed bf e3 e2 c4 70 e9
Aug 26 18:33:37.662829: | 9d d2 a2 8b a0 71 74 a4 ae 9a 77 05 67 f8 a9 9e
Aug 26 18:33:37.662830: | d4 12 cd 63 91 27 bb 8c 41 ae d1 a8 35 ee 28 55
Aug 26 18:33:37.662832: | f8 0d ad 38 00 8e 2c e8 1c 64 fc 0d 03 8c 3e 90
Aug 26 18:33:37.662834: | 96 c5 43 a7 a3 0a fc ce f4 35 07 f2 97 94 21 3f
Aug 26 18:33:37.662835: | 25 b3 bf 83 06 d8 a1 91 52 5d cc 0f 03 0a 60 6e
Aug 26 18:33:37.662837: | d3 18 44 27 27 ac 32 26 31 ab 53 46 e9 31 08 2b
Aug 26 18:33:37.662839: | 2b 29 c8 02 56 83 df 63 6e 00 98 e8 04 40 7d f3
Aug 26 18:33:37.662840: | 81 3f fa 45 f5 51 89 f0 29 c9 ec 1b 38 5d 4c 81
Aug 26 18:33:37.662842: | 40 6e 86 ed 91 88 0b 2d df 32 a6 c8 06 a2 07 14
Aug 26 18:33:37.662844: | 63 4b c3 e0 6c e1 14 da c9 f9 e7 02 14 a0 29 ba
Aug 26 18:33:37.662846: | 3d b6 26 e2 a9 9d 50 59 70 90 0c 31 84 92 fa b7
Aug 26 18:33:37.662847: | b3 15 13 ee 3b 4b 20 45 fb 34 80 b1 75 53 74 bf
Aug 26 18:33:37.662849: | f9 cc d1 04 b9 75 71 7c 50 d7 a8 f7 33 79 73 25
Aug 26 18:33:37.662851: | a6 16 c5 fd 93 66 d8 40 39 5e 2f ab 41 4f 78 94
Aug 26 18:33:37.662852: | 38 5e f8 a2 58 65 72 ed 1f 86 fd 3f 9c 37 65 11
Aug 26 18:33:37.662854: | ae f6 8c 5a 3c d2 6b f2 f7 5f 90 75 26 81 16 10
Aug 26 18:33:37.662856: | 75 b9 4e f2 fa 64 15 aa 12 2d 8f b6 9f 0a 63 14
Aug 26 18:33:37.662858: | ee 12 0f da 7f 67 ac 8c ed 0e 33 11 5d 0b 12 3a
Aug 26 18:33:37.662859: | d3 74 73 b9 84 c8 91 13 03 d9 bd d3 60 b0 cd 6e
Aug 26 18:33:37.662861: | 99 70 5a f6 e0 e6 93 db e7 b7 18 28 ec 19 3a e0
Aug 26 18:33:37.662863: | 2e 89 ff 17 f4 51 2b 1f 6a 49 a0 9c 8a bb fc 0d
Aug 26 18:33:37.662864: | ec 31 ba 79 20 04 5b 55 89 ab 4f cd 3e 49 c6 5c
Aug 26 18:33:37.662866: | b2 cb bf 6d 3c 5e 2f 7e 18 9d 94 bd c5 c6 3c ad
Aug 26 18:33:37.662868: | b6 b1 93 46 44 8f 9d 5f 09 de fc 5e 45 3a fa d6
Aug 26 18:33:37.662870: | 6c ff c5 da d9 69 40 56 e1 04 db 92 b8 69 1d 31
Aug 26 18:33:37.662871: | 77 3c 3d 3d 18 a1 33 ec 08 30 9e be 15 02 db 89
Aug 26 18:33:37.662873: | f4 14 34 b3 b5 e9 06 85 a3 a5 27 09 10 3b b8 c6
Aug 26 18:33:37.662875: | bb 6d 18 0f a0 54 d3 bd 4d ab f0 98 d2 18 b7 7e
Aug 26 18:33:37.662876: | 91 69 45 b4 5c af 84 dd 90 77 23 44 ee eb f6 f7
Aug 26 18:33:37.662878: | ed 14 14 f6 09 5d ac 88 60 ef fc 03 e2 0e 5a 09
Aug 26 18:33:37.662880: | 34 84 b1 d0 7a fe f8 36 ad 39 e2 7a 86 f3 a8 05
Aug 26 18:33:37.662882: | 1f 9f 7f e2 01 da 82 b2 51 03 05 4a 8d 4d b9 22
Aug 26 18:33:37.662883: | dd 06 12 2c ad 52 01 cf 33 67 3a d2 d8 fd 0d 5e
Aug 26 18:33:37.662885: | 64 a6 8b 82 5a 3d 21 e5 f3 31 2c e2 3d 50 08 d9
Aug 26 18:33:37.662887: | 34 1e e1 b8 dc 12 d8 6f 66 00 5b 0d 12 0f 96 ed
Aug 26 18:33:37.662888: | c3 ff d6 14 4f 08 0d ee 20 85 78 1c 90 f9 6f 2a
Aug 26 18:33:37.662890: | 40 ed 88 63 9b ad 0b 56 ea 12 42 e6 f5 74 08 fe
Aug 26 18:33:37.662892: | e5 15 cd 31 dc 3d 65 ac 14 35 ab 86 fd 9c 0f 5b
Aug 26 18:33:37.662894: | 92 51 87 cc 96 ef 4b 40 01 94 36 4f 6f e5 a3 e3
Aug 26 18:33:37.662895: | 66 4a 9d 61 98 fe 3d 77 05 11 c8 df 05 8b 4d 8d
Aug 26 18:33:37.662897: | 62 e7 d1 ae e6 65 e9 47 0a 56 dc 5c bd 46 bd f3
Aug 26 18:33:37.662899: | e8 0b b4 0e 5f db 2f 4c 56 d4 3b ad 8d c8 1c 26
Aug 26 18:33:37.662900: | 86 9c 1b 79 c2 71 e3 0a e8 44 b7 b2 ea ae 59 f6
Aug 26 18:33:37.662902: | 38 f3 0a b5 0a 5b f0 e5 3d 1b b4 05
Aug 26 18:33:37.662961: | !event_already_set at reschedule
Aug 26 18:33:37.662969: | event_schedule: new EVENT_RETRANSMIT-pe@0x7fbd0c002b78
Aug 26 18:33:37.662974: | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #3
Aug 26 18:33:37.662978: | libevent_malloc: new ptr-libevent@0x55c66d960ba8 size 128
Aug 26 18:33:37.662985: | #3 STATE_MAIN_I3: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29703.405434
Aug 26 18:33:37.662990: "northnet-eastnet-b" #3: STATE_MAIN_I3: sent MI3, expecting MR3
Aug 26 18:33:37.662994: | modecfg pull: noquirk policy:push not-client
Aug 26 18:33:37.662998: | phase 1 is done, looking for phase 2 to unpend
Aug 26 18:33:37.663002: | resume sending helper answer for #3 suppresed complete_v1_state_transition()
Aug 26 18:33:37.663010: | #3 spent 7.26 milliseconds in resume sending helper answer
Aug 26 18:33:37.663016: | stop processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in resume_handler() at server.c:833)
Aug 26 18:33:37.663020: | libevent_free: release ptr-libevent@0x7fbd00000f48
Aug 26 18:33:37.671008: | spent 0.00462 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
Aug 26 18:33:37.671041: | *received 1884 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500)
Aug 26 18:33:37.671047: | 09 eb 5d d0 b4 d5 55 61 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:37.671051: | 05 10 02 01 00 00 00 00 00 00 07 5c 59 44 f9 52
Aug 26 18:33:37.671054: | d8 71 4d 2c ab 13 7f e4 7f dd 89 ea 7e b4 6e b4
Aug 26 18:33:37.671058: | 82 f7 26 ee fa 97 d0 1d 23 fc e0 dd d0 bc ff 96
Aug 26 18:33:37.671060: | 86 81 96 89 3c 9a f0 24 63 62 1e 53 f0 4a 14 71
Aug 26 18:33:37.671063: | be 2e 83 33 80 70 25 53 d0 ef 48 30 ce 30 10 fc
Aug 26 18:33:37.671066: | 09 93 9e 75 a2 cd cc 29 a4 c9 04 c4 64 3a 65 26
Aug 26 18:33:37.671069: | 9e cb ac 76 cb b6 42 d4 d2 b6 5e 5d 02 08 e2 fa
Aug 26 18:33:37.671072: | e7 bb 90 fd e6 8b 72 ab ea fd 64 a5 08 41 cd f6
Aug 26 18:33:37.671075: | f2 3a 17 6f d9 cb 7d a2 de 7f 68 3e 4e b9 50 34
Aug 26 18:33:37.671078: | 9b 27 55 4c 47 c7 1d 56 c6 33 45 ff 84 43 3c f3
Aug 26 18:33:37.671082: | 5e 41 1f 54 68 7a 66 31 92 bb 8d 82 a8 38 df 5b
Aug 26 18:33:37.671084: | c7 45 b5 de ba 9c 01 0a 83 6a 9f 3f b4 10 62 47
Aug 26 18:33:37.671087: | 19 8b e1 f6 2f e5 7f 64 b6 69 8a c4 94 e5 f0 90
Aug 26 18:33:37.671091: | 37 28 dc e9 5e 3c b9 53 01 fe 4d 8e 48 8b ba a4
Aug 26 18:33:37.671094: | 4d dc e2 3c 48 15 ee b6 7a ac ce 3e f8 91 6b 02
Aug 26 18:33:37.671097: | 7e 76 40 f5 76 be a0 65 ad 3e da 49 fe ac 99 b1
Aug 26 18:33:37.671100: | dd e1 33 d7 1c e5 58 4f 21 c2 f1 37 5a 6c 88 19
Aug 26 18:33:37.671103: | 53 b2 af 49 f6 6d 6a b3 82 73 77 ab 13 8c 15 16
Aug 26 18:33:37.671106: | 55 2f ed f8 2e d5 78 47 a9 6b 48 91 9f 75 91 17
Aug 26 18:33:37.671109: | 2e b5 fd fc ab 49 f2 44 c7 f5 a8 52 d8 79 bc 04
Aug 26 18:33:37.671112: | b5 44 9b 94 f5 80 57 23 dc 35 cd c2 e5 4e 9e 83
Aug 26 18:33:37.671115: | 33 c6 0e 79 1e 2a 38 34 0b cc 02 91 e5 fe c0 71
Aug 26 18:33:37.671118: | bf 55 49 ca 4d e0 12 d9 f2 b3 0d 11 ef 6a 1f c2
Aug 26 18:33:37.671121: | 37 13 5f b5 5e 11 da 77 3b 21 f4 d4 23 32 23 83
Aug 26 18:33:37.671125: | 67 31 77 75 be d4 b6 a6 50 e9 a0 d1 7f d9 17 c5
Aug 26 18:33:37.671128: | 0d 10 2b 0f c2 71 28 1f 53 05 11 df 22 50 fe 30
Aug 26 18:33:37.671131: | 95 de ed fe 6c d1 8d 24 b4 3b 70 01 28 e2 ba 7b
Aug 26 18:33:37.671134: | cb ca c3 ff 6b 45 7c c0 e8 e4 3b ce 4b 45 66 ed
Aug 26 18:33:37.671137: | 0a f5 28 58 50 4c 33 37 96 da 72 73 7a 22 bb 89
Aug 26 18:33:37.671140: | 86 db 09 04 a6 5f 84 da 6e bf 6c ff e7 ca c1 9a
Aug 26 18:33:37.671143: | b4 44 6d 3b 5b b9 f4 7c b5 47 bd b9 97 97 be 0f
Aug 26 18:33:37.671146: | b5 c7 fe 99 e8 06 5b b1 15 9f 4e 3c 68 94 71 3d
Aug 26 18:33:37.671150: | 24 c0 05 7b af 77 3c 26 2e 7c 9b 74 2d e0 bd 66
Aug 26 18:33:37.671153: | e6 ce b2 79 b2 65 b8 16 cb bd 98 8f 12 10 19 0b
Aug 26 18:33:37.671156: | bc e4 93 bb a2 f7 ee 32 27 5a d3 2d 02 bc 23 18
Aug 26 18:33:37.671159: | 57 ad 62 02 e6 e1 09 8f 70 e0 00 84 45 a1 02 e4
Aug 26 18:33:37.671161: | 11 92 95 33 4c 6b 77 d4 83 1c 36 f8 a8 97 ea d0
Aug 26 18:33:37.671164: | 6e 52 c1 ae d7 9b 6d 1d ee 1c 35 19 d2 d5 9c bb
Aug 26 18:33:37.671167: | 86 32 02 38 ea 8b 09 7a 7d ae 1b 52 52 b9 d5 d3
Aug 26 18:33:37.671173: | 55 ba 84 96 12 41 d6 fe 1b f2 f9 1d 69 35 6c 1c
Aug 26 18:33:37.671177: | 57 68 6c 63 53 07 4d a9 99 18 cd 69 cf 94 85 cf
Aug 26 18:33:37.671180: | 86 40 07 43 32 0d 45 b6 4f fd 18 f8 13 fb e8 7e
Aug 26 18:33:37.671183: | 94 84 82 63 0f 69 5e 54 3b 08 29 76 71 0f 60 aa
Aug 26 18:33:37.671186: | 05 95 7e f0 91 85 e6 d7 23 dd ef 9c 08 0f 24 bc
Aug 26 18:33:37.671189: | f6 e1 a4 3c 58 7e b7 c9 b9 10 a3 79 eb 3d cd 06
Aug 26 18:33:37.671192: | 2e 88 29 c0 6a 70 17 96 03 b0 3c 3d f6 8c 01 ae
Aug 26 18:33:37.671195: | ae 25 09 ce 4b fc 60 03 2c e6 95 88 93 34 79 d0
Aug 26 18:33:37.671198: | d9 bc 3c 33 68 83 73 38 b0 0c 11 56 7e 5e df a3
Aug 26 18:33:37.671201: | 51 50 1c 2b b9 ea 20 cb 2d 6f 21 35 8a 3e c1 ef
Aug 26 18:33:37.671203: | e9 d0 58 b3 fc 1b 61 1f a9 ff 36 d2 24 84 2a 9e
Aug 26 18:33:37.671206: | cc 0d 9f 74 4a 3e 0c e6 6f 60 0a 87 c3 fd c7 c7
Aug 26 18:33:37.671209: | 77 12 53 ae aa dd 33 73 1a 19 2f c1 ed 3d 6a 6e
Aug 26 18:33:37.671212: | 67 70 d9 96 4d 15 77 6a ac 67 83 ff 14 be ce eb
Aug 26 18:33:37.671215: | 70 b2 b0 0a 07 9d f4 9d cf d7 d3 ee 5e 30 8b 64
Aug 26 18:33:37.671218: | f8 d9 96 09 2b d2 37 c6 0f 87 de 04 da 88 fe cb
Aug 26 18:33:37.671221: | ed 6e 7d 79 5c 68 6f 46 92 64 b7 94 8a da 50 49
Aug 26 18:33:37.671224: | e4 a1 07 cc 44 51 27 4e e0 5c 16 2e 49 52 0e 32
Aug 26 18:33:37.671226: | 77 a7 6d d0 ce 82 ad 84 ab e5 1c 4d 1e 74 fc 31
Aug 26 18:33:37.671229: | d1 d6 9d d5 b3 1b a0 b9 b6 13 0a 8b c4 07 30 8b
Aug 26 18:33:37.671232: | be 3b 40 62 f6 3a 45 bf 80 8c ed a2 f5 d3 eb 5e
Aug 26 18:33:37.671235: | 78 dd bd 72 9e 3e 2c b5 c1 53 b7 25 2b 8c 17 09
Aug 26 18:33:37.671238: | fc f6 8e 1c 1b a3 f5 3f 6a a7 ca 2d 89 48 64 6f
Aug 26 18:33:37.671241: | 33 4b a8 f2 0e a0 5d 16 c1 dd 37 ab 7b 88 56 c2
Aug 26 18:33:37.671243: | 0a 42 73 b4 72 5e 85 88 c2 b5 c0 29 9b a4 a9 f5
Aug 26 18:33:37.671246: | 4d 11 c4 0e 0b c5 fe 57 d0 1e 83 ea 57 67 77 79
Aug 26 18:33:37.671249: | 30 3d 18 8e b8 f9 b0 2c 11 de a5 ac d2 41 18 c0
Aug 26 18:33:37.671252: | 9a b9 76 e8 b6 11 98 e4 76 4d 1f da 07 6d 03 7c
Aug 26 18:33:37.671255: | 07 24 6d 20 55 c0 91 e8 30 3a bf dc 7d 5d 3c 53
Aug 26 18:33:37.671258: | 01 c6 1c 65 fa 20 5b a6 c6 22 fd 97 43 e9 5b 87
Aug 26 18:33:37.671261: | 95 e9 95 1c c5 71 90 44 35 ca 1c 87 e0 04 80 44
Aug 26 18:33:37.671263: | 3d 98 ef f8 01 3e ae 50 6f 30 ce 0c 08 36 bd a6
Aug 26 18:33:37.671266: | d2 ce 4f dd cd 04 09 13 6b a7 60 a3 47 99 3e c2
Aug 26 18:33:37.671269: | 69 5b a2 06 a5 3b 1a 54 14 5f 73 c1 0f 52 1a 9f
Aug 26 18:33:37.671272: | 17 67 f1 db e0 d0 65 a9 de 02 07 26 64 88 10 c5
Aug 26 18:33:37.671275: | 44 4e a5 ef bb 64 32 f0 93 f4 12 97 57 7d 59 c8
Aug 26 18:33:37.671278: | a4 d2 ba a2 6e 0c 22 b5 89 72 04 cb ab ed 6f 11
Aug 26 18:33:37.671281: | 8e 19 ad f9 43 64 01 ce 5d bc 0c d1 95 95 01 a0
Aug 26 18:33:37.671284: | 61 fd 20 92 7c 89 4f 2a a3 8d d5 88 55 92 b8 77
Aug 26 18:33:37.671287: | 72 76 32 f5 1e a9 1b 26 db eb f8 d1 bc 6f 4e dd
Aug 26 18:33:37.671303: | 17 f0 07 45 53 b2 2a 31 fe f7 cd 0a 4a 64 d9 d5
Aug 26 18:33:37.671306: | 92 f9 39 f6 f2 92 82 63 93 fc 6b fc b2 1a 1f 2f
Aug 26 18:33:37.671309: | b0 8c d9 82 51 e4 ae 84 ac 25 45 0d 67 30 a9 b3
Aug 26 18:33:37.671312: | 2b 5b ea 2a 27 14 38 e1 2b 23 dd 83 02 15 69 8f
Aug 26 18:33:37.671315: | 57 59 03 da 3c dc 29 8d a3 75 7e 88 49 37 93 33
Aug 26 18:33:37.671318: | a0 3b 93 bf 46 60 9a 9e ae de 60 65 df 4d da 05
Aug 26 18:33:37.671321: | 49 e8 42 ca 47 f8 2f b2 a7 7b 3d a3 00 cc 46 80
Aug 26 18:33:37.671324: | 81 92 72 b9 f0 ee 0a 85 e7 e9 c3 ff a4 9f 05 36
Aug 26 18:33:37.671327: | d9 5c 81 2c 24 a3 80 93 7a c9 c3 ea 04 28 bf 72
Aug 26 18:33:37.671329: | a7 2f dc 04 8b 4f fb e0 f3 5e b3 9e 9d 49 33 fd
Aug 26 18:33:37.671332: | d5 9c 6f a6 75 7d c0 9a e0 79 93 86 1c e6 f4 90
Aug 26 18:33:37.671335: | d1 dc 5f 35 4f b3 92 98 23 96 3f 3f 9d ff 91 19
Aug 26 18:33:37.671340: | 63 eb 85 90 07 13 b5 72 3d b9 6e 2c 62 69 77 b0
Aug 26 18:33:37.671344: | eb 7f 14 a8 8b 44 b5 06 ad 03 ae af c9 9c a8 14
Aug 26 18:33:37.671347: | a5 31 39 51 2c 3a 52 ea c8 d2 97 b4 0e ac fd e7
Aug 26 18:33:37.671350: | a7 64 91 fd 46 13 64 8f 50 d7 2f 15 5c f8 e4 1b
Aug 26 18:33:37.671352: | 47 87 9e 62 9b 5c 51 91 06 98 21 a4 b8 41 1f a7
Aug 26 18:33:37.671355: | 77 5c 9a e8 23 b2 e6 5e f4 d4 0a c2 b5 1b 40 b6
Aug 26 18:33:37.671358: | df 64 45 cb f8 50 32 56 fb a3 8b 13 3e 58 cf db
Aug 26 18:33:37.671361: | 84 da b2 8e 8f 3c b1 77 12 01 89 d8 ff 88 32 16
Aug 26 18:33:37.671364: | 6c 1d eb 10 1f 60 9f 17 44 2f 7a 24 15 e1 04 f3
Aug 26 18:33:37.671367: | fc 48 d6 e0 26 17 49 d4 bc 6f ce db cc 1e cc 9b
Aug 26 18:33:37.671370: | cc 95 0f ec 72 0f dc f9 6d e3 8e 36 9e a8 eb 88
Aug 26 18:33:37.671373: | d9 15 67 5c 55 82 7e 0f 79 82 f9 41 12 61 8a 29
Aug 26 18:33:37.671376: | 8b 1b 26 6a 42 dc c8 7e de b3 fe b4 9f 61 7a 3d
Aug 26 18:33:37.671379: | 7b 5b bc 46 dd 54 f9 7b 1a 5d 13 ea 2f bb 36 41
Aug 26 18:33:37.671381: | 7c 67 f2 61 5f b1 15 e3 17 a1 6d ce cd 44 ba 9f
Aug 26 18:33:37.671384: | c4 6c b2 78 c4 f2 f9 56 32 8d 93 13 5a 57 f0 87
Aug 26 18:33:37.671387: | ed 09 c3 61 52 6d 11 c5 8b c6 6c 0c 84 3b f8 89
Aug 26 18:33:37.671390: | 8d 13 78 d4 a7 bd e0 6c 0b 2a 87 86 4b f4 4d e0
Aug 26 18:33:37.671393: | d5 a4 04 3c 98 a4 1c 96 03 38 49 e4 aa 6f 9c e2
Aug 26 18:33:37.671396: | 47 93 d8 ee d2 fa 00 de ae 13 b0 74 6d ef ad 9a
Aug 26 18:33:37.671399: | 17 2f 06 46 d2 7a b6 56 f8 60 af 55 27 ea f9 61
Aug 26 18:33:37.671401: | 8e f6 c4 bb e2 a3 9d 48 b5 ac 54 ec 78 54 a4 d2
Aug 26 18:33:37.671404: | 95 c0 8b 8b 75 8d bb aa 00 ae de 7e c4 67 f8 62
Aug 26 18:33:37.671407: | d6 64 af d6 aa 2c 88 aa 10 0e f6 59 32 ad 2a ec
Aug 26 18:33:37.671410: | 1c 47 05 23 6a 6a 7c 1e 5a 71 ff 33 c4 13 89 93
Aug 26 18:33:37.671413: | 22 36 a3 8d 9f f9 9c d8 ad f1 67 02
Aug 26 18:33:37.671419: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378)
Aug 26 18:33:37.671424: | **parse ISAKMP Message:
Aug 26 18:33:37.671428: | initiator cookie:
Aug 26 18:33:37.671431: | 09 eb 5d d0 b4 d5 55 61
Aug 26 18:33:37.671434: | responder cookie:
Aug 26 18:33:37.671437: | 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:37.671440: | next payload type: ISAKMP_NEXT_ID (0x5)
Aug 26 18:33:37.671444: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:33:37.671447: | exchange type: ISAKMP_XCHG_IDPROT (0x2)
Aug 26 18:33:37.671451: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:33:37.671454: | Message ID: 0 (0x0)
Aug 26 18:33:37.671458: | length: 1884 (0x75c)
Aug 26 18:33:37.671462: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2)
Aug 26 18:33:37.671467: | State DB: found IKEv1 state #3 in MAIN_I3 (find_state_ikev1)
Aug 26 18:33:37.671474: | start processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459)
Aug 26 18:33:37.671477: | #3 is idle
Aug 26 18:33:37.671480: | #3 idle
Aug 26 18:33:37.671485: | received encrypted packet from 192.1.2.23:500
Aug 26 18:33:37.671506: | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x220 opt: 0x20c0
Aug 26 18:33:37.671510: | ***parse ISAKMP Identification Payload:
Aug 26 18:33:37.671514: | next payload type: ISAKMP_NEXT_CERT (0x6)
Aug 26 18:33:37.671517: | length: 191 (0xbf)
Aug 26 18:33:37.671520: | ID type: ID_DER_ASN1_DN (0x9)
Aug 26 18:33:37.671523: | DOI specific A: 0 (0x0)
Aug 26 18:33:37.671526: | DOI specific B: 0 (0x0)
Aug 26 18:33:37.671529: | obj: 30 81 b4 31 0b 30 09 06 03 55 04 06 13 02 43 41
Aug 26 18:33:37.671532: | obj: 31 10 30 0e 06 03 55 04 08 0c 07 4f 6e 74 61 72
Aug 26 18:33:37.671535: | obj: 69 6f 31 10 30 0e 06 03 55 04 07 0c 07 54 6f 72
Aug 26 18:33:37.671538: | obj: 6f 6e 74 6f 31 12 30 10 06 03 55 04 0a 0c 09 4c
Aug 26 18:33:37.671540: | obj: 69 62 72 65 73 77 61 6e 31 18 30 16 06 03 55 04
Aug 26 18:33:37.671545: | obj: 0b 0c 0f 54 65 73 74 20 44 65 70 61 72 74 6d 65
Aug 26 18:33:37.671549: | obj: 6e 74 31 23 30 21 06 03 55 04 03 0c 1a 65 61 73
Aug 26 18:33:37.671552: | obj: 74 2e 74 65 73 74 69 6e 67 2e 6c 69 62 72 65 73
Aug 26 18:33:37.671556: | obj: 77 61 6e 2e 6f 72 67 31 2e 30 2c 06 09 2a 86 48
Aug 26 18:33:37.671559: | obj: 86 f7 0d 01 09 01 16 1f 75 73 65 72 2d 65 61 73
Aug 26 18:33:37.671562: | obj: 74 40 74 65 73 74 69 6e 67 2e 6c 69 62 72 65 73
Aug 26 18:33:37.671565: | obj: 77 61 6e 2e 6f 72 67
Aug 26 18:33:37.671568: | got payload 0x40 (ISAKMP_NEXT_CERT) needed: 0x200 opt: 0x20c0
Aug 26 18:33:37.671571: | ***parse ISAKMP Certificate Payload:
Aug 26 18:33:37.671574: | next payload type: ISAKMP_NEXT_SIG (0x9)
Aug 26 18:33:37.671577: | length: 1265 (0x4f1)
Aug 26 18:33:37.671581: | cert encoding: CERT_X509_SIGNATURE (0x4)
Aug 26 18:33:37.671584: | got payload 0x200 (ISAKMP_NEXT_SIG) needed: 0x200 opt: 0x20c0
Aug 26 18:33:37.671587: | ***parse ISAKMP Signature Payload:
Aug 26 18:33:37.671590: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.671593: | length: 388 (0x184)
Aug 26 18:33:37.671596: | removing 12 bytes of padding
Aug 26 18:33:37.671599: | message 'main_inR3' HASH payload not checked early
Aug 26 18:33:37.671605: | DER ASN1 DN: 30 81 b4 31 0b 30 09 06 03 55 04 06 13 02 43 41
Aug 26 18:33:37.671608: | DER ASN1 DN: 31 10 30 0e 06 03 55 04 08 0c 07 4f 6e 74 61 72
Aug 26 18:33:37.671611: | DER ASN1 DN: 69 6f 31 10 30 0e 06 03 55 04 07 0c 07 54 6f 72
Aug 26 18:33:37.671614: | DER ASN1 DN: 6f 6e 74 6f 31 12 30 10 06 03 55 04 0a 0c 09 4c
Aug 26 18:33:37.671617: | DER ASN1 DN: 69 62 72 65 73 77 61 6e 31 18 30 16 06 03 55 04
Aug 26 18:33:37.671620: | DER ASN1 DN: 0b 0c 0f 54 65 73 74 20 44 65 70 61 72 74 6d 65
Aug 26 18:33:37.671622: | DER ASN1 DN: 6e 74 31 23 30 21 06 03 55 04 03 0c 1a 65 61 73
Aug 26 18:33:37.671625: | DER ASN1 DN: 74 2e 74 65 73 74 69 6e 67 2e 6c 69 62 72 65 73
Aug 26 18:33:37.671628: | DER ASN1 DN: 77 61 6e 2e 6f 72 67 31 2e 30 2c 06 09 2a 86 48
Aug 26 18:33:37.671631: | DER ASN1 DN: 86 f7 0d 01 09 01 16 1f 75 73 65 72 2d 65 61 73
Aug 26 18:33:37.671634: | DER ASN1 DN: 74 40 74 65 73 74 69 6e 67 2e 6c 69 62 72 65 73
Aug 26 18:33:37.671636: | DER ASN1 DN: 77 61 6e 2e 6f 72 67
Aug 26 18:33:37.671647: "northnet-eastnet-b" #3: Peer ID is ID_DER_ASN1_DN: 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org'
Aug 26 18:33:37.671655: | global one-shot timer EVENT_FREE_ROOT_CERTS scheduled in 300 seconds
Aug 26 18:33:37.671663: | #3 spent 0.0075 milliseconds in find_and_verify_certs() calling get_root_certs()
Aug 26 18:33:37.671668: | checking for known CERT payloads
Aug 26 18:33:37.671671: | saving certificate of type 'X509_SIGNATURE'
Aug 26 18:33:37.671739: | decoded cert: E=user-east@testing.libreswan.org,CN=east.testing.libreswan.org,OU=Test Department,O=Libreswan,L=Toronto,ST=Ontario,C=CA
Aug 26 18:33:37.671748: | #3 spent 0.0785 milliseconds in find_and_verify_certs() calling decode_cert_payloads()
Aug 26 18:33:37.671754: | cert_issuer_has_current_crl: looking for a CRL issued by E=testing@libreswan.org,CN=Libreswan test CA for mainca,OU=Test Department,O=Libreswan,L=Toronto,ST=Ontario,C=CA
Aug 26 18:33:37.671857: | #3 spent 0.101 milliseconds in find_and_verify_certs() calling crl_update_check()
Aug 26 18:33:37.671864: | missing or expired CRL
Aug 26 18:33:37.671868: | crl_strict: 0, ocsp: 0, ocsp_strict: 0, ocsp_post: 0
Aug 26 18:33:37.671871: | verify_end_cert trying profile IPsec
Aug 26 18:33:37.672003: | certificate is valid (profile IPsec)
Aug 26 18:33:37.672013: | #3 spent 0.144 milliseconds in find_and_verify_certs() calling verify_end_cert()
Aug 26 18:33:37.672019: "northnet-eastnet-b" #3: certificate verified OK: E=user-east@testing.libreswan.org,CN=east.testing.libreswan.org,OU=Test Department,O=Libreswan,L=Toronto,ST=Ontario,C=CA
Aug 26 18:33:37.672100: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c66d970ef8
Aug 26 18:33:37.672106: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c66d976488
Aug 26 18:33:37.672109: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c66d9762d8
Aug 26 18:33:37.672112: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c66d976128
Aug 26 18:33:37.672114: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x55c66d9532a8
Aug 26 18:33:37.672328: | unreference key: 0x55c66d961a28 C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org cnt 1--
Aug 26 18:33:37.672343: | #3 spent 0.312 milliseconds in decode_certs() calling add_pubkey_from_nss_cert()
Aug 26 18:33:37.672348: | #3 spent 0.692 milliseconds in decode_certs()
Aug 26 18:33:37.672360: | ID_DER_ASN1_DN 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' needs further ID comparison against 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org'
Aug 26 18:33:37.672364: | ID_DER_ASN1_DN 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' matched our ID
Aug 26 18:33:37.672367: | SAN ID matched, updating that.cert
Aug 26 18:33:37.672370: | X509: CERT and ID matches current connection
Aug 26 18:33:37.672410: | required RSA CA is 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:33:37.672421: | checking RSA keyid 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' for match with 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org'
Aug 26 18:33:37.672428: | trusted_ca_nss: trustee A = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:33:37.672433: | trusted_ca_nss: trustor B = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:33:37.672439: | key issuer CA is 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:33:37.672585: | an RSA Sig check passed with *AwEAAbEef [remote certificates]
Aug 26 18:33:37.672592: | #3 spent 0.148 milliseconds in try_all_RSA_keys() trying a pubkey
Aug 26 18:33:37.672596: "northnet-eastnet-b" #3: Authenticated using RSA
Aug 26 18:33:37.672599: | FOR_EACH_CONNECTION_... in ISAKMP_SA_established
Aug 26 18:33:37.672649: | complete v1 state transition with STF_OK
Aug 26 18:33:37.672657: | [RE]START processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673)
Aug 26 18:33:37.672660: | #3 is idle
Aug 26 18:33:37.672662: | doing_xauth:no, t_xauth_client_done:no
Aug 26 18:33:37.672665: | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Aug 26 18:33:37.672668: | parent state #3: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA)
Aug 26 18:33:37.672671: | event_already_set, deleting event
Aug 26 18:33:37.672674: | state #3 requesting EVENT_RETRANSMIT to be deleted
Aug 26 18:33:37.672677: | #3 STATE_MAIN_I4: retransmits: cleared
Aug 26 18:33:37.672682: | libevent_free: release ptr-libevent@0x55c66d960ba8
Aug 26 18:33:37.672685: | free_event_entry: release EVENT_RETRANSMIT-pe@0x7fbd0c002b78
Aug 26 18:33:37.672688: | !event_already_set at reschedule
Aug 26 18:33:37.672692: | event_schedule: new EVENT_SA_REPLACE-pe@0x7fbd0c002b78
Aug 26 18:33:37.672696: | inserting event EVENT_SA_REPLACE, timeout in 2638 seconds for #3
Aug 26 18:33:37.672699: | libevent_malloc: new ptr-libevent@0x7fbd00000f48 size 128
Aug 26 18:33:37.672703: | pstats #3 ikev1.isakmp established
Aug 26 18:33:37.672713: "northnet-eastnet-b" #3: STATE_MAIN_I4: ISAKMP SA established {auth=RSA_SIG cipher=AES_CBC_256 integ=HMAC_SHA2_256 group=MODP2048}
Aug 26 18:33:37.672717: | DPD: dpd_init() called on ISAKMP SA
Aug 26 18:33:37.672719: | DPD: Peer supports Dead Peer Detection
Aug 26 18:33:37.672721: | DPD: not initializing DPD because DPD is disabled locally
Aug 26 18:33:37.672724: | modecfg pull: noquirk policy:push not-client
Aug 26 18:33:37.672726: | phase 1 is done, looking for phase 2 to unpend
Aug 26 18:33:37.672729: | unpending state #3
Aug 26 18:33:37.672735: | creating state object #4 at 0x55c66d96e5f8
Aug 26 18:33:37.672738: | State DB: adding IKEv1 state #4 in UNDEFINED
Aug 26 18:33:37.672742: | pstats #4 ikev1.ipsec started
Aug 26 18:33:37.672745: | duplicating state object #3 "northnet-eastnet-b" as #4 for IPSEC SA
Aug 26 18:33:37.672751: | #4 setting local endpoint to 192.1.3.33:500 from #3.st_localport (in duplicate_state() at state.c:1484)
Aug 26 18:33:37.672756: | in connection_discard for connection northnet-eastnet-b
Aug 26 18:33:37.672762: | suspend processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685)
Aug 26 18:33:37.672768: | start processing: state #4 connection "north-a-dpd" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685)
Aug 26 18:33:37.672775: | child state #4: UNDEFINED(ignore) => QUICK_I1(established CHILD SA)
Aug 26 18:33:37.672783: "north-a-dpd" #4: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#3 msgid:03b37f3e proposal=defaults pfsgroup=MODP2048}
Aug 26 18:33:37.672789: | adding quick_outI1 KE work-order 7 for state #4
Aug 26 18:33:37.672793: | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55c66d954c08
Aug 26 18:33:37.672797: | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #4
Aug 26 18:33:37.672800: | libevent_malloc: new ptr-libevent@0x55c66d974918 size 128
Aug 26 18:33:37.672812: | stop processing: state #4 connection "north-a-dpd" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764)
Aug 26 18:33:37.672817: | resume processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764)
Aug 26 18:33:37.672821: | crypto helper 5 resuming
Aug 26 18:33:37.672821: | unqueuing pending Quick Mode with 192.1.2.23 "north-a-dpd"
Aug 26 18:33:37.672845: | removing pending policy for no connection {0x55c66d9631c8}
Aug 26 18:33:37.672838: | crypto helper 5 starting work-order 7 for state #4
Aug 26 18:33:37.672851: | creating state object #5 at 0x55c66d96fcb8
Aug 26 18:33:37.672855: | crypto helper 5 doing build KE and nonce (quick_outI1 KE); request ID 7
Aug 26 18:33:37.672856: | State DB: adding IKEv1 state #5 in UNDEFINED
Aug 26 18:33:37.672868: | pstats #5 ikev1.ipsec started
Aug 26 18:33:37.672872: | duplicating state object #3 "northnet-eastnet-b" as #5 for IPSEC SA
Aug 26 18:33:37.672878: | #5 setting local endpoint to 192.1.3.33:500 from #3.st_localport (in duplicate_state() at state.c:1484)
Aug 26 18:33:37.672885: | suspend processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685)
Aug 26 18:33:37.672891: | start processing: state #5 connection "northnet-eastnet-b" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685)
Aug 26 18:33:37.672898: | child state #5: UNDEFINED(ignore) => QUICK_I1(established CHILD SA)
Aug 26 18:33:37.672905: "northnet-eastnet-b" #5: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#3 msgid:ee37f542 proposal=defaults pfsgroup=MODP2048}
Aug 26 18:33:37.672910: | adding quick_outI1 KE work-order 8 for state #5
Aug 26 18:33:37.672914: | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7fbd18002b78
Aug 26 18:33:37.672919: | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #5
Aug 26 18:33:37.672922: | libevent_malloc: new ptr-libevent@0x55c66d967ce8 size 128
Aug 26 18:33:37.672934: | stop processing: state #5 connection "northnet-eastnet-b" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764)
Aug 26 18:33:37.672943: | crypto helper 0 resuming
Aug 26 18:33:37.672944: | resume processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764)
Aug 26 18:33:37.672961: | crypto helper 0 starting work-order 8 for state #5
Aug 26 18:33:37.672970: | unqueuing pending Quick Mode with 192.1.2.23 "northnet-eastnet-b"
Aug 26 18:33:37.672978: | crypto helper 0 doing build KE and nonce (quick_outI1 KE); request ID 8
Aug 26 18:33:37.672981: | removing pending policy for no connection {0x55c66d9621c8}
Aug 26 18:33:37.672988: | #3 spent 1.37 milliseconds in process_packet_tail()
Aug 26 18:33:37.672995: | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380)
Aug 26 18:33:37.673002: | stop processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in process_md() at demux.c:382)
Aug 26 18:33:37.673006: | processing: STOP connection NULL (in process_md() at demux.c:383)
Aug 26 18:33:37.673012: | spent 1.96 milliseconds in comm_handle_cb() reading and processing packet
Aug 26 18:33:37.674910: | crypto helper 0 finished build KE and nonce (quick_outI1 KE); request ID 8 time elapsed 0.001931 seconds
Aug 26 18:33:37.674934: | (#5) spent 1.08 milliseconds in crypto helper computing work-order 8: quick_outI1 KE (pcr)
Aug 26 18:33:37.674938: | crypto helper 0 sending results from work-order 8 for state #5 to event queue
Aug 26 18:33:37.674942: | scheduling resume sending helper answer for #5
Aug 26 18:33:37.674946: | libevent_malloc: new ptr-libevent@0x7fbd18006378 size 128
Aug 26 18:33:37.674957: | crypto helper 0 waiting (nothing to do)
Aug 26 18:33:37.674976: | crypto helper 5 finished build KE and nonce (quick_outI1 KE); request ID 7 time elapsed 0.002121 seconds
Aug 26 18:33:37.674985: | (#4) spent 1.04 milliseconds in crypto helper computing work-order 7: quick_outI1 KE (pcr)
Aug 26 18:33:37.674989: | crypto helper 5 sending results from work-order 7 for state #4 to event queue
Aug 26 18:33:37.674992: | scheduling resume sending helper answer for #4
Aug 26 18:33:37.674996: | libevent_malloc: new ptr-libevent@0x7fbd04002888 size 128
Aug 26 18:33:37.675000: | crypto helper 5 waiting (nothing to do)
Aug 26 18:33:37.675098: | processing resume sending helper answer for #5
Aug 26 18:33:37.675115: | start processing: state #5 connection "northnet-eastnet-b" from 192.1.2.23 (in resume_handler() at server.c:797)
Aug 26 18:33:37.675123: | crypto helper 0 replies to request ID 8
Aug 26 18:33:37.675127: | calling continuation function 0x55c66cb6db50
Aug 26 18:33:37.675132: | quick_outI1_continue for #5: calculated ke+nonce, sending I1
Aug 26 18:33:37.675140: | **emit ISAKMP Message:
Aug 26 18:33:37.675145: | initiator cookie:
Aug 26 18:33:37.675148: | 09 eb 5d d0 b4 d5 55 61
Aug 26 18:33:37.675151: | responder cookie:
Aug 26 18:33:37.675155: | 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:37.675160: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.675165: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:33:37.675169: | exchange type: ISAKMP_XCHG_QUICK (0x20)
Aug 26 18:33:37.675173: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:33:37.675181: | Message ID: 3996644674 (0xee37f542)
Aug 26 18:33:37.675186: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Aug 26 18:33:37.675191: | ***emit ISAKMP Hash Payload:
Aug 26 18:33:37.675195: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.675200: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH)
Aug 26 18:33:37.675205: | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:37.675211: | emitting 32 zero bytes of HASH DATA into ISAKMP Hash Payload
Aug 26 18:33:37.675214: | emitting length of ISAKMP Hash Payload: 36
Aug 26 18:33:37.675218: | emitting quick defaults using policy none
Aug 26 18:33:37.675221: | empty esp_info, returning defaults for ENCRYPT
Aug 26 18:33:37.675232: | ***emit ISAKMP Security Association Payload:
Aug 26 18:33:37.675236: | next payload type: ISAKMP_NEXT_NONCE (0xa)
Aug 26 18:33:37.675240: | DOI: ISAKMP_DOI_IPSEC (0x1)
Aug 26 18:33:37.675245: | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE
Aug 26 18:33:37.675250: | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA)
Aug 26 18:33:37.675254: | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:37.675259: | ****emit IPsec DOI SIT:
Aug 26 18:33:37.675262: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
Aug 26 18:33:37.675267: | ikev1_out_sa pcn: 0 has 1 valid proposals
Aug 26 18:33:37.675271: | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 2
Aug 26 18:33:37.675274: | ****emit ISAKMP Proposal Payload:
Aug 26 18:33:37.675278: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.675281: | proposal number: 0 (0x0)
Aug 26 18:33:37.675285: | protocol ID: PROTO_IPSEC_ESP (0x3)
Aug 26 18:33:37.675293: | SPI size: 4 (0x4)
Aug 26 18:33:37.675301: | number of transforms: 2 (0x2)
Aug 26 18:33:37.675306: | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type'
Aug 26 18:33:37.675327: | netlink_get_spi: allocated 0x31a5aad0 for esp.0@192.1.3.33
Aug 26 18:33:37.675333: | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload
Aug 26 18:33:37.675337: | SPI 31 a5 aa d0
Aug 26 18:33:37.675341: | *****emit ISAKMP Transform Payload (ESP):
Aug 26 18:33:37.675345: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:37.675348: | ESP transform number: 0 (0x0)
Aug 26 18:33:37.675352: | ESP transform ID: ESP_AES (0xc)
Aug 26 18:33:37.675357: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type'
Aug 26 18:33:37.675362: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.675365: | af+type: AF+GROUP_DESCRIPTION (0x8003)
Aug 26 18:33:37.675369: | length/value: 14 (0xe)
Aug 26 18:33:37.675373: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:37.675377: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.675379: | af+type: AF+ENCAPSULATION_MODE (0x8004)
Aug 26 18:33:37.675381: | length/value: 1 (0x1)
Aug 26 18:33:37.675383: | [1 is ENCAPSULATION_MODE_TUNNEL]
Aug 26 18:33:37.675385: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.675387: | af+type: AF+SA_LIFE_TYPE (0x8001)
Aug 26 18:33:37.675389: | length/value: 1 (0x1)
Aug 26 18:33:37.675391: | [1 is SA_LIFE_TYPE_SECONDS]
Aug 26 18:33:37.675393: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.675395: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002)
Aug 26 18:33:37.675397: | length/value: 28800 (0x7080)
Aug 26 18:33:37.675399: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.675401: | af+type: AF+AUTH_ALGORITHM (0x8005)
Aug 26 18:33:37.675402: | length/value: 2 (0x2)
Aug 26 18:33:37.675404: | [2 is AUTH_ALGORITHM_HMAC_SHA1]
Aug 26 18:33:37.675406: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.675408: | af+type: AF+KEY_LENGTH (0x8006)
Aug 26 18:33:37.675410: | length/value: 128 (0x80)
Aug 26 18:33:37.675412: | emitting length of ISAKMP Transform Payload (ESP): 32
Aug 26 18:33:37.675414: | *****emit ISAKMP Transform Payload (ESP):
Aug 26 18:33:37.675416: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.675418: | ESP transform number: 1 (0x1)
Aug 26 18:33:37.675419: | ESP transform ID: ESP_3DES (0x3)
Aug 26 18:33:37.675422: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:37.675424: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type'
Aug 26 18:33:37.675426: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.675430: | af+type: AF+GROUP_DESCRIPTION (0x8003)
Aug 26 18:33:37.675432: | length/value: 14 (0xe)
Aug 26 18:33:37.675434: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:37.675436: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.675438: | af+type: AF+ENCAPSULATION_MODE (0x8004)
Aug 26 18:33:37.675439: | length/value: 1 (0x1)
Aug 26 18:33:37.675441: | [1 is ENCAPSULATION_MODE_TUNNEL]
Aug 26 18:33:37.675443: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.675445: | af+type: AF+SA_LIFE_TYPE (0x8001)
Aug 26 18:33:37.675447: | length/value: 1 (0x1)
Aug 26 18:33:37.675448: | [1 is SA_LIFE_TYPE_SECONDS]
Aug 26 18:33:37.675450: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.675452: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002)
Aug 26 18:33:37.675454: | length/value: 28800 (0x7080)
Aug 26 18:33:37.675456: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.675457: | af+type: AF+AUTH_ALGORITHM (0x8005)
Aug 26 18:33:37.675459: | length/value: 2 (0x2)
Aug 26 18:33:37.675461: | [2 is AUTH_ALGORITHM_HMAC_SHA1]
Aug 26 18:33:37.675463: | emitting length of ISAKMP Transform Payload (ESP): 28
Aug 26 18:33:37.675465: | emitting length of ISAKMP Proposal Payload: 72
Aug 26 18:33:37.675467: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0
Aug 26 18:33:37.675469: | emitting length of ISAKMP Security Association Payload: 84
Aug 26 18:33:37.675471: | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0
Aug 26 18:33:37.675474: | ***emit ISAKMP Nonce Payload:
Aug 26 18:33:37.675476: | next payload type: ISAKMP_NEXT_KE (0x4)
Aug 26 18:33:37.675478: | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE
Aug 26 18:33:37.675481: | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE)
Aug 26 18:33:37.675483: | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:37.675485: | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload
Aug 26 18:33:37.675487: | Ni af ce cc 5f 36 ad a0 c5 ef 03 b7 3a be 00 30 ef
Aug 26 18:33:37.675489: | Ni 34 a8 ad cf 6e 49 98 38 be d3 c6 4c 0d 7b a1 e5
Aug 26 18:33:37.675491: | emitting length of ISAKMP Nonce Payload: 36
Aug 26 18:33:37.675494: | ***emit ISAKMP Key Exchange Payload:
Aug 26 18:33:37.675495: | next payload type: ISAKMP_NEXT_ID (0x5)
Aug 26 18:33:37.675498: | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID
Aug 26 18:33:37.675500: | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE)
Aug 26 18:33:37.675502: | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:37.675504: | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload
Aug 26 18:33:37.675506: | keyex value e7 ae 7e b3 c6 0e 1b 61 d1 e3 88 43 17 4e 97 27
Aug 26 18:33:37.675508: | keyex value e7 26 a4 84 11 07 ac b3 9b 0d 42 a8 f9 d2 d2 ed
Aug 26 18:33:37.675510: | keyex value ee f4 5e a1 60 68 20 9f 95 6a ca e4 9e 45 71 d0
Aug 26 18:33:37.675511: | keyex value 59 7c 7d 1a 7c 9c 2a 65 86 3b a5 f9 b7 ec 1a fd
Aug 26 18:33:37.675513: | keyex value 06 21 18 c6 90 dd 17 64 51 a7 6c 19 5e d9 b9 6c
Aug 26 18:33:37.675515: | keyex value 1d be de 27 85 c0 7a c6 92 5b cb cb eb 19 31 cd
Aug 26 18:33:37.675517: | keyex value 87 6d 65 4c 0b 7c c8 22 fe 3d 75 69 84 bd ff 17
Aug 26 18:33:37.675519: | keyex value 6b 28 52 70 ea 4c 26 e3 1f a3 17 76 ff 66 55 ea
Aug 26 18:33:37.675520: | keyex value 2a 2b af f0 5f 73 ab 05 87 51 e9 64 92 4e 5c 48
Aug 26 18:33:37.675522: | keyex value 87 ed b3 67 70 c6 75 be 04 46 90 63 dc 62 7d c3
Aug 26 18:33:37.675524: | keyex value 67 5d e7 27 67 7b 7b 71 a9 20 9b 56 16 fc 26 d0
Aug 26 18:33:37.675527: | keyex value fb c6 99 1d b2 ee 69 5d a0 92 54 67 9b b0 aa 2f
Aug 26 18:33:37.675529: | keyex value b6 d8 ab 64 79 90 8a fd e4 d1 61 3b 7a 6f c0 30
Aug 26 18:33:37.675530: | keyex value 6f ba ad c4 d1 8c 07 29 54 e1 18 f9 78 b4 7b 56
Aug 26 18:33:37.675532: | keyex value 08 e8 11 2b e0 60 47 99 ec ba 6e 73 29 56 1e 5b
Aug 26 18:33:37.675534: | keyex value 3c 57 7a de 79 d1 4c 44 01 f8 d1 8c 95 9a 0b 45
Aug 26 18:33:37.675536: | emitting length of ISAKMP Key Exchange Payload: 260
Aug 26 18:33:37.675538: | ***emit ISAKMP Identification Payload (IPsec DOI):
Aug 26 18:33:37.675540: | next payload type: ISAKMP_NEXT_ID (0x5)
Aug 26 18:33:37.675542: | ID type: ID_IPV4_ADDR_SUBNET (0x4)
Aug 26 18:33:37.675544: | Protocol ID: 0 (0x0)
Aug 26 18:33:37.675546: | port: 0 (0x0)
Aug 26 18:33:37.675548: | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID
Aug 26 18:33:37.675550: | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID)
Aug 26 18:33:37.675552: | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet'
Aug 26 18:33:37.675555: | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI)
Aug 26 18:33:37.675557: | client network c0 00 03 00
Aug 26 18:33:37.675559: | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI)
Aug 26 18:33:37.675561: | client mask ff ff ff 00
Aug 26 18:33:37.675563: | emitting length of ISAKMP Identification Payload (IPsec DOI): 16
Aug 26 18:33:37.675565: | ***emit ISAKMP Identification Payload (IPsec DOI):
Aug 26 18:33:37.675566: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.675568: | ID type: ID_IPV4_ADDR_SUBNET (0x4)
Aug 26 18:33:37.675570: | Protocol ID: 0 (0x0)
Aug 26 18:33:37.675572: | port: 0 (0x0)
Aug 26 18:33:37.675574: | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID)
Aug 26 18:33:37.675576: | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet'
Aug 26 18:33:37.675578: | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI)
Aug 26 18:33:37.675580: | client network c0 00 02 00
Aug 26 18:33:37.675582: | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI)
Aug 26 18:33:37.675584: | client mask ff ff ff 00
Aug 26 18:33:37.675585: | emitting length of ISAKMP Identification Payload (IPsec DOI): 16
Aug 26 18:33:37.675610: | outI1 HASH(1):
Aug 26 18:33:37.675613: | 2c 67 8f 67 70 9c 70 74 bf cd f0 e3 18 87 bc 03
Aug 26 18:33:37.675615: | 5b f7 56 4a 49 b5 cb 6a 2f a9 6b dc 84 fa 9b 8b
Aug 26 18:33:37.675622: | no IKEv1 message padding required
Aug 26 18:33:37.675624: | emitting length of ISAKMP Message: 476
Aug 26 18:33:37.675637: | sending 476 bytes for reply packet from quick_outI1 through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #5)
Aug 26 18:33:37.675640: | 09 eb 5d d0 b4 d5 55 61 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:37.675642: | 08 10 20 01 ee 37 f5 42 00 00 01 dc 91 1e cc 87
Aug 26 18:33:37.675643: | 1c e9 eb 78 92 4d 33 f0 07 35 12 57 1a 4a fb ec
Aug 26 18:33:37.675645: | 44 d7 78 a3 07 07 87 e5 bb a1 3a 0c e0 94 bb 7b
Aug 26 18:33:37.675647: | af 49 59 cd 32 23 09 ca a9 09 3a bc ee d9 51 2f
Aug 26 18:33:37.675648: | 3c c7 07 df 92 a5 23 25 31 5e 74 83 68 54 91 eb
Aug 26 18:33:37.675650: | 4b 09 45 14 3a 2e 98 c2 51 a6 b5 58 6c d2 d5 ba
Aug 26 18:33:37.675652: | 86 2d 24 56 04 5d 6e 4b 78 61 31 cc 64 b3 3d 08
Aug 26 18:33:37.675654: | b5 7d 51 18 99 c7 aa 70 53 8b 40 ae e7 10 f5 21
Aug 26 18:33:37.675655: | ad 8f 53 b9 a1 d2 b2 ac 48 e4 c7 65 bd 46 cd fc
Aug 26 18:33:37.675659: | 83 c1 b4 83 eb 17 ff cc fd 15 6f 64 dc e4 96 7f
Aug 26 18:33:37.675661: | a9 19 11 eb 07 38 ff 47 28 68 f5 a6 df ac 9c f5
Aug 26 18:33:37.675662: | c3 e0 8a 06 cd 53 67 e4 c9 bc 51 48 cf 4a 98 f9
Aug 26 18:33:37.675664: | f3 30 03 ed 0d 5a d1 14 b3 45 47 7e 4a 9a 6c 15
Aug 26 18:33:37.675666: | 1e 3a 70 77 d2 48 d5 45 bf 5a f6 72 c3 10 09 8a
Aug 26 18:33:37.675667: | b1 fc 53 d2 6b 38 6f dd 58 40 e2 b0 5d fd df 57
Aug 26 18:33:37.675669: | 57 79 88 d6 f4 cd 95 59 74 1e 51 e6 c9 8d df a9
Aug 26 18:33:37.675671: | 99 b4 7a a6 1f ac d7 5c 7c b0 80 18 bf b1 28 00
Aug 26 18:33:37.675673: | 47 a1 63 7c 3b 61 f8 99 ff 0d a5 1e ad b8 ff 04
Aug 26 18:33:37.675674: | d6 d2 6c 49 67 91 e4 00 89 c3 ec db 79 b5 11 8f
Aug 26 18:33:37.675676: | 5a 34 59 95 34 9e 81 1d 23 4c 64 d9 50 ca a4 23
Aug 26 18:33:37.675678: | 30 49 f7 7a c0 f1 6a 99 fa 87 57 72 a2 b6 bf 4f
Aug 26 18:33:37.675680: | 25 ba cd 8f 1a 88 b9 8c e2 de 95 af 49 ec f1 72
Aug 26 18:33:37.675681: | 7d e6 62 1e 1c 37 21 35 7b 9c c1 8c de ed e8 a3
Aug 26 18:33:37.675683: | bf 48 bd 3d 32 b5 ec 20 69 d0 f7 82 6b 61 16 0f
Aug 26 18:33:37.675685: | ae da d7 1d 76 bc c6 6d 53 60 fc df d2 a7 fa 7a
Aug 26 18:33:37.675686: | 94 11 20 50 96 81 c1 75 eb 6f a5 12 d2 7b bc d5
Aug 26 18:33:37.675688: | 16 11 e7 65 16 05 4c ae 8c 16 b0 61 5d 0b 66 6b
Aug 26 18:33:37.675690: | 7f be 48 c0 49 3b c1 12 cf 49 46 29 aa 9c 2c ea
Aug 26 18:33:37.675692: | 7f ce cd 07 23 9c c1 e9 8a 53 5e fe
Aug 26 18:33:37.675738: | state #5 requesting EVENT_CRYPTO_TIMEOUT to be deleted
Aug 26 18:33:37.675743: | libevent_free: release ptr-libevent@0x55c66d967ce8
Aug 26 18:33:37.675745: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7fbd18002b78
Aug 26 18:33:37.675748: | event_schedule: new EVENT_RETRANSMIT-pe@0x7fbd18002b78
Aug 26 18:33:37.675752: | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #5
Aug 26 18:33:37.675754: | libevent_malloc: new ptr-libevent@0x55c66d960ba8 size 128
Aug 26 18:33:37.675758: | #5 STATE_QUICK_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29703.418215
Aug 26 18:33:37.675761: | resume sending helper answer for #5 suppresed complete_v1_state_transition()
Aug 26 18:33:37.675766: | #5 spent 0.614 milliseconds in resume sending helper answer
Aug 26 18:33:37.675770: | stop processing: state #5 connection "northnet-eastnet-b" from 192.1.2.23 (in resume_handler() at server.c:833)
Aug 26 18:33:37.675773: | libevent_free: release ptr-libevent@0x7fbd18006378
Aug 26 18:33:37.675775: | processing resume sending helper answer for #4
Aug 26 18:33:37.675779: | start processing: state #4 connection "north-a-dpd" from 192.1.2.23 (in resume_handler() at server.c:797)
Aug 26 18:33:37.675784: | crypto helper 5 replies to request ID 7
Aug 26 18:33:37.675790: | calling continuation function 0x55c66cb6db50
Aug 26 18:33:37.675794: | quick_outI1_continue for #4: calculated ke+nonce, sending I1
Aug 26 18:33:37.675800: | **emit ISAKMP Message:
Aug 26 18:33:37.675803: | initiator cookie:
Aug 26 18:33:37.675806: | 09 eb 5d d0 b4 d5 55 61
Aug 26 18:33:37.675809: | responder cookie:
Aug 26 18:33:37.675812: | 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:37.675816: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.675820: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:33:37.675823: | exchange type: ISAKMP_XCHG_QUICK (0x20)
Aug 26 18:33:37.675826: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:33:37.675830: | Message ID: 62095166 (0x3b37f3e)
Aug 26 18:33:37.675834: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Aug 26 18:33:37.675837: | ***emit ISAKMP Hash Payload:
Aug 26 18:33:37.675841: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.675844: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH)
Aug 26 18:33:37.675848: | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:37.675854: | emitting 32 zero bytes of HASH DATA into ISAKMP Hash Payload
Aug 26 18:33:37.675858: | emitting length of ISAKMP Hash Payload: 36
Aug 26 18:33:37.675861: | emitting quick defaults using policy none
Aug 26 18:33:37.675865: | empty esp_info, returning defaults for ENCRYPT
Aug 26 18:33:37.675870: | ***emit ISAKMP Security Association Payload:
Aug 26 18:33:37.675873: | next payload type: ISAKMP_NEXT_NONCE (0xa)
Aug 26 18:33:37.675876: | DOI: ISAKMP_DOI_IPSEC (0x1)
Aug 26 18:33:37.675880: | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE
Aug 26 18:33:37.675883: | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA)
Aug 26 18:33:37.675887: | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:37.675889: | ****emit IPsec DOI SIT:
Aug 26 18:33:37.675892: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
Aug 26 18:33:37.675896: | ikev1_out_sa pcn: 0 has 1 valid proposals
Aug 26 18:33:37.675899: | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 2
Aug 26 18:33:37.675902: | ****emit ISAKMP Proposal Payload:
Aug 26 18:33:37.675905: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.675908: | proposal number: 0 (0x0)
Aug 26 18:33:37.675911: | protocol ID: PROTO_IPSEC_ESP (0x3)
Aug 26 18:33:37.675914: | SPI size: 4 (0x4)
Aug 26 18:33:37.675917: | number of transforms: 2 (0x2)
Aug 26 18:33:37.675920: | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type'
Aug 26 18:33:37.675934: | netlink_get_spi: allocated 0xc5a95a57 for esp.0@192.1.3.33
Aug 26 18:33:37.675939: | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload
Aug 26 18:33:37.675942: | SPI c5 a9 5a 57
Aug 26 18:33:37.675945: | *****emit ISAKMP Transform Payload (ESP):
Aug 26 18:33:37.675948: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:37.675951: | ESP transform number: 0 (0x0)
Aug 26 18:33:37.675954: | ESP transform ID: ESP_AES (0xc)
Aug 26 18:33:37.675957: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type'
Aug 26 18:33:37.675961: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.675964: | af+type: AF+GROUP_DESCRIPTION (0x8003)
Aug 26 18:33:37.675967: | length/value: 14 (0xe)
Aug 26 18:33:37.675970: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:37.675972: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.675974: | af+type: AF+ENCAPSULATION_MODE (0x8004)
Aug 26 18:33:37.675976: | length/value: 1 (0x1)
Aug 26 18:33:37.675978: | [1 is ENCAPSULATION_MODE_TUNNEL]
Aug 26 18:33:37.675979: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.675981: | af+type: AF+SA_LIFE_TYPE (0x8001)
Aug 26 18:33:37.675983: | length/value: 1 (0x1)
Aug 26 18:33:37.675985: | [1 is SA_LIFE_TYPE_SECONDS]
Aug 26 18:33:37.675987: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.675989: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002)
Aug 26 18:33:37.675990: | length/value: 28800 (0x7080)
Aug 26 18:33:37.675992: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.675994: | af+type: AF+AUTH_ALGORITHM (0x8005)
Aug 26 18:33:37.675996: | length/value: 2 (0x2)
Aug 26 18:33:37.675998: | [2 is AUTH_ALGORITHM_HMAC_SHA1]
Aug 26 18:33:37.676000: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.676001: | af+type: AF+KEY_LENGTH (0x8006)
Aug 26 18:33:37.676003: | length/value: 128 (0x80)
Aug 26 18:33:37.676005: | emitting length of ISAKMP Transform Payload (ESP): 32
Aug 26 18:33:37.676007: | *****emit ISAKMP Transform Payload (ESP):
Aug 26 18:33:37.676009: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.676012: | ESP transform number: 1 (0x1)
Aug 26 18:33:37.676015: | ESP transform ID: ESP_3DES (0x3)
Aug 26 18:33:37.676022: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:37.676025: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type'
Aug 26 18:33:37.676029: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.676031: | af+type: AF+GROUP_DESCRIPTION (0x8003)
Aug 26 18:33:37.676034: | length/value: 14 (0xe)
Aug 26 18:33:37.676037: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:37.676040: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.676044: | af+type: AF+ENCAPSULATION_MODE (0x8004)
Aug 26 18:33:37.676047: | length/value: 1 (0x1)
Aug 26 18:33:37.676050: | [1 is ENCAPSULATION_MODE_TUNNEL]
Aug 26 18:33:37.676053: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.676056: | af+type: AF+SA_LIFE_TYPE (0x8001)
Aug 26 18:33:37.676059: | length/value: 1 (0x1)
Aug 26 18:33:37.676061: | [1 is SA_LIFE_TYPE_SECONDS]
Aug 26 18:33:37.676066: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.676069: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002)
Aug 26 18:33:37.676072: | length/value: 28800 (0x7080)
Aug 26 18:33:37.676075: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.676078: | af+type: AF+AUTH_ALGORITHM (0x8005)
Aug 26 18:33:37.676081: | length/value: 2 (0x2)
Aug 26 18:33:37.676084: | [2 is AUTH_ALGORITHM_HMAC_SHA1]
Aug 26 18:33:37.676087: | emitting length of ISAKMP Transform Payload (ESP): 28
Aug 26 18:33:37.676090: | emitting length of ISAKMP Proposal Payload: 72
Aug 26 18:33:37.676093: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0
Aug 26 18:33:37.676096: | emitting length of ISAKMP Security Association Payload: 84
Aug 26 18:33:37.676099: | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0
Aug 26 18:33:37.676103: | ***emit ISAKMP Nonce Payload:
Aug 26 18:33:37.676106: | next payload type: ISAKMP_NEXT_KE (0x4)
Aug 26 18:33:37.676110: | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE
Aug 26 18:33:37.676113: | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE)
Aug 26 18:33:37.676116: | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:37.676119: | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload
Aug 26 18:33:37.676122: | Ni e6 06 0f 75 0d c3 3c b3 71 fb 30 40 dc 7e a7 e3
Aug 26 18:33:37.676124: | Ni fb 72 45 f7 60 16 e6 b1 f5 1b 14 6a cf bd 52 8f
Aug 26 18:33:37.676127: | emitting length of ISAKMP Nonce Payload: 36
Aug 26 18:33:37.676130: | ***emit ISAKMP Key Exchange Payload:
Aug 26 18:33:37.676133: | next payload type: ISAKMP_NEXT_ID (0x5)
Aug 26 18:33:37.676136: | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID
Aug 26 18:33:37.676140: | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE)
Aug 26 18:33:37.676143: | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:37.676147: | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload
Aug 26 18:33:37.676150: | keyex value 70 66 bf 3e a5 18 87 d5 4d ca a7 05 f2 51 29 80
Aug 26 18:33:37.676153: | keyex value f7 9b 4a cb eb 59 aa 00 da a6 bb a1 cd 01 b0 4f
Aug 26 18:33:37.676155: | keyex value ad 89 00 34 aa 58 70 d0 f5 25 41 b7 52 18 8f 45
Aug 26 18:33:37.676158: | keyex value af 41 e8 79 60 aa 3c cd f6 38 ff aa 8c 00 9e 21
Aug 26 18:33:37.676161: | keyex value ea f3 a3 ca 12 fb da 25 2b 76 33 8e f4 7f 7a a9
Aug 26 18:33:37.676163: | keyex value 23 f7 b6 bd 45 62 27 01 2e 9d d3 57 e8 7c 29 46
Aug 26 18:33:37.676166: | keyex value 54 89 45 81 5d 5a 42 af bf da 1a b1 f4 80 80 d5
Aug 26 18:33:37.676171: | keyex value 8c 0f 8a ee 90 81 fc a6 14 b0 e0 2a 1e 93 d9 55
Aug 26 18:33:37.676174: | keyex value 44 f1 fc 43 33 e7 c8 12 79 10 21 9f e4 df 06 ce
Aug 26 18:33:37.676177: | keyex value 79 34 80 c2 c7 33 71 c6 9d e4 29 29 12 ac b2 8b
Aug 26 18:33:37.676179: | keyex value 98 c5 6b b4 b3 b9 bf 97 78 a7 ab 80 99 f1 e4 13
Aug 26 18:33:37.676182: | keyex value cb e8 1b c8 81 71 a8 eb 9d df 7f 8e 39 c8 07 54
Aug 26 18:33:37.676186: | keyex value c9 a1 97 a7 79 6c cc 7e 36 12 04 46 1f e0 40 4e
Aug 26 18:33:37.676189: | keyex value 4c 15 b0 65 6d a2 c1 e7 b1 c9 ee 53 09 6c 70 98
Aug 26 18:33:37.676192: | keyex value 6c be e0 f7 a6 b3 e3 73 61 de c6 80 3d da 96 24
Aug 26 18:33:37.676195: | keyex value 96 3a cd d7 34 12 55 59 15 52 1a df 53 a9 ff f1
Aug 26 18:33:37.676198: | emitting length of ISAKMP Key Exchange Payload: 260
Aug 26 18:33:37.676202: | ***emit ISAKMP Identification Payload (IPsec DOI):
Aug 26 18:33:37.676205: | next payload type: ISAKMP_NEXT_ID (0x5)
Aug 26 18:33:37.676208: | ID type: ID_IPV4_ADDR_SUBNET (0x4)
Aug 26 18:33:37.676212: | Protocol ID: 0 (0x0)
Aug 26 18:33:37.676215: | port: 0 (0x0)
Aug 26 18:33:37.676218: | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID
Aug 26 18:33:37.676223: | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID)
Aug 26 18:33:37.676227: | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet'
Aug 26 18:33:37.676231: | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI)
Aug 26 18:33:37.676234: | client network c0 00 03 00
Aug 26 18:33:37.676238: | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI)
Aug 26 18:33:37.676241: | client mask ff ff ff 00
Aug 26 18:33:37.676245: | emitting length of ISAKMP Identification Payload (IPsec DOI): 16
Aug 26 18:33:37.676248: | ***emit ISAKMP Identification Payload (IPsec DOI):
Aug 26 18:33:37.676251: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.676255: | ID type: ID_IPV4_ADDR_SUBNET (0x4)
Aug 26 18:33:37.676257: | Protocol ID: 0 (0x0)
Aug 26 18:33:37.676260: | port: 0 (0x0)
Aug 26 18:33:37.676264: | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID)
Aug 26 18:33:37.676268: | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet'
Aug 26 18:33:37.676272: | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI)
Aug 26 18:33:37.676275: | client network c0 00 16 00
Aug 26 18:33:37.676278: | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI)
Aug 26 18:33:37.676282: | client mask ff ff ff 00
Aug 26 18:33:37.676285: | emitting length of ISAKMP Identification Payload (IPsec DOI): 16
Aug 26 18:33:37.676319: | outI1 HASH(1):
Aug 26 18:33:37.676328: | 9d 8c 93 1c ff 2e bc bf ec 8e 51 89 a4 76 b3 c5
Aug 26 18:33:37.676332: | 83 bb f6 33 40 c7 b3 d3 92 d2 91 e1 af 65 de c3
Aug 26 18:33:37.676341: | no IKEv1 message padding required
Aug 26 18:33:37.676345: | emitting length of ISAKMP Message: 476
Aug 26 18:33:37.676359: | sending 476 bytes for reply packet from quick_outI1 through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #4)
Aug 26 18:33:37.676363: | 09 eb 5d d0 b4 d5 55 61 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:37.676366: | 08 10 20 01 03 b3 7f 3e 00 00 01 dc d6 3a 51 b7
Aug 26 18:33:37.676368: | ac 87 90 39 04 25 3d de f1 1d e8 6a 33 e4 70 38
Aug 26 18:33:37.676371: | 02 cb 74 d5 2a 84 a9 ed f3 e7 ed db 02 5b f0 43
Aug 26 18:33:37.676374: | 2e b8 a9 99 83 27 28 f5 d7 31 b7 ec 44 65 41 1e
Aug 26 18:33:37.676377: | 81 0c d6 8d 6c b8 a6 15 90 85 ef 6e e7 72 22 b9
Aug 26 18:33:37.676383: | 58 c7 2d c3 07 f4 f2 0d 9e ee 7d af a2 56 e7 70
Aug 26 18:33:37.676386: | 6c fb 37 91 5d 8b 20 5d 22 3f 2f ca 55 f3 47 c5
Aug 26 18:33:37.676389: | cf 64 62 6c d8 79 e2 00 9d 0b 49 f8 25 27 1a 5e
Aug 26 18:33:37.676392: | dd f3 bd f9 5a 7f 03 4f dc 47 01 c1 5e 94 a2 44
Aug 26 18:33:37.676395: | c0 aa 58 fd 35 3d 22 f0 4d bd 58 93 62 c4 8c 61
Aug 26 18:33:37.676397: | 9e 21 1d a9 ee 08 b0 c0 1d 8e 51 37 e9 49 5c 5f
Aug 26 18:33:37.676400: | d5 c8 bf 4f 88 91 91 d4 1c 41 d6 00 d7 6f 13 dc
Aug 26 18:33:37.676403: | b1 44 e5 a0 28 36 9b 81 cc 6f 6d ea bc c4 9c b5
Aug 26 18:33:37.676406: | d9 b2 5d d5 4a a9 77 94 21 96 74 54 88 b9 ab 75
Aug 26 18:33:37.676409: | 9f db 13 a8 b1 1b e7 15 b8 95 ff f0 1e e8 bb fd
Aug 26 18:33:37.676412: | 6f c4 66 72 cc aa 2b eb 2d 7d 7c e1 a7 06 f6 89
Aug 26 18:33:37.676414: | 89 06 54 6d 31 4c b6 0d 7c ba eb 99 7b 23 cc 22
Aug 26 18:33:37.676417: | ca 5f 8e ee 1d 6f b6 3c ee c5 7a 2d 29 15 39 a1
Aug 26 18:33:37.676419: | d5 a7 6c 8c 29 fe d0 7e 89 48 6e e6 a2 18 f8 56
Aug 26 18:33:37.676421: | f8 ae af 17 dd 4a 20 6c 36 fb 18 e9 8c f5 19 f8
Aug 26 18:33:37.676424: | 26 57 ba 82 a8 e6 0e f0 a6 02 7b b0 88 f6 83 4c
Aug 26 18:33:37.676426: | cf 3b a4 7d 47 7b 19 78 37 32 e7 f3 f9 3c 26 7c
Aug 26 18:33:37.676429: | 02 f9 ee 38 a9 6c b9 ee 54 f2 96 59 47 01 62 71
Aug 26 18:33:37.676432: | 87 5f cd d5 ad 60 8a 1f bd 39 c8 7e f7 7d 55 e2
Aug 26 18:33:37.676435: | 41 41 27 1d a3 8f ac 80 0c 1b c2 e7 7c 0e d7 29
Aug 26 18:33:37.676438: | 2e a7 87 8c 1b c5 34 be 7e 67 1d 1d 19 83 93 3a
Aug 26 18:33:37.676440: | 04 f3 2d 57 0a 3f 51 f0 31 91 dd 40 49 bb 46 9c
Aug 26 18:33:37.676443: | 1a 84 31 94 ae f7 83 36 b0 1e 71 d5 b5 b3 c5 39
Aug 26 18:33:37.676445: | 2a 46 8b 4c 4f e0 ac bb e5 f3 29 07
Aug 26 18:33:37.676473: | state #4 requesting EVENT_CRYPTO_TIMEOUT to be deleted
Aug 26 18:33:37.676479: | libevent_free: release ptr-libevent@0x55c66d974918
Aug 26 18:33:37.676482: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55c66d954c08
Aug 26 18:33:37.676487: | event_schedule: new EVENT_RETRANSMIT-pe@0x55c66d954c08
Aug 26 18:33:37.676491: | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #4
Aug 26 18:33:37.676495: | libevent_malloc: new ptr-libevent@0x7fbd18006378 size 128
Aug 26 18:33:37.676501: | #4 STATE_QUICK_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29703.418953
Aug 26 18:33:37.676506: | resume sending helper answer for #4 suppresed complete_v1_state_transition()
Aug 26 18:33:37.676512: | #4 spent 0.713 milliseconds in resume sending helper answer
Aug 26 18:33:37.676519: | stop processing: state #4 connection "north-a-dpd" from 192.1.2.23 (in resume_handler() at server.c:833)
Aug 26 18:33:37.676523: | libevent_free: release ptr-libevent@0x7fbd04002888
Aug 26 18:33:37.680412: | spent 0.00311 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
Aug 26 18:33:37.680433: | *received 460 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500)
Aug 26 18:33:37.680436: | 09 eb 5d d0 b4 d5 55 61 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:37.680438: | 08 10 20 01 ee 37 f5 42 00 00 01 cc 79 09 0c dd
Aug 26 18:33:37.680440: | 9a 4b 50 4c 3f a9 4c b5 51 65 da 54 78 67 41 a8
Aug 26 18:33:37.680442: | 4d 27 a3 c0 c7 79 48 b0 1e 5d 55 db 6c c3 a3 02
Aug 26 18:33:37.680443: | fc 76 6e 51 0f 60 fd 7c 64 dc 52 85 9c 03 47 8a
Aug 26 18:33:37.680445: | cc cd d3 7e 4c 1e 4b eb f0 5a a1 9a ac d4 b5 1a
Aug 26 18:33:37.680447: | d6 c1 c6 fc a7 d1 76 e7 bb 4c d7 7c 41 cc 46 d5
Aug 26 18:33:37.680448: | 58 bd 39 9a 56 53 0a 6f a1 d6 2c 7f 39 80 cd 00
Aug 26 18:33:37.680450: | 21 d6 78 3d e1 05 ad ec 99 71 62 0c f5 5e e9 26
Aug 26 18:33:37.680452: | 63 9f d7 20 08 22 c5 5e f9 3b 6e 53 32 ba ad 07
Aug 26 18:33:37.680454: | bd b8 cf 7f 56 c1 16 ea 6d 31 68 8e 59 f9 95 ed
Aug 26 18:33:37.680455: | df 33 f6 c7 d2 04 bc 20 32 92 8a ec 25 86 7e 7c
Aug 26 18:33:37.680460: | 08 5a f5 cf 94 39 7f d1 80 fa 53 09 2c 76 9c 37
Aug 26 18:33:37.680462: | ec 90 21 2b b9 7a a4 f7 54 6a 20 39 ef af 11 ba
Aug 26 18:33:37.680463: | 0b d5 5c 38 80 1f 20 e6 f0 e5 b0 29 39 e5 2b e2
Aug 26 18:33:37.680465: | 5d 74 59 1f 55 86 c6 76 da 42 b7 ea f3 3f 28 25
Aug 26 18:33:37.680467: | 4f 60 b8 8c e3 38 dc b2 c9 25 8d 7b 38 3d 72 7f
Aug 26 18:33:37.680468: | 93 7c 2a 93 ee be 93 5b f0 77 90 c8 4a ac 9c 15
Aug 26 18:33:37.680470: | 48 ee 08 61 59 a6 65 3a b3 1b 30 ec 2b 05 c8 9a
Aug 26 18:33:37.680472: | 75 9f fa 42 5f e1 e0 9a b1 54 55 68 36 51 11 91
Aug 26 18:33:37.680474: | 5a a8 c8 4c b6 b8 7d 3c 4a c1 6c 17 8d 08 f0 90
Aug 26 18:33:37.680475: | e8 8a 39 e9 b2 83 f6 92 c5 be 6b 90 a4 89 55 21
Aug 26 18:33:37.680477: | f4 d3 c3 c5 1b 1a e4 c2 ef 4d 4c 84 39 5e 62 c9
Aug 26 18:33:37.680479: | ba 8a 1f d0 5d 05 10 40 d1 b8 6f 64 bd c3 92 ec
Aug 26 18:33:37.680481: | 2e 91 36 0a 9a c4 7e 0e 0b 4b f1 de 66 8a 1c 1b
Aug 26 18:33:37.680482: | 14 7e 32 a2 a4 63 29 2e 86 2d 9c 0c 72 65 93 0b
Aug 26 18:33:37.680484: | 8e 37 25 c7 7e 77 6f 09 04 39 c5 f0 56 16 1f 98
Aug 26 18:33:37.680486: | 4b fe d9 a5 3a 70 6e 13 5b 59 3b 05 cb db 0d bb
Aug 26 18:33:37.680488: | 11 06 32 7a 6e a3 a5 b9 62 66 64 5f
Aug 26 18:33:37.680491: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378)
Aug 26 18:33:37.680494: | **parse ISAKMP Message:
Aug 26 18:33:37.680496: | initiator cookie:
Aug 26 18:33:37.680498: | 09 eb 5d d0 b4 d5 55 61
Aug 26 18:33:37.680500: | responder cookie:
Aug 26 18:33:37.680502: | 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:37.680504: | next payload type: ISAKMP_NEXT_HASH (0x8)
Aug 26 18:33:37.680506: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:33:37.680508: | exchange type: ISAKMP_XCHG_QUICK (0x20)
Aug 26 18:33:37.680510: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:33:37.680512: | Message ID: 3996644674 (0xee37f542)
Aug 26 18:33:37.680514: | length: 460 (0x1cc)
Aug 26 18:33:37.680516: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32)
Aug 26 18:33:37.680520: | State DB: found IKEv1 state #5 in QUICK_I1 (find_state_ikev1)
Aug 26 18:33:37.680524: | start processing: state #5 connection "northnet-eastnet-b" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1633)
Aug 26 18:33:37.680526: | #5 is idle
Aug 26 18:33:37.680528: | #5 idle
Aug 26 18:33:37.680531: | received encrypted packet from 192.1.2.23:500
Aug 26 18:33:37.680545: | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030
Aug 26 18:33:37.680548: | ***parse ISAKMP Hash Payload:
Aug 26 18:33:37.680550: | next payload type: ISAKMP_NEXT_SA (0x1)
Aug 26 18:33:37.680552: | length: 36 (0x24)
Aug 26 18:33:37.680554: | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030
Aug 26 18:33:37.680556: | ***parse ISAKMP Security Association Payload:
Aug 26 18:33:37.680558: | next payload type: ISAKMP_NEXT_NONCE (0xa)
Aug 26 18:33:37.680560: | length: 56 (0x38)
Aug 26 18:33:37.680562: | DOI: ISAKMP_DOI_IPSEC (0x1)
Aug 26 18:33:37.680564: | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030
Aug 26 18:33:37.680566: | ***parse ISAKMP Nonce Payload:
Aug 26 18:33:37.680568: | next payload type: ISAKMP_NEXT_KE (0x4)
Aug 26 18:33:37.680570: | length: 36 (0x24)
Aug 26 18:33:37.680572: | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030
Aug 26 18:33:37.680574: | ***parse ISAKMP Key Exchange Payload:
Aug 26 18:33:37.680576: | next payload type: ISAKMP_NEXT_ID (0x5)
Aug 26 18:33:37.680577: | length: 260 (0x104)
Aug 26 18:33:37.680579: | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030
Aug 26 18:33:37.680581: | ***parse ISAKMP Identification Payload (IPsec DOI):
Aug 26 18:33:37.680583: | next payload type: ISAKMP_NEXT_ID (0x5)
Aug 26 18:33:37.680585: | length: 16 (0x10)
Aug 26 18:33:37.680587: | ID type: ID_IPV4_ADDR_SUBNET (0x4)
Aug 26 18:33:37.680590: | Protocol ID: 0 (0x0)
Aug 26 18:33:37.680592: | port: 0 (0x0)
Aug 26 18:33:37.680594: | obj: c0 00 03 00 ff ff ff 00
Aug 26 18:33:37.680596: | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030
Aug 26 18:33:37.680598: | ***parse ISAKMP Identification Payload (IPsec DOI):
Aug 26 18:33:37.680600: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.680602: | length: 16 (0x10)
Aug 26 18:33:37.680604: | ID type: ID_IPV4_ADDR_SUBNET (0x4)
Aug 26 18:33:37.680605: | Protocol ID: 0 (0x0)
Aug 26 18:33:37.680607: | port: 0 (0x0)
Aug 26 18:33:37.680609: | obj: c0 00 02 00 ff ff ff 00
Aug 26 18:33:37.680611: | removing 12 bytes of padding
Aug 26 18:33:37.680630: | quick_inR1_outI2 HASH(2):
Aug 26 18:33:37.680632: | 9c 6f 2d f9 a2 b3 af d1 2e 3e 86 bc 63 e8 d3 37
Aug 26 18:33:37.680634: | 53 e0 ae 17 08 d2 7d bf 46 ab d0 6a 01 5e 23 02
Aug 26 18:33:37.680636: | received 'quick_inR1_outI2' message HASH(2) data ok
Aug 26 18:33:37.680639: | ****parse IPsec DOI SIT:
Aug 26 18:33:37.680642: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
Aug 26 18:33:37.680644: | ****parse ISAKMP Proposal Payload:
Aug 26 18:33:37.680646: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.680648: | length: 44 (0x2c)
Aug 26 18:33:37.680650: | proposal number: 0 (0x0)
Aug 26 18:33:37.680651: | protocol ID: PROTO_IPSEC_ESP (0x3)
Aug 26 18:33:37.680653: | SPI size: 4 (0x4)
Aug 26 18:33:37.680655: | number of transforms: 1 (0x1)
Aug 26 18:33:37.680657: | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI
Aug 26 18:33:37.680659: | SPI af 15 c4 ab
Aug 26 18:33:37.680662: | *****parse ISAKMP Transform Payload (ESP):
Aug 26 18:33:37.680664: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.680665: | length: 32 (0x20)
Aug 26 18:33:37.680667: | ESP transform number: 0 (0x0)
Aug 26 18:33:37.680669: | ESP transform ID: ESP_AES (0xc)
Aug 26 18:33:37.680672: | ******parse ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.680674: | af+type: AF+GROUP_DESCRIPTION (0x8003)
Aug 26 18:33:37.680676: | length/value: 14 (0xe)
Aug 26 18:33:37.680678: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:37.680680: | ******parse ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.680682: | af+type: AF+ENCAPSULATION_MODE (0x8004)
Aug 26 18:33:37.680684: | length/value: 1 (0x1)
Aug 26 18:33:37.680686: | [1 is ENCAPSULATION_MODE_TUNNEL]
Aug 26 18:33:37.680688: | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none
Aug 26 18:33:37.680690: | ******parse ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.680692: | af+type: AF+SA_LIFE_TYPE (0x8001)
Aug 26 18:33:37.680693: | length/value: 1 (0x1)
Aug 26 18:33:37.680695: | [1 is SA_LIFE_TYPE_SECONDS]
Aug 26 18:33:37.680697: | ******parse ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.680699: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002)
Aug 26 18:33:37.680701: | length/value: 28800 (0x7080)
Aug 26 18:33:37.680703: | ******parse ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.680705: | af+type: AF+AUTH_ALGORITHM (0x8005)
Aug 26 18:33:37.680706: | length/value: 2 (0x2)
Aug 26 18:33:37.680708: | [2 is AUTH_ALGORITHM_HMAC_SHA1]
Aug 26 18:33:37.680710: | ******parse ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.680712: | af+type: AF+KEY_LENGTH (0x8006)
Aug 26 18:33:37.680714: | length/value: 128 (0x80)
Aug 26 18:33:37.680716: | ESP IPsec Transform verified unconditionally; no alg_info to check against
Aug 26 18:33:37.680728: | started looking for secret for C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org->C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org of kind PKK_PSK
Aug 26 18:33:37.680734: | actually looking for secret for C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org->C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org of kind PKK_PSK
Aug 26 18:33:37.680742: | line 0: key type PKK_PSK(C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org) to type PKK_RSA
Aug 26 18:33:37.680745: | line 1: key type PKK_PSK(C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org) to type PKK_RSA
Aug 26 18:33:37.680747: | concluding with best_match=000 best=(nil) (lineno=-1)
Aug 26 18:33:37.680749: | no PreShared Key Found
Aug 26 18:33:37.680752: | adding quick outI2 DH work-order 9 for state #5
Aug 26 18:33:37.680755: | state #5 requesting EVENT_RETRANSMIT to be deleted
Aug 26 18:33:37.680757: | #5 STATE_QUICK_I1: retransmits: cleared
Aug 26 18:33:37.680760: | libevent_free: release ptr-libevent@0x55c66d960ba8
Aug 26 18:33:37.680763: | free_event_entry: release EVENT_RETRANSMIT-pe@0x7fbd18002b78
Aug 26 18:33:37.680765: | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7fbd18002b78
Aug 26 18:33:37.680768: | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #5
Aug 26 18:33:37.680770: | libevent_malloc: new ptr-libevent@0x7fbd04002888 size 128
Aug 26 18:33:37.680778: | complete v1 state transition with STF_SUSPEND
Aug 26 18:33:37.680782: | [RE]START processing: state #5 connection "northnet-eastnet-b" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648)
Aug 26 18:33:37.680784: | suspending state #5 and saving MD
Aug 26 18:33:37.680786: | #5 is busy; has a suspended MD
Aug 26 18:33:37.680790: | #5 spent 0.15 milliseconds in process_packet_tail()
Aug 26 18:33:37.680794: | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380)
Aug 26 18:33:37.680797: | stop processing: state #5 connection "northnet-eastnet-b" from 192.1.2.23 (in process_md() at demux.c:382)
Aug 26 18:33:37.680799: | processing: STOP connection NULL (in process_md() at demux.c:383)
Aug 26 18:33:37.680802: | spent 0.378 milliseconds in comm_handle_cb() reading and processing packet
Aug 26 18:33:37.680817: | crypto helper 2 resuming
Aug 26 18:33:37.680827: | crypto helper 2 starting work-order 9 for state #5
Aug 26 18:33:37.680831: | crypto helper 2 doing compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 9
Aug 26 18:33:37.681182: | spent 0.00191 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
Aug 26 18:33:37.681196: | *received 460 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500)
Aug 26 18:33:37.681199: | 09 eb 5d d0 b4 d5 55 61 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:37.681200: | 08 10 20 01 03 b3 7f 3e 00 00 01 cc 70 f4 64 63
Aug 26 18:33:37.681202: | 98 27 f0 b1 6e ce e3 fa 39 a1 eb 68 5b 3e 88 c6
Aug 26 18:33:37.681204: | a3 20 32 1d b4 c4 5e 87 be 5d 87 b7 f2 e9 20 cf
Aug 26 18:33:37.681206: | 57 45 04 ae b4 f3 73 dc a7 e2 49 18 76 23 ea 68
Aug 26 18:33:37.681207: | c9 0e ed 17 32 b3 48 73 28 d9 32 47 20 9f e3 11
Aug 26 18:33:37.681209: | b8 42 ef 3d aa 69 aa 1f ee ad 4f 3a 50 e7 81 f2
Aug 26 18:33:37.681211: | e5 cb 20 72 fe db 33 ff a1 24 7f 48 70 ea 8b b4
Aug 26 18:33:37.681212: | f8 58 3f b8 ec c6 75 6c cc a9 06 a7 6e 91 a0 36
Aug 26 18:33:37.681214: | 48 89 bf dd 54 45 c1 d0 7a a0 fd b6 52 b5 de 3e
Aug 26 18:33:37.681216: | d5 72 17 cc 82 14 7f 5e 81 b4 a6 61 6a a7 88 04
Aug 26 18:33:37.681217: | d7 c2 4b 55 30 8f 23 42 fc e9 03 9e 67 8e 9f 0c
Aug 26 18:33:37.681219: | e2 6d ef 65 4f 6a b0 40 34 c3 bb ef f4 a3 2d 69
Aug 26 18:33:37.681221: | c2 7f 20 08 fe 54 4f d5 dc 58 3a eb 1b ec ed cd
Aug 26 18:33:37.681223: | e8 3d 36 a3 1a 73 72 87 79 2b a6 eb 3f fa cd a2
Aug 26 18:33:37.681224: | 2f 80 7a ee 7c 98 b1 5b 22 80 7e d5 f5 d4 09 77
Aug 26 18:33:37.681226: | 26 a5 34 df e4 a4 4c af f6 66 ac 5a d5 19 35 7d
Aug 26 18:33:37.681228: | dc b4 60 cf 4b e2 5e 02 ed e7 9b 67 88 e9 74 ec
Aug 26 18:33:37.681229: | c2 18 14 31 10 c3 e4 3e 02 3d 20 2f 90 57 6c 76
Aug 26 18:33:37.681231: | b6 c1 7d 17 c7 95 77 18 c6 5b 85 95 4d 95 f8 45
Aug 26 18:33:37.681235: | 18 84 a2 f4 95 41 5e 4c 71 2a e5 3b ca 35 8a 8a
Aug 26 18:33:37.681237: | 28 79 2a eb b5 d5 52 cc d2 c0 c6 19 9c 82 66 a4
Aug 26 18:33:37.681239: | 51 4a 0e c8 ec d7 f2 21 11 20 62 3a e5 19 73 1f
Aug 26 18:33:37.681241: | 30 f4 62 9d 4e ad b5 53 13 26 f4 47 d8 88 ca 8b
Aug 26 18:33:37.681242: | b6 ad ee 7f 2d 09 8e d9 27 f1 78 cb c0 78 e4 8b
Aug 26 18:33:37.681244: | 36 55 0e f7 0a 1d 5d 7f 99 71 bb 2f 6b 70 70 d5
Aug 26 18:33:37.681246: | 67 fd 0e e1 ae 32 1d bd 77 dc ad 5c d9 ad 89 d4
Aug 26 18:33:37.681247: | 44 cd 78 90 02 15 82 c6 99 a1 d6 28 21 cf 84 40
Aug 26 18:33:37.681249: | a6 c9 c6 d8 a4 e0 f5 e5 22 b9 a1 ac
Aug 26 18:33:37.681252: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378)
Aug 26 18:33:37.681255: | **parse ISAKMP Message:
Aug 26 18:33:37.681257: | initiator cookie:
Aug 26 18:33:37.681259: | 09 eb 5d d0 b4 d5 55 61
Aug 26 18:33:37.681261: | responder cookie:
Aug 26 18:33:37.681262: | 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:37.681264: | next payload type: ISAKMP_NEXT_HASH (0x8)
Aug 26 18:33:37.681266: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:33:37.681268: | exchange type: ISAKMP_XCHG_QUICK (0x20)
Aug 26 18:33:37.681270: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:33:37.681272: | Message ID: 62095166 (0x3b37f3e)
Aug 26 18:33:37.681274: | length: 460 (0x1cc)
Aug 26 18:33:37.681276: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32)
Aug 26 18:33:37.681279: | State DB: found IKEv1 state #4 in QUICK_I1 (find_state_ikev1)
Aug 26 18:33:37.681283: | start processing: state #4 connection "north-a-dpd" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1633)
Aug 26 18:33:37.681285: | #4 is idle
Aug 26 18:33:37.681287: | #4 idle
Aug 26 18:33:37.681303: | received encrypted packet from 192.1.2.23:500
Aug 26 18:33:37.681314: | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502 opt: 0x200030
Aug 26 18:33:37.681318: | ***parse ISAKMP Hash Payload:
Aug 26 18:33:37.681321: | next payload type: ISAKMP_NEXT_SA (0x1)
Aug 26 18:33:37.681324: | length: 36 (0x24)
Aug 26 18:33:37.681327: | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402 opt: 0x200030
Aug 26 18:33:37.681329: | ***parse ISAKMP Security Association Payload:
Aug 26 18:33:37.681332: | next payload type: ISAKMP_NEXT_NONCE (0xa)
Aug 26 18:33:37.681335: | length: 56 (0x38)
Aug 26 18:33:37.681337: | DOI: ISAKMP_DOI_IPSEC (0x1)
Aug 26 18:33:37.681339: | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x200030
Aug 26 18:33:37.681341: | ***parse ISAKMP Nonce Payload:
Aug 26 18:33:37.681343: | next payload type: ISAKMP_NEXT_KE (0x4)
Aug 26 18:33:37.681345: | length: 36 (0x24)
Aug 26 18:33:37.681347: | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x0 opt: 0x200030
Aug 26 18:33:37.681349: | ***parse ISAKMP Key Exchange Payload:
Aug 26 18:33:37.681351: | next payload type: ISAKMP_NEXT_ID (0x5)
Aug 26 18:33:37.681352: | length: 260 (0x104)
Aug 26 18:33:37.681354: | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030
Aug 26 18:33:37.681356: | ***parse ISAKMP Identification Payload (IPsec DOI):
Aug 26 18:33:37.681358: | next payload type: ISAKMP_NEXT_ID (0x5)
Aug 26 18:33:37.681360: | length: 16 (0x10)
Aug 26 18:33:37.681362: | ID type: ID_IPV4_ADDR_SUBNET (0x4)
Aug 26 18:33:37.681363: | Protocol ID: 0 (0x0)
Aug 26 18:33:37.681365: | port: 0 (0x0)
Aug 26 18:33:37.681367: | obj: c0 00 03 00 ff ff ff 00
Aug 26 18:33:37.681369: | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030
Aug 26 18:33:37.681371: | ***parse ISAKMP Identification Payload (IPsec DOI):
Aug 26 18:33:37.681373: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.681375: | length: 16 (0x10)
Aug 26 18:33:37.681376: | ID type: ID_IPV4_ADDR_SUBNET (0x4)
Aug 26 18:33:37.681378: | Protocol ID: 0 (0x0)
Aug 26 18:33:37.681380: | port: 0 (0x0)
Aug 26 18:33:37.681382: | obj: c0 00 16 00 ff ff ff 00
Aug 26 18:33:37.681385: | removing 12 bytes of padding
Aug 26 18:33:37.681406: | quick_inR1_outI2 HASH(2):
Aug 26 18:33:37.681409: | c7 4f 86 e1 ba 6d 0a 52 8f 9f ce e3 91 cb 70 6b
Aug 26 18:33:37.681410: | 66 46 c6 84 8f 68 19 2c b7 10 f5 31 67 bf e9 5f
Aug 26 18:33:37.681413: | received 'quick_inR1_outI2' message HASH(2) data ok
Aug 26 18:33:37.681416: | ****parse IPsec DOI SIT:
Aug 26 18:33:37.681418: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
Aug 26 18:33:37.681420: | ****parse ISAKMP Proposal Payload:
Aug 26 18:33:37.681422: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.681424: | length: 44 (0x2c)
Aug 26 18:33:37.681426: | proposal number: 0 (0x0)
Aug 26 18:33:37.681428: | protocol ID: PROTO_IPSEC_ESP (0x3)
Aug 26 18:33:37.681429: | SPI size: 4 (0x4)
Aug 26 18:33:37.681431: | number of transforms: 1 (0x1)
Aug 26 18:33:37.681433: | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI
Aug 26 18:33:37.681435: | SPI 8e ba 5c d1
Aug 26 18:33:37.681438: | *****parse ISAKMP Transform Payload (ESP):
Aug 26 18:33:37.681439: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.681441: | length: 32 (0x20)
Aug 26 18:33:37.681443: | ESP transform number: 0 (0x0)
Aug 26 18:33:37.681445: | ESP transform ID: ESP_AES (0xc)
Aug 26 18:33:37.681447: | ******parse ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.681449: | af+type: AF+GROUP_DESCRIPTION (0x8003)
Aug 26 18:33:37.681451: | length/value: 14 (0xe)
Aug 26 18:33:37.681453: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:37.681455: | ******parse ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.681457: | af+type: AF+ENCAPSULATION_MODE (0x8004)
Aug 26 18:33:37.681459: | length/value: 1 (0x1)
Aug 26 18:33:37.681461: | [1 is ENCAPSULATION_MODE_TUNNEL]
Aug 26 18:33:37.681463: | NAT-T non-encap: Installing IPsec SA without ENCAP, st->hidden_variables.st_nat_traversal is none
Aug 26 18:33:37.681465: | ******parse ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.681467: | af+type: AF+SA_LIFE_TYPE (0x8001)
Aug 26 18:33:37.681469: | length/value: 1 (0x1)
Aug 26 18:33:37.681471: | [1 is SA_LIFE_TYPE_SECONDS]
Aug 26 18:33:37.681472: | ******parse ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.681474: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002)
Aug 26 18:33:37.681476: | length/value: 28800 (0x7080)
Aug 26 18:33:37.681478: | ******parse ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.681480: | af+type: AF+AUTH_ALGORITHM (0x8005)
Aug 26 18:33:37.681482: | length/value: 2 (0x2)
Aug 26 18:33:37.681484: | [2 is AUTH_ALGORITHM_HMAC_SHA1]
Aug 26 18:33:37.681486: | ******parse ISAKMP IPsec DOI attribute:
Aug 26 18:33:37.681488: | af+type: AF+KEY_LENGTH (0x8006)
Aug 26 18:33:37.681489: | length/value: 128 (0x80)
Aug 26 18:33:37.681491: | ESP IPsec Transform verified unconditionally; no alg_info to check against
Aug 26 18:33:37.681502: | started looking for secret for C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org->C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org of kind PKK_PSK
Aug 26 18:33:37.681502: | crypto helper 2 finished compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 9 time elapsed 0.00067 seconds
Aug 26 18:33:37.681507: | actually looking for secret for C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org->C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org of kind PKK_PSK
Aug 26 18:33:37.681510: | (#5) spent 0.655 milliseconds in crypto helper computing work-order 9: quick outI2 DH (pcr)
Aug 26 18:33:37.681513: | crypto helper 2 sending results from work-order 9 for state #5 to event queue
Aug 26 18:33:37.681514: | line 0: key type PKK_PSK(C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org) to type PKK_RSA
Aug 26 18:33:37.681523: | line 1: key type PKK_PSK(C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org) to type PKK_RSA
Aug 26 18:33:37.681526: | concluding with best_match=000 best=(nil) (lineno=-1)
Aug 26 18:33:37.681528: | no PreShared Key Found
Aug 26 18:33:37.681531: | adding quick outI2 DH work-order 10 for state #4
Aug 26 18:33:37.681534: | state #4 requesting EVENT_RETRANSMIT to be deleted
Aug 26 18:33:37.681536: | #4 STATE_QUICK_I1: retransmits: cleared
Aug 26 18:33:37.681539: | libevent_free: release ptr-libevent@0x7fbd18006378
Aug 26 18:33:37.681541: | free_event_entry: release EVENT_RETRANSMIT-pe@0x55c66d954c08
Aug 26 18:33:37.681543: | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55c66d954c08
Aug 26 18:33:37.681546: | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #4
Aug 26 18:33:37.681548: | libevent_malloc: new ptr-libevent@0x55c66d974918 size 128
Aug 26 18:33:37.681516: | scheduling resume sending helper answer for #5
Aug 26 18:33:37.681554: | complete v1 state transition with STF_SUSPEND
Aug 26 18:33:37.681563: | crypto helper 4 resuming
Aug 26 18:33:37.681578: | [RE]START processing: state #4 connection "north-a-dpd" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648)
Aug 26 18:33:37.681583: | crypto helper 4 starting work-order 10 for state #4
Aug 26 18:33:37.681583: | suspending state #4 and saving MD
Aug 26 18:33:37.681591: | #4 is busy; has a suspended MD
Aug 26 18:33:37.681591: | crypto helper 4 doing compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 10
Aug 26 18:33:37.681600: | #4 spent 0.176 milliseconds in process_packet_tail()
Aug 26 18:33:37.681605: | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380)
Aug 26 18:33:37.681610: | stop processing: state #4 connection "north-a-dpd" from 192.1.2.23 (in process_md() at demux.c:382)
Aug 26 18:33:37.681614: | processing: STOP connection NULL (in process_md() at demux.c:383)
Aug 26 18:33:37.681566: | libevent_malloc: new ptr-libevent@0x7fbd10000e98 size 128
Aug 26 18:33:37.681619: | spent 0.415 milliseconds in comm_handle_cb() reading and processing packet
Aug 26 18:33:37.681630: | crypto helper 2 waiting (nothing to do)
Aug 26 18:33:37.681636: | processing resume sending helper answer for #5
Aug 26 18:33:37.681642: | start processing: state #5 connection "northnet-eastnet-b" from 192.1.2.23 (in resume_handler() at server.c:797)
Aug 26 18:33:37.681647: | crypto helper 2 replies to request ID 9
Aug 26 18:33:37.681650: | calling continuation function 0x55c66cb6db50
Aug 26 18:33:37.681653: | quick_inR1_outI2_continue for #5: calculated ke+nonce, calculating DH
Aug 26 18:33:37.681658: | **emit ISAKMP Message:
Aug 26 18:33:37.681662: | initiator cookie:
Aug 26 18:33:37.681664: | 09 eb 5d d0 b4 d5 55 61
Aug 26 18:33:37.681667: | responder cookie:
Aug 26 18:33:37.681670: | 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:37.681673: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.681676: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:33:37.681680: | exchange type: ISAKMP_XCHG_QUICK (0x20)
Aug 26 18:33:37.681683: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:33:37.681686: | Message ID: 3996644674 (0xee37f542)
Aug 26 18:33:37.681689: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Aug 26 18:33:37.681694: | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address
Aug 26 18:33:37.681697: | ID address c0 00 03 00
Aug 26 18:33:37.681700: | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask
Aug 26 18:33:37.681703: | ID mask ff ff ff 00
Aug 26 18:33:37.681708: | our client is subnet 192.0.3.0/24
Aug 26 18:33:37.681711: | our client protocol/port is 0/0
Aug 26 18:33:37.681714: | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address
Aug 26 18:33:37.681717: | ID address c0 00 02 00
Aug 26 18:33:37.681720: | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask
Aug 26 18:33:37.681726: | ID mask ff ff ff 00
Aug 26 18:33:37.681731: | peer client is subnet 192.0.2.0/24
Aug 26 18:33:37.681734: | peer client protocol/port is 0/0
Aug 26 18:33:37.681737: | ***emit ISAKMP Hash Payload:
Aug 26 18:33:37.681740: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.681744: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH)
Aug 26 18:33:37.681747: | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:37.681751: | emitting 32 zero bytes of HASH DATA into ISAKMP Hash Payload
Aug 26 18:33:37.681754: | emitting length of ISAKMP Hash Payload: 36
Aug 26 18:33:37.681778: | quick_inR1_outI2 HASH(3):
Aug 26 18:33:37.681782: | cb 6f 24 64 01 f3 75 9c 71 e5 86 da 1e 59 a1 ab
Aug 26 18:33:37.681785: | b8 87 55 63 76 9a ec 4f 30 a8 e6 bc 02 40 63 a6
Aug 26 18:33:37.681789: | compute_proto_keymat: needed_len (after ESP enc)=16
Aug 26 18:33:37.681791: | compute_proto_keymat: needed_len (after ESP auth)=36
Aug 26 18:33:37.681908: | install_ipsec_sa() for #5: inbound and outbound
Aug 26 18:33:37.681913: | could_route called for northnet-eastnet-b (kind=CK_PERMANENT)
Aug 26 18:33:37.681916: | FOR_EACH_CONNECTION_... in route_owner
Aug 26 18:33:37.681920: | conn northnet-eastnet-b mark 0/00000000, 0/00000000 vs
Aug 26 18:33:37.681923: | conn north-a-dpd mark 0/00000000, 0/00000000
Aug 26 18:33:37.681927: | conn northnet-eastnet-b mark 0/00000000, 0/00000000 vs
Aug 26 18:33:37.681930: | conn northnet-eastnet-b mark 0/00000000, 0/00000000
Aug 26 18:33:37.681935: | route owner of "northnet-eastnet-b" unrouted: NULL; eroute owner: NULL
Aug 26 18:33:37.681938: | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96
Aug 26 18:33:37.681942: | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12
Aug 26 18:33:37.681945: | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20
Aug 26 18:33:37.681950: | setting IPsec SA replay-window to 32
Aug 26 18:33:37.681953: | NIC esp-hw-offload not for connection 'northnet-eastnet-b' not available on interface eth1
Aug 26 18:33:37.681957: | netlink: enabling tunnel mode
Aug 26 18:33:37.681961: | netlink: setting IPsec SA replay-window to 32 using old-style req
Aug 26 18:33:37.681964: | netlink: esp-hw-offload not set for IPsec SA
Aug 26 18:33:37.682028: | netlink response for Add SA esp.af15c4ab@192.1.2.23 included non-error error
Aug 26 18:33:37.682033: | set up outgoing SA, ref=0/0
Aug 26 18:33:37.682036: | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96
Aug 26 18:33:37.682040: | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12
Aug 26 18:33:37.682043: | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20
Aug 26 18:33:37.682047: | setting IPsec SA replay-window to 32
Aug 26 18:33:37.682050: | NIC esp-hw-offload not for connection 'northnet-eastnet-b' not available on interface eth1
Aug 26 18:33:37.682054: | netlink: enabling tunnel mode
Aug 26 18:33:37.682057: | netlink: setting IPsec SA replay-window to 32 using old-style req
Aug 26 18:33:37.682060: | netlink: esp-hw-offload not set for IPsec SA
Aug 26 18:33:37.682096: | netlink response for Add SA esp.31a5aad0@192.1.3.33 included non-error error
Aug 26 18:33:37.682101: | priority calculation of connection "northnet-eastnet-b" is 0xfe7e7
Aug 26 18:33:37.682109: | add inbound eroute 192.0.2.0/24:0 --0-> 192.0.3.0/24:0 => tun.10000@192.1.3.33 (raw_eroute)
Aug 26 18:33:37.682113: | IPsec Sa SPD priority set to 1042407
Aug 26 18:33:37.682137: | raw_eroute result=success
Aug 26 18:33:37.682141: | set up incoming SA, ref=0/0
Aug 26 18:33:37.682144: | sr for #5: unrouted
Aug 26 18:33:37.682148: | route_and_eroute() for proto 0, and source port 0 dest port 0
Aug 26 18:33:37.682151: | FOR_EACH_CONNECTION_... in route_owner
Aug 26 18:33:37.682154: | conn northnet-eastnet-b mark 0/00000000, 0/00000000 vs
Aug 26 18:33:37.682157: | conn north-a-dpd mark 0/00000000, 0/00000000
Aug 26 18:33:37.682163: | conn northnet-eastnet-b mark 0/00000000, 0/00000000 vs
Aug 26 18:33:37.682166: | conn northnet-eastnet-b mark 0/00000000, 0/00000000
Aug 26 18:33:37.682170: | route owner of "northnet-eastnet-b" unrouted: NULL; eroute owner: NULL
Aug 26 18:33:37.682174: | route_and_eroute with c: northnet-eastnet-b (next: none) ero:null esr:{(nil)} ro:null rosr:{(nil)} and state: #5
Aug 26 18:33:37.682178: | priority calculation of connection "northnet-eastnet-b" is 0xfe7e7
Aug 26 18:33:37.682186: | eroute_connection add eroute 192.0.3.0/24:0 --0-> 192.0.2.0/24:0 => tun.0@192.1.2.23 (raw_eroute)
Aug 26 18:33:37.682189: | IPsec Sa SPD priority set to 1042407
Aug 26 18:33:37.682203: | raw_eroute result=success
Aug 26 18:33:37.682207: | running updown command "ipsec _updown" for verb up
Aug 26 18:33:37.682210: | command executing up-client
Aug 26 18:33:37.682242: | trusted_ca_nss: trustee A = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:33:37.682249: | trusted_ca_nss: trustor B = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:33:37.682270: | executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='northnet-eastnet-b' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.3.254' PLUTO_ME='192.1.3.33' PLUTO_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org' PLUTO_MY_CLIENT='192.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16392' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='RSASI
Aug 26 18:33:37.682274: | popen cmd is 1403 chars long
Aug 26 18:33:37.682277: | cmd( 0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='northnet-eastnet-b':
Aug 26 18:33:37.682281: | cmd( 80): PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.3.254' PLUTO_ME='192.1.3.33' PLUTO:
Aug 26 18:33:37.682284: | cmd( 160):_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.t:
Aug 26 18:33:37.682287: | cmd( 240):esting.libreswan.org, E=user-north@testing.libreswan.org' PLUTO_MY_CLIENT='192.0:
Aug 26 18:33:37.682303: | cmd( 320):.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PL:
Aug 26 18:33:37.682307: | cmd( 400):UTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16392' PLUTO_SA_TYPE='ESP':
Aug 26 18:33:37.682310: | cmd( 480): PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan:
Aug 26 18:33:37.682313: | cmd( 560):, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libresw:
Aug 26 18:33:37.682316: | cmd( 640):an.org' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO:
Aug 26 18:33:37.682319: | cmd( 720):_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PL:
Aug 26 18:33:37.682322: | cmd( 800):UTO_PEER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Li:
Aug 26 18:33:37.682326: | cmd( 880):breswan test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='netkey' PLUTO_:
Aug 26 18:33:37.682329: | cmd( 960):ADDTIME='0' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TR:
Aug 26 18:33:37.682332: | cmd(1040):ACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY=:
Aug 26 18:33:37.682335: | cmd(1120):'ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_:
Aug 26 18:33:37.682340: | cmd(1200):DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PL:
Aug 26 18:33:37.682343: | cmd(1280):UTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xaf1:
Aug 26 18:33:37.682346: | cmd(1360):5c4ab SPI_OUT=0x31a5aad0 ipsec _updown 2>&1:
Aug 26 18:33:37.682853: | crypto helper 4 finished compute dh (V1 Phase 2 PFS) (quick outI2 DH); request ID 10 time elapsed 0.001262 seconds
Aug 26 18:33:37.682867: | (#4) spent 1.08 milliseconds in crypto helper computing work-order 10: quick outI2 DH (pcr)
Aug 26 18:33:37.682873: | crypto helper 4 sending results from work-order 10 for state #4 to event queue
Aug 26 18:33:37.682879: | scheduling resume sending helper answer for #4
Aug 26 18:33:37.682882: | libevent_malloc: new ptr-libevent@0x7fbd14003e78 size 128
Aug 26 18:33:37.682904: | crypto helper 4 waiting (nothing to do)
Aug 26 18:33:37.694934: | route_and_eroute: firewall_notified: true
Aug 26 18:33:37.694948: | running updown command "ipsec _updown" for verb prepare
Aug 26 18:33:37.694950: | command executing prepare-client
Aug 26 18:33:37.694972: | trusted_ca_nss: trustee A = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:33:37.694976: | trusted_ca_nss: trustor B = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:33:37.694989: | executing prepare-client: PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='northnet-eastnet-b' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.3.254' PLUTO_ME='192.1.3.33' PLUTO_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org' PLUTO_MY_CLIENT='192.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16392' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POL
Aug 26 18:33:37.694991: | popen cmd is 1408 chars long
Aug 26 18:33:37.694993: | cmd( 0):PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='northnet-eastn:
Aug 26 18:33:37.694995: | cmd( 80):et-b' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.3.254' PLUTO_ME='192.1.3.33' :
Aug 26 18:33:37.694997: | cmd( 160):PLUTO_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=no:
Aug 26 18:33:37.694998: | cmd( 240):rth.testing.libreswan.org, E=user-north@testing.libreswan.org' PLUTO_MY_CLIENT=':
Aug 26 18:33:37.695000: | cmd( 320):192.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.:
Aug 26 18:33:37.695002: | cmd( 400):0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16392' PLUTO_SA_TYPE=:
Aug 26 18:33:37.695003: | cmd( 480):'ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libr:
Aug 26 18:33:37.695005: | cmd( 560):eswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.li:
Aug 26 18:33:37.695006: | cmd( 640):breswan.org' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' :
Aug 26 18:33:37.695008: | cmd( 720):PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL=':
Aug 26 18:33:37.695010: | cmd( 800):0' PLUTO_PEER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, :
Aug 26 18:33:37.695011: | cmd( 880):CN=Libreswan test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='netkey' P:
Aug 26 18:33:37.695013: | cmd( 960):LUTO_ADDTIME='0' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAR:
Aug 26 18:33:37.695017: | cmd(1040):EF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFA:
Aug 26 18:33:37.695019: | cmd(1120):MILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_:
Aug 26 18:33:37.695020: | cmd(1200):PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT=':
Aug 26 18:33:37.695022: | cmd(1280):0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=:
Aug 26 18:33:37.695023: | cmd(1360):0xaf15c4ab SPI_OUT=0x31a5aad0 ipsec _updown 2>&1:
Aug 26 18:33:37.706059: | running updown command "ipsec _updown" for verb route
Aug 26 18:33:37.706073: | command executing route-client
Aug 26 18:33:37.706095: | trusted_ca_nss: trustee A = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:33:37.706100: | trusted_ca_nss: trustor B = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:33:37.706114: | executing route-client: PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='northnet-eastnet-b' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.3.254' PLUTO_ME='192.1.3.33' PLUTO_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org' PLUTO_MY_CLIENT='192.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16392' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY=
Aug 26 18:33:37.706117: | popen cmd is 1406 chars long
Aug 26 18:33:37.706119: | cmd( 0):PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='northnet-eastnet:
Aug 26 18:33:37.706121: | cmd( 80):-b' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.3.254' PLUTO_ME='192.1.3.33' PL:
Aug 26 18:33:37.706123: | cmd( 160):UTO_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=nort:
Aug 26 18:33:37.706124: | cmd( 240):h.testing.libreswan.org, E=user-north@testing.libreswan.org' PLUTO_MY_CLIENT='19:
Aug 26 18:33:37.706126: | cmd( 320):2.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0':
Aug 26 18:33:37.706128: | cmd( 400): PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16392' PLUTO_SA_TYPE='E:
Aug 26 18:33:37.706129: | cmd( 480):SP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libres:
Aug 26 18:33:37.706131: | cmd( 560):wan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libr:
Aug 26 18:33:37.706133: | cmd( 640):eswan.org' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PL:
Aug 26 18:33:37.706134: | cmd( 720):UTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0':
Aug 26 18:33:37.706136: | cmd( 800): PLUTO_PEER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN:
Aug 26 18:33:37.706138: | cmd( 880):=Libreswan test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='netkey' PLU:
Aug 26 18:33:37.706139: | cmd( 960):TO_ADDTIME='0' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF:
Aug 26 18:33:37.706141: | cmd(1040):_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMI:
Aug 26 18:33:37.706143: | cmd(1120):LY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PE:
Aug 26 18:33:37.706144: | cmd(1200):ER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0':
Aug 26 18:33:37.706146: | cmd(1280): PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x:
Aug 26 18:33:37.706150: | cmd(1360):af15c4ab SPI_OUT=0x31a5aad0 ipsec _updown 2>&1:
Aug 26 18:33:37.717545: | route_and_eroute: instance "northnet-eastnet-b", setting eroute_owner {spd=0x55c66d954fb8,sr=0x55c66d954fb8} to #5 (was #0) (newest_ipsec_sa=#0)
Aug 26 18:33:37.717612: | #3 spent 2.09 milliseconds in install_ipsec_sa()
Aug 26 18:33:37.717641: | emitting 12 zero bytes of encryption padding into ISAKMP Message
Aug 26 18:33:37.717645: | no IKEv1 message padding required
Aug 26 18:33:37.717647: | emitting length of ISAKMP Message: 76
Aug 26 18:33:37.717698: | inR1_outI2: instance northnet-eastnet-b[0], setting IKEv1 newest_ipsec_sa to #5 (was #0) (spd.eroute=#5) cloned from #3
Aug 26 18:33:37.717705: | DPD: dpd_init() called on IPsec SA
Aug 26 18:33:37.717708: | DPD: Peer does not support Dead Peer Detection
Aug 26 18:33:37.717712: | complete v1 state transition with STF_OK
Aug 26 18:33:37.717720: | [RE]START processing: state #5 connection "northnet-eastnet-b" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673)
Aug 26 18:33:37.717738: | #5 is idle
Aug 26 18:33:37.717741: | doing_xauth:no, t_xauth_client_done:no
Aug 26 18:33:37.717748: | IKEv1: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Aug 26 18:33:37.717754: | child state #5: QUICK_I1(established CHILD SA) => QUICK_I2(established CHILD SA)
Aug 26 18:33:37.717757: | event_already_set, deleting event
Aug 26 18:33:37.717759: | state #5 requesting EVENT_CRYPTO_TIMEOUT to be deleted
Aug 26 18:33:37.717765: | libevent_free: release ptr-libevent@0x7fbd04002888
Aug 26 18:33:37.717770: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7fbd18002b78
Aug 26 18:33:37.717779: | sending reply packet to 192.1.2.23:500 (from 192.1.3.33:500)
Aug 26 18:33:37.717787: | sending 76 bytes for STATE_QUICK_I1 through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #5)
Aug 26 18:33:37.717789: | 09 eb 5d d0 b4 d5 55 61 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:37.717791: | 08 10 20 01 ee 37 f5 42 00 00 00 4c 32 c1 d3 7e
Aug 26 18:33:37.717793: | 7c f8 8e 76 47 c5 1d c4 d9 d9 96 4e 07 1b 6d fc
Aug 26 18:33:37.717794: | ae 10 02 a6 46 f2 39 0b 7b 12 0f 12 dd c8 42 04
Aug 26 18:33:37.717796: | bc be ec df 2b f1 9a 7c 82 81 1e bc
Aug 26 18:33:37.717839: | !event_already_set at reschedule
Aug 26 18:33:37.717844: | event_schedule: new EVENT_SA_REPLACE-pe@0x7fbd18002b78
Aug 26 18:33:37.717852: | inserting event EVENT_SA_REPLACE, timeout in 27829 seconds for #5
Aug 26 18:33:37.717859: | libevent_malloc: new ptr-libevent@0x55c66d95d888 size 128
Aug 26 18:33:37.717863: | pstats #5 ikev1.ipsec established
Aug 26 18:33:37.717868: | NAT-T: encaps is 'auto'
Aug 26 18:33:37.717873: "northnet-eastnet-b" #5: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0xaf15c4ab <0x31a5aad0 xfrm=AES_CBC_128-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive}
Aug 26 18:33:37.717876: | modecfg pull: noquirk policy:push not-client
Aug 26 18:33:37.717879: | phase 1 is done, looking for phase 2 to unpend
Aug 26 18:33:37.717885: | resume sending helper answer for #5 suppresed complete_v1_state_transition()
Aug 26 18:33:37.717892: | #5 spent 2.61 milliseconds in resume sending helper answer
Aug 26 18:33:37.717897: | stop processing: state #5 connection "northnet-eastnet-b" from 192.1.2.23 (in resume_handler() at server.c:833)
Aug 26 18:33:37.717902: | libevent_free: release ptr-libevent@0x7fbd10000e98
Aug 26 18:33:37.717920: | processing resume sending helper answer for #4
Aug 26 18:33:37.717938: | start processing: state #4 connection "north-a-dpd" from 192.1.2.23 (in resume_handler() at server.c:797)
Aug 26 18:33:37.717941: | crypto helper 4 replies to request ID 10
Aug 26 18:33:37.717943: | calling continuation function 0x55c66cb6db50
Aug 26 18:33:37.717945: | quick_inR1_outI2_continue for #4: calculated ke+nonce, calculating DH
Aug 26 18:33:37.717963: | **emit ISAKMP Message:
Aug 26 18:33:37.717965: | initiator cookie:
Aug 26 18:33:37.717966: | 09 eb 5d d0 b4 d5 55 61
Aug 26 18:33:37.717970: | responder cookie:
Aug 26 18:33:37.717972: | 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:37.717974: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.717975: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:33:37.717977: | exchange type: ISAKMP_XCHG_QUICK (0x20)
Aug 26 18:33:37.717980: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:33:37.717982: | Message ID: 62095166 (0x3b37f3e)
Aug 26 18:33:37.717984: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Aug 26 18:33:37.717987: | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address
Aug 26 18:33:37.717989: | ID address c0 00 03 00
Aug 26 18:33:37.717992: | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask
Aug 26 18:33:37.717993: | ID mask ff ff ff 00
Aug 26 18:33:37.717996: | our client is subnet 192.0.3.0/24
Aug 26 18:33:37.717998: | our client protocol/port is 0/0
Aug 26 18:33:37.718000: | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID address
Aug 26 18:33:37.718002: | ID address c0 00 16 00
Aug 26 18:33:37.718003: | parsing 4 raw bytes of ISAKMP Identification Payload (IPsec DOI) into ID mask
Aug 26 18:33:37.718005: | ID mask ff ff ff 00
Aug 26 18:33:37.718007: | peer client is subnet 192.0.22.0/24
Aug 26 18:33:37.718008: | peer client protocol/port is 0/0
Aug 26 18:33:37.718010: | ***emit ISAKMP Hash Payload:
Aug 26 18:33:37.718012: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:37.718014: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH)
Aug 26 18:33:37.718016: | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:37.718018: | emitting 32 zero bytes of HASH DATA into ISAKMP Hash Payload
Aug 26 18:33:37.718020: | emitting length of ISAKMP Hash Payload: 36
Aug 26 18:33:37.718047: | quick_inR1_outI2 HASH(3):
Aug 26 18:33:37.718049: | 18 f1 6b 0b 8d 0e 28 50 3e 8f c7 b8 7e 41 3f cf
Aug 26 18:33:37.718051: | c9 4a 6d b2 d1 a5 7a 8c 88 6c 9e 32 6b ef 04 57
Aug 26 18:33:37.718052: | compute_proto_keymat: needed_len (after ESP enc)=16
Aug 26 18:33:37.718054: | compute_proto_keymat: needed_len (after ESP auth)=36
Aug 26 18:33:37.718151: | install_ipsec_sa() for #4: inbound and outbound
Aug 26 18:33:37.718155: | could_route called for north-a-dpd (kind=CK_PERMANENT)
Aug 26 18:33:37.718157: | FOR_EACH_CONNECTION_... in route_owner
Aug 26 18:33:37.718159: | conn north-a-dpd mark 0/00000000, 0/00000000 vs
Aug 26 18:33:37.718161: | conn north-a-dpd mark 0/00000000, 0/00000000
Aug 26 18:33:37.718162: | conn north-a-dpd mark 0/00000000, 0/00000000 vs
Aug 26 18:33:37.718164: | conn northnet-eastnet-b mark 0/00000000, 0/00000000
Aug 26 18:33:37.718168: | route owner of "north-a-dpd" prospective erouted: self; eroute owner: self
Aug 26 18:33:37.718177: | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96
Aug 26 18:33:37.718182: | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12
Aug 26 18:33:37.718186: | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20
Aug 26 18:33:37.718191: | setting IPsec SA replay-window to 32
Aug 26 18:33:37.718195: | NIC esp-hw-offload not for connection 'north-a-dpd' not available on interface eth1
Aug 26 18:33:37.718199: | netlink: enabling tunnel mode
Aug 26 18:33:37.718203: | netlink: setting IPsec SA replay-window to 32 using old-style req
Aug 26 18:33:37.718205: | netlink: esp-hw-offload not set for IPsec SA
Aug 26 18:33:37.718264: | netlink response for Add SA esp.8eba5cd1@192.1.2.23 included non-error error
Aug 26 18:33:37.718269: | set up outgoing SA, ref=0/0
Aug 26 18:33:37.718273: | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA1_96
Aug 26 18:33:37.718276: | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12
Aug 26 18:33:37.718280: | st->st_esp.keymat_len=36 is encrypt_keymat_size=16 + integ_keymat_size=20
Aug 26 18:33:37.718284: | setting IPsec SA replay-window to 32
Aug 26 18:33:37.718295: | NIC esp-hw-offload not for connection 'north-a-dpd' not available on interface eth1
Aug 26 18:33:37.718301: | netlink: enabling tunnel mode
Aug 26 18:33:37.718305: | netlink: setting IPsec SA replay-window to 32 using old-style req
Aug 26 18:33:37.718308: | netlink: esp-hw-offload not set for IPsec SA
Aug 26 18:33:37.718342: | netlink response for Add SA esp.c5a95a57@192.1.3.33 included non-error error
Aug 26 18:33:37.718346: | priority calculation of connection "north-a-dpd" is 0xfe7e7
Aug 26 18:33:37.718354: | add inbound eroute 192.0.22.0/24:0 --0-> 192.0.3.0/24:0 => tun.10000@192.1.3.33 (raw_eroute)
Aug 26 18:33:37.718358: | IPsec Sa SPD priority set to 1042407
Aug 26 18:33:37.718383: | raw_eroute result=success
Aug 26 18:33:37.718387: | set up incoming SA, ref=0/0
Aug 26 18:33:37.718391: | sr for #4: prospective erouted
Aug 26 18:33:37.718394: | route_and_eroute() for proto 0, and source port 0 dest port 0
Aug 26 18:33:37.718398: | FOR_EACH_CONNECTION_... in route_owner
Aug 26 18:33:37.718402: | conn north-a-dpd mark 0/00000000, 0/00000000 vs
Aug 26 18:33:37.718405: | conn north-a-dpd mark 0/00000000, 0/00000000
Aug 26 18:33:37.718409: | conn north-a-dpd mark 0/00000000, 0/00000000 vs
Aug 26 18:33:37.718413: | conn northnet-eastnet-b mark 0/00000000, 0/00000000
Aug 26 18:33:37.718417: | route owner of "north-a-dpd" prospective erouted: self; eroute owner: self
Aug 26 18:33:37.718420: | route_and_eroute with c: north-a-dpd (next: none) ero:north-a-dpd esr:{(nil)} ro:north-a-dpd rosr:{(nil)} and state: #4
Aug 26 18:33:37.718422: | priority calculation of connection "north-a-dpd" is 0xfe7e7
Aug 26 18:33:37.718427: | eroute_connection replace eroute 192.0.3.0/24:0 --0-> 192.0.22.0/24:0 => tun.0@192.1.2.23>tun.0@192.1.2.23 (raw_eroute)
Aug 26 18:33:37.718428: | IPsec Sa SPD priority set to 1042407
Aug 26 18:33:37.718440: | raw_eroute result=success
Aug 26 18:33:37.718443: | running updown command "ipsec _updown" for verb up
Aug 26 18:33:37.718445: | command executing up-client
Aug 26 18:33:37.718472: | trusted_ca_nss: trustee A = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:33:37.718477: | trusted_ca_nss: trustor B = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:33:37.718489: | executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='north-a-dpd' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.3.254' PLUTO_ME='192.1.3.33' PLUTO_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org' PLUTO_MY_CLIENT='192.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' PLUTO_PEER_CLIENT='192.0.22.0/24' PLUTO_PEER_CLIENT_NET='192.0.22.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='RSASIG+ENC
Aug 26 18:33:37.718491: | popen cmd is 1398 chars long
Aug 26 18:33:37.718493: | cmd( 0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='north-a-dpd' PLUTO_:
Aug 26 18:33:37.718495: | cmd( 80):INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.3.254' PLUTO_ME='192.1.3.33' PLUTO_MY_ID=:
Aug 26 18:33:37.718497: | cmd( 160):'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.:
Aug 26 18:33:37.718499: | cmd( 240):libreswan.org, E=user-north@testing.libreswan.org' PLUTO_MY_CLIENT='192.0.3.0/24:
Aug 26 18:33:37.718500: | cmd( 320):' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_:
Aug 26 18:33:37.718504: | cmd( 400):PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_:
Aug 26 18:33:37.718506: | cmd( 480):PEER='192.1.2.23' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Te:
Aug 26 18:33:37.718507: | cmd( 560):st Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org':
Aug 26 18:33:37.718509: | cmd( 640): PLUTO_PEER_CLIENT='192.0.22.0/24' PLUTO_PEER_CLIENT_NET='192.0.22.0' PLUTO_PEER:
Aug 26 18:33:37.718511: | cmd( 720):_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_P:
Aug 26 18:33:37.718512: | cmd( 800):EER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libresw:
Aug 26 18:33:37.718514: | cmd( 880):an test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='netkey' PLUTO_ADDTI:
Aug 26 18:33:37.718516: | cmd( 960):ME='0' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+I:
Aug 26 18:33:37.718517: | cmd(1040):KE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4:
Aug 26 18:33:37.718519: | cmd(1120):' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAI:
Aug 26 18:33:37.718521: | cmd(1200):N_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_N:
Aug 26 18:33:37.718522: | cmd(1280):M_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x8eba5cd1:
Aug 26 18:33:37.718524: | cmd(1360): SPI_OUT=0xc5a95a57 ipsec _updown 2>&1:
Aug 26 18:33:37.728140: | route_and_eroute: firewall_notified: true
Aug 26 18:33:37.728162: | route_and_eroute: instance "north-a-dpd", setting eroute_owner {spd=0x55c66d948f98,sr=0x55c66d948f98} to #4 (was #0) (newest_ipsec_sa=#0)
Aug 26 18:33:37.728229: | #3 spent 0.8 milliseconds in install_ipsec_sa()
Aug 26 18:33:37.728238: | emitting 12 zero bytes of encryption padding into ISAKMP Message
Aug 26 18:33:37.728244: | no IKEv1 message padding required
Aug 26 18:33:37.728248: | emitting length of ISAKMP Message: 76
Aug 26 18:33:37.728284: | inR1_outI2: instance north-a-dpd[0], setting IKEv1 newest_ipsec_sa to #4 (was #0) (spd.eroute=#4) cloned from #3
Aug 26 18:33:37.728304: | DPD: dpd_init() called on IPsec SA
Aug 26 18:33:37.728313: | State DB: found IKEv1 state #3 in MAIN_I4 (find_state_ikev1)
Aug 26 18:33:37.728319: | event_schedule: new EVENT_DPD-pe@0x7fbd04002b78
Aug 26 18:33:37.728326: | inserting event EVENT_DPD, timeout in 3 seconds for #4
Aug 26 18:33:37.728343: | libevent_malloc: new ptr-libevent@0x7fbd10000e98 size 128
Aug 26 18:33:37.728355: | complete v1 state transition with STF_OK
Aug 26 18:33:37.728362: | [RE]START processing: state #4 connection "north-a-dpd" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673)
Aug 26 18:33:37.728365: | #4 is idle
Aug 26 18:33:37.728368: | doing_xauth:no, t_xauth_client_done:no
Aug 26 18:33:37.728372: | IKEv1: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Aug 26 18:33:37.728376: | child state #4: QUICK_I1(established CHILD SA) => QUICK_I2(established CHILD SA)
Aug 26 18:33:37.728379: | event_already_set, deleting event
Aug 26 18:33:37.728382: | state #4 requesting EVENT_CRYPTO_TIMEOUT to be deleted
Aug 26 18:33:37.728387: | libevent_free: release ptr-libevent@0x55c66d974918
Aug 26 18:33:37.728394: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55c66d954c08
Aug 26 18:33:37.728401: | sending reply packet to 192.1.2.23:500 (from 192.1.3.33:500)
Aug 26 18:33:37.728409: | sending 76 bytes for STATE_QUICK_I1 through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #4)
Aug 26 18:33:37.728412: | 09 eb 5d d0 b4 d5 55 61 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:37.728413: | 08 10 20 01 03 b3 7f 3e 00 00 00 4c 23 f2 52 4c
Aug 26 18:33:37.728415: | 1a 14 8f 10 ff 11 9d 08 4e 93 32 df 3f 58 84 cc
Aug 26 18:33:37.728416: | 9d ad 6b 36 be 45 c3 d7 62 40 a8 45 c9 0a fe bb
Aug 26 18:33:37.728418: | 98 0e 89 2e de ef 2d 01 da 65 55 4b
Aug 26 18:33:37.728459: | !event_already_set at reschedule
Aug 26 18:33:37.728462: | event_schedule: new EVENT_SA_REPLACE-pe@0x55c66d954c08
Aug 26 18:33:37.728468: | inserting event EVENT_SA_REPLACE, timeout in 27768 seconds for #4
Aug 26 18:33:37.728470: | libevent_malloc: new ptr-libevent@0x55c66d974918 size 128
Aug 26 18:33:37.728472: | pstats #4 ikev1.ipsec established
Aug 26 18:33:37.728476: | NAT-T: encaps is 'auto'
Aug 26 18:33:37.728479: "north-a-dpd" #4: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0x8eba5cd1 <0xc5a95a57 xfrm=AES_CBC_128-HMAC_SHA1_96 NATOA=none NATD=none DPD=active}
Aug 26 18:33:37.728482: | modecfg pull: noquirk policy:push not-client
Aug 26 18:33:37.728483: | phase 1 is done, looking for phase 2 to unpend
Aug 26 18:33:37.728488: | resume sending helper answer for #4 suppresed complete_v1_state_transition()
Aug 26 18:33:37.728494: | #4 spent 1.24 milliseconds in resume sending helper answer
Aug 26 18:33:37.728497: | stop processing: state #4 connection "north-a-dpd" from 192.1.2.23 (in resume_handler() at server.c:833)
Aug 26 18:33:37.728501: | libevent_free: release ptr-libevent@0x7fbd14003e78
Aug 26 18:33:37.728507: | processing signal PLUTO_SIGCHLD
Aug 26 18:33:37.728511: | waitpid returned ECHILD (no child processes left)
Aug 26 18:33:37.728514: | spent 0.00375 milliseconds in signal handler PLUTO_SIGCHLD
Aug 26 18:33:37.728516: | processing signal PLUTO_SIGCHLD
Aug 26 18:33:37.728518: | waitpid returned ECHILD (no child processes left)
Aug 26 18:33:37.728521: | spent 0.00235 milliseconds in signal handler PLUTO_SIGCHLD
Aug 26 18:33:37.728522: | processing signal PLUTO_SIGCHLD
Aug 26 18:33:37.728525: | waitpid returned ECHILD (no child processes left)
Aug 26 18:33:37.728542: | spent 0.00235 milliseconds in signal handler PLUTO_SIGCHLD
Aug 26 18:33:37.728550: | processing signal PLUTO_SIGCHLD
Aug 26 18:33:37.728552: | waitpid returned ECHILD (no child processes left)
Aug 26 18:33:37.728555: | spent 0.00249 milliseconds in signal handler PLUTO_SIGCHLD
Aug 26 18:33:40.720829: | timer_event_cb: processing event@0x7fbd04002b78
Aug 26 18:33:40.720856: | handling event EVENT_DPD for child state #4
Aug 26 18:33:40.720863: | start processing: state #4 connection "north-a-dpd" from 192.1.2.23 (in timer_event_cb() at timer.c:250)
Aug 26 18:33:40.720868: | [RE]START processing: state #4 connection "north-a-dpd" from 192.1.2.23 (in dpd_event() at ikev1_dpd.c:360)
Aug 26 18:33:40.720870: | FOR_EACH_STATE_... in find_phase1_state
Aug 26 18:33:40.720874: | DPD: no need to send or schedule DPD for replaced IPsec SA
Aug 26 18:33:40.720877: | libevent_free: release ptr-libevent@0x7fbd10000e98
Aug 26 18:33:40.720887: | free_event_entry: release EVENT_DPD-pe@0x7fbd04002b78
Aug 26 18:33:40.720893: | #4 spent 0.0657 milliseconds in timer_event_cb() EVENT_DPD
Aug 26 18:33:40.720897: | stop processing: state #4 connection "north-a-dpd" from 192.1.2.23 (in timer_event_cb() at timer.c:557)
Aug 26 18:33:47.597118: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722)
Aug 26 18:33:47.597152: | FOR_EACH_STATE_... in show_traffic_status (sort_states)
Aug 26 18:33:47.597157: | FOR_EACH_STATE_... in sort_states
Aug 26 18:33:47.597164: | get_sa_info esp.c5a95a57@192.1.3.33
Aug 26 18:33:47.597329: | get_sa_info esp.8eba5cd1@192.1.2.23
Aug 26 18:33:47.597354: | get_sa_info esp.31a5aad0@192.1.3.33
Aug 26 18:33:47.597364: | get_sa_info esp.af15c4ab@192.1.2.23
Aug 26 18:33:47.597381: | close_any(fd@16) (in whack_process() at rcv_whack.c:700)
Aug 26 18:33:47.597389: | spent 0.263 milliseconds in whack
Aug 26 18:33:48.409988: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722)
Aug 26 18:33:48.410257: | FOR_EACH_CONNECTION_... in show_connections_status
Aug 26 18:33:48.410263: | FOR_EACH_CONNECTION_... in show_connections_status
Aug 26 18:33:48.410436: | FOR_EACH_STATE_... in show_states_status (sort_states)
Aug 26 18:33:48.410444: | FOR_EACH_STATE_... in sort_states
Aug 26 18:33:48.410454: | get_sa_info esp.c5a95a57@192.1.3.33
Aug 26 18:33:48.410475: | get_sa_info esp.8eba5cd1@192.1.2.23
Aug 26 18:33:48.410507: | get_sa_info esp.31a5aad0@192.1.3.33
Aug 26 18:33:48.410517: | get_sa_info esp.af15c4ab@192.1.2.23
Aug 26 18:33:48.410542: | close_any(fd@16) (in whack_process() at rcv_whack.c:700)
Aug 26 18:33:48.410550: | spent 0.541 milliseconds in whack
Aug 26 18:33:48.696393: | spent 0.0029 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
Aug 26 18:33:48.696415: | *received 92 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500)
Aug 26 18:33:48.696419: | 09 eb 5d d0 b4 d5 55 61 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:48.696422: | 08 10 05 01 12 95 c6 1a 00 00 00 5c bb ba 67 4f
Aug 26 18:33:48.696424: | e0 43 ab 38 81 fe 77 a4 0c 91 d8 81 4d 34 11 a2
Aug 26 18:33:48.696426: | 01 3f 8b 54 58 0b 18 08 3b 81 e7 15 e9 7c 79 cc
Aug 26 18:33:48.696429: | e5 39 f5 86 63 8a 15 99 36 80 f1 56 fc 7f de e4
Aug 26 18:33:48.696431: | 8f ae d7 29 5a 3c 85 1e 50 77 f8 fc
Aug 26 18:33:48.696436: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378)
Aug 26 18:33:48.696440: | **parse ISAKMP Message:
Aug 26 18:33:48.696443: | initiator cookie:
Aug 26 18:33:48.696446: | 09 eb 5d d0 b4 d5 55 61
Aug 26 18:33:48.696448: | responder cookie:
Aug 26 18:33:48.696451: | 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:48.696454: | next payload type: ISAKMP_NEXT_HASH (0x8)
Aug 26 18:33:48.696457: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:33:48.696459: | exchange type: ISAKMP_XCHG_INFO (0x5)
Aug 26 18:33:48.696464: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:33:48.696466: | Message ID: 311805466 (0x1295c61a)
Aug 26 18:33:48.696469: | length: 92 (0x5c)
Aug 26 18:33:48.696472: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5)
Aug 26 18:33:48.696477: | peer and cookies match on #5; msgid=00000000 st_msgid=ee37f542 st_msgid_phase15=00000000
Aug 26 18:33:48.696481: | peer and cookies match on #4; msgid=00000000 st_msgid=03b37f3e st_msgid_phase15=00000000
Aug 26 18:33:48.696484: | peer and cookies match on #3; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000
Aug 26 18:33:48.696487: | p15 state object #3 found, in STATE_MAIN_I4
Aug 26 18:33:48.696490: | State DB: found IKEv1 state #3 in MAIN_I4 (find_v1_info_state)
Aug 26 18:33:48.696496: | start processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1479)
Aug 26 18:33:48.696516: | #3 is idle
Aug 26 18:33:48.696519: | #3 idle
Aug 26 18:33:48.696523: | received encrypted packet from 192.1.2.23:500
Aug 26 18:33:48.696535: | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0
Aug 26 18:33:48.696539: | ***parse ISAKMP Hash Payload:
Aug 26 18:33:48.696542: | next payload type: ISAKMP_NEXT_D (0xc)
Aug 26 18:33:48.696544: | length: 36 (0x24)
Aug 26 18:33:48.696547: | got payload 0x1000 (ISAKMP_NEXT_D) needed: 0x0 opt: 0x0
Aug 26 18:33:48.696550: | ***parse ISAKMP Delete Payload:
Aug 26 18:33:48.696552: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:48.696555: | length: 16 (0x10)
Aug 26 18:33:48.696557: | DOI: ISAKMP_DOI_IPSEC (0x1)
Aug 26 18:33:48.696559: | protocol ID: 3 (0x3)
Aug 26 18:33:48.696561: | SPI size: 4 (0x4)
Aug 26 18:33:48.696563: | number of SPIs: 1 (0x1)
Aug 26 18:33:48.696566: | removing 12 bytes of padding
Aug 26 18:33:48.696592: | informational HASH(1):
Aug 26 18:33:48.696596: | b6 82 a7 64 32 16 42 bc 5b 5b b4 d9 8a 97 9b 5f
Aug 26 18:33:48.696598: | 47 f3 af af 31 d7 e7 12 a6 e1 14 2f 6a 27 08 1a
Aug 26 18:33:48.696601: | received 'informational' message HASH(1) data ok
Aug 26 18:33:48.696604: | parsing 4 raw bytes of ISAKMP Delete Payload into SPI
Aug 26 18:33:48.696607: | SPI 8e ba 5c d1
Aug 26 18:33:48.696609: | FOR_EACH_STATE_... in find_phase2_state_to_delete
Aug 26 18:33:48.696614: | start processing: connection "north-a-dpd" (BACKGROUND) (in accept_delete() at ikev1_main.c:2515)
Aug 26 18:33:48.696618: "northnet-eastnet-b" #3: received Delete SA payload: replace IPsec State #4 now
Aug 26 18:33:48.696621: | state #4 requesting EVENT_SA_REPLACE to be deleted
Aug 26 18:33:48.696628: | libevent_free: release ptr-libevent@0x55c66d974918
Aug 26 18:33:48.696632: | free_event_entry: release EVENT_SA_REPLACE-pe@0x55c66d954c08
Aug 26 18:33:48.696635: | event_schedule: new EVENT_SA_REPLACE-pe@0x55c66d954c08
Aug 26 18:33:48.696639: | inserting event EVENT_SA_REPLACE, timeout in 0 seconds for #4
Aug 26 18:33:48.696642: | libevent_malloc: new ptr-libevent@0x7fbd14003e78 size 128
Aug 26 18:33:48.696646: | stop processing: connection "north-a-dpd" (BACKGROUND) (in accept_delete() at ikev1_main.c:2559)
Aug 26 18:33:48.696649: | del:
Aug 26 18:33:48.696652: | complete v1 state transition with STF_IGNORE
Aug 26 18:33:48.696657: | #3 spent 0.00402 milliseconds in process_packet_tail()
Aug 26 18:33:48.696662: | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380)
Aug 26 18:33:48.696666: | stop processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in process_md() at demux.c:382)
Aug 26 18:33:48.696670: | processing: STOP connection NULL (in process_md() at demux.c:383)
Aug 26 18:33:48.696673: | spent 0.268 milliseconds in comm_handle_cb() reading and processing packet
Aug 26 18:33:48.696680: | timer_event_cb: processing event@0x55c66d954c08
Aug 26 18:33:48.696683: | handling event EVENT_SA_REPLACE for child state #4
Aug 26 18:33:48.696687: | start processing: state #4 connection "north-a-dpd" from 192.1.2.23 (in timer_event_cb() at timer.c:250)
Aug 26 18:33:48.696691: | picked newest_ipsec_sa #4 for #4
Aug 26 18:33:48.696693: | replacing stale IPsec SA
Aug 26 18:33:48.696697: | dup_any(fd@-1) -> fd@-1 (in ipsecdoi_replace() at ipsec_doi.c:351)
Aug 26 18:33:48.696700: | FOR_EACH_STATE_... in find_phase1_state
Aug 26 18:33:48.696704: | creating state object #6 at 0x55c66d96f0e8
Aug 26 18:33:48.696707: | State DB: adding IKEv1 state #6 in UNDEFINED
Aug 26 18:33:48.696716: | pstats #6 ikev1.ipsec started
Aug 26 18:33:48.696719: | duplicating state object #3 "northnet-eastnet-b" as #6 for IPSEC SA
Aug 26 18:33:48.696725: | #6 setting local endpoint to 192.1.3.33:500 from #3.st_localport (in duplicate_state() at state.c:1484)
Aug 26 18:33:48.696730: | in connection_discard for connection northnet-eastnet-b
Aug 26 18:33:48.696735: | suspend processing: state #4 connection "north-a-dpd" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685)
Aug 26 18:33:48.696739: | start processing: state #6 connection "north-a-dpd" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685)
Aug 26 18:33:48.696748: | child state #6: UNDEFINED(ignore) => QUICK_I1(established CHILD SA)
Aug 26 18:33:48.696754: "north-a-dpd" #6: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO to replace #4 {using isakmp#3 msgid:9f5e56e4 proposal=defaults pfsgroup=MODP2048}
Aug 26 18:33:48.696758: | adding quick_outI1 KE work-order 11 for state #6
Aug 26 18:33:48.696761: | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7fbd04002b78
Aug 26 18:33:48.696764: | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #6
Aug 26 18:33:48.696767: | libevent_malloc: new ptr-libevent@0x55c66d957be8 size 128
Aug 26 18:33:48.696776: | stop processing: state #6 connection "north-a-dpd" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764)
Aug 26 18:33:48.696781: | resume processing: state #4 connection "north-a-dpd" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764)
Aug 26 18:33:48.696784: | event_schedule: new EVENT_SA_EXPIRE-pe@0x55c66d95ef28
Aug 26 18:33:48.696787: | inserting event EVENT_SA_EXPIRE, timeout in 0 seconds for #4
Aug 26 18:33:48.696784: | crypto helper 3 resuming
Aug 26 18:33:48.696795: | libevent_malloc: new ptr-libevent@0x55c66d94a328 size 128
Aug 26 18:33:48.696805: | crypto helper 3 starting work-order 11 for state #6
Aug 26 18:33:48.696809: | libevent_free: release ptr-libevent@0x7fbd14003e78
Aug 26 18:33:48.696812: | crypto helper 3 doing build KE and nonce (quick_outI1 KE); request ID 11
Aug 26 18:33:48.696813: | free_event_entry: release EVENT_SA_REPLACE-pe@0x55c66d954c08
Aug 26 18:33:48.696824: | #4 spent 0.137 milliseconds in timer_event_cb() EVENT_SA_REPLACE
Aug 26 18:33:48.696831: | stop processing: state #4 connection "north-a-dpd" from 192.1.2.23 (in timer_event_cb() at timer.c:557)
Aug 26 18:33:48.696836: | timer_event_cb: processing event@0x55c66d95ef28
Aug 26 18:33:48.696840: | handling event EVENT_SA_EXPIRE for child state #4
Aug 26 18:33:48.696844: | start processing: state #4 connection "north-a-dpd" from 192.1.2.23 (in timer_event_cb() at timer.c:250)
Aug 26 18:33:48.696847: | picked newest_ipsec_sa #4 for #4
Aug 26 18:33:48.696850: | un-established partial CHILD SA timeout (SA expired)
Aug 26 18:33:48.696852: | pstats #4 ikev1.ipsec re-failed exchange-timeout
Aug 26 18:33:48.696855: | pstats #4 ikev1.ipsec deleted completed
Aug 26 18:33:48.696859: | [RE]START processing: state #4 connection "north-a-dpd" from 192.1.2.23 (in delete_state() at state.c:879)
Aug 26 18:33:48.696863: "north-a-dpd" #4: deleting state (STATE_QUICK_I2) aged 11.024s and sending notification
Aug 26 18:33:48.696866: | child state #4: QUICK_I2(established CHILD SA) => delete
Aug 26 18:33:48.696870: | get_sa_info esp.8eba5cd1@192.1.2.23
Aug 26 18:33:48.696883: | get_sa_info esp.c5a95a57@192.1.3.33
Aug 26 18:33:48.696891: "north-a-dpd" #4: ESP traffic information: in=0B out=0B
Aug 26 18:33:48.696894: | #4 send IKEv1 delete notification for STATE_QUICK_I2
Aug 26 18:33:48.696897: | FOR_EACH_STATE_... in find_phase1_state
Aug 26 18:33:48.696902: | **emit ISAKMP Message:
Aug 26 18:33:48.696905: | initiator cookie:
Aug 26 18:33:48.696907: | 09 eb 5d d0 b4 d5 55 61
Aug 26 18:33:48.696910: | responder cookie:
Aug 26 18:33:48.696912: | 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:48.696915: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:48.696917: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:33:48.696920: | exchange type: ISAKMP_XCHG_INFO (0x5)
Aug 26 18:33:48.696923: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:33:48.696926: | Message ID: 3310231313 (0xc54e1f11)
Aug 26 18:33:48.696929: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Aug 26 18:33:48.696933: | ***emit ISAKMP Hash Payload:
Aug 26 18:33:48.696936: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:48.696939: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH)
Aug 26 18:33:48.696942: | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg'
Aug 26 18:33:48.696946: | emitting 32 zero bytes of HASH DATA into ISAKMP Hash Payload
Aug 26 18:33:48.696949: | emitting length of ISAKMP Hash Payload: 36
Aug 26 18:33:48.696952: | ***emit ISAKMP Delete Payload:
Aug 26 18:33:48.696955: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:48.696958: | DOI: ISAKMP_DOI_IPSEC (0x1)
Aug 26 18:33:48.696961: | protocol ID: 3 (0x3)
Aug 26 18:33:48.696963: | SPI size: 4 (0x4)
Aug 26 18:33:48.696966: | number of SPIs: 1 (0x1)
Aug 26 18:33:48.696969: | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D)
Aug 26 18:33:48.696973: | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg'
Aug 26 18:33:48.696976: | emitting 4 raw bytes of delete payload into ISAKMP Delete Payload
Aug 26 18:33:48.696979: | delete payload c5 a9 5a 57
Aug 26 18:33:48.696982: | emitting length of ISAKMP Delete Payload: 16
Aug 26 18:33:48.697004: | send delete HASH(1):
Aug 26 18:33:48.697009: | ba 50 23 93 32 0f 84 ad 05 01 a7 7c 56 5e 59 63
Aug 26 18:33:48.697012: | 48 9b 14 ce 26 44 b6 21 88 67 54 20 5b 5e 17 34
Aug 26 18:33:48.697020: | emitting 12 zero bytes of encryption padding into ISAKMP Message
Aug 26 18:33:48.697023: | no IKEv1 message padding required
Aug 26 18:33:48.697026: | emitting length of ISAKMP Message: 92
Aug 26 18:33:48.697037: | sending 92 bytes for delete notify through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #3)
Aug 26 18:33:48.697040: | 09 eb 5d d0 b4 d5 55 61 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:48.697044: | 08 10 05 01 c5 4e 1f 11 00 00 00 5c c8 c9 b9 29
Aug 26 18:33:48.697046: | 9d 7b 4e 0f 01 67 d7 1a d5 1c 39 c6 7a 5e 2c 2b
Aug 26 18:33:48.697048: | 45 ff ba b4 ac e6 95 3c 86 4a d4 04 d4 0c b0 59
Aug 26 18:33:48.697049: | 9a 31 cf 2a 14 95 ce 91 b0 30 8f 7c c7 d3 19 a6
Aug 26 18:33:48.697051: | dc 9a 8a f6 55 2f b8 35 ea c9 b2 a3
Aug 26 18:33:48.697118: | running updown command "ipsec _updown" for verb down
Aug 26 18:33:48.697126: | command executing down-client
Aug 26 18:33:48.697158: | trusted_ca_nss: trustee A = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:33:48.697167: | trusted_ca_nss: trustor B = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:33:48.697184: | executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='north-a-dpd' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.3.254' PLUTO_ME='192.1.3.33' PLUTO_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org' PLUTO_MY_CLIENT='192.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' PLUTO_PEER_CLIENT='192.0.22.0/24' PLUTO_PEER_CLIENT_NET='192.0.22.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='netkey' PLUTO_ADDTIME='1566844417' PLUTO_CONN_POLIC
Aug 26 18:33:48.697186: | popen cmd is 1409 chars long
Aug 26 18:33:48.697188: | cmd( 0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='north-a-dpd' PLUT:
Aug 26 18:33:48.697190: | cmd( 80):O_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.3.254' PLUTO_ME='192.1.3.33' PLUTO_MY_I:
Aug 26 18:33:48.697192: | cmd( 160):D='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testin:
Aug 26 18:33:48.697194: | cmd( 240):g.libreswan.org, E=user-north@testing.libreswan.org' PLUTO_MY_CLIENT='192.0.3.0/:
Aug 26 18:33:48.697195: | cmd( 320):24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_M:
Aug 26 18:33:48.697197: | cmd( 400):Y_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUT:
Aug 26 18:33:48.697199: | cmd( 480):O_PEER='192.1.2.23' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=:
Aug 26 18:33:48.697200: | cmd( 560):Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.or:
Aug 26 18:33:48.697202: | cmd( 640):g' PLUTO_PEER_CLIENT='192.0.22.0/24' PLUTO_PEER_CLIENT_NET='192.0.22.0' PLUTO_PE:
Aug 26 18:33:48.697204: | cmd( 720):ER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO:
Aug 26 18:33:48.697206: | cmd( 800):_PEER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libre:
Aug 26 18:33:48.697207: | cmd( 880):swan test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='netkey' PLUTO_ADD:
Aug 26 18:33:48.697209: | cmd( 960):TIME='1566844417' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SA:
Aug 26 18:33:48.697211: | cmd(1040):REF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRF:
Aug 26 18:33:48.697212: | cmd(1120):AMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO:
Aug 26 18:33:48.697214: | cmd(1200):_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT=:
Aug 26 18:33:48.697216: | cmd(1280):'0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN:
Aug 26 18:33:48.697217: | cmd(1360):=0x8eba5cd1 SPI_OUT=0xc5a95a57 ipsec _updown 2>&1:
Aug 26 18:33:48.697671: | crypto helper 3 finished build KE and nonce (quick_outI1 KE); request ID 11 time elapsed 0.000859 seconds
Aug 26 18:33:48.697688: | (#6) spent 0.684 milliseconds in crypto helper computing work-order 11: quick_outI1 KE (pcr)
Aug 26 18:33:48.697692: | crypto helper 3 sending results from work-order 11 for state #6 to event queue
Aug 26 18:33:48.697696: | scheduling resume sending helper answer for #6
Aug 26 18:33:48.697699: | libevent_malloc: new ptr-libevent@0x7fbd08005df8 size 128
Aug 26 18:33:48.697712: | crypto helper 3 waiting (nothing to do)
Aug 26 18:33:48.706044: | shunt_eroute() called for connection 'north-a-dpd' to 'replace with shunt' for rt_kind 'prospective erouted' using protoports 0--0->-0
Aug 26 18:33:48.706056: | netlink_shunt_eroute for proto 0, and source port 0 dest port 0
Aug 26 18:33:48.706061: | priority calculation of connection "north-a-dpd" is 0xfe7e7
Aug 26 18:33:48.706065: | IPsec Sa SPD priority set to 1042407
Aug 26 18:33:48.706091: | delete esp.8eba5cd1@192.1.2.23
Aug 26 18:33:48.706106: | netlink response for Del SA esp.8eba5cd1@192.1.2.23 included non-error error
Aug 26 18:33:48.706110: | priority calculation of connection "north-a-dpd" is 0xfe7e7
Aug 26 18:33:48.706114: | delete inbound eroute 192.0.22.0/24:0 --0-> 192.0.3.0/24:0 => unk255.10000@192.1.3.33 (raw_eroute)
Aug 26 18:33:48.706133: | raw_eroute result=success
Aug 26 18:33:48.706137: | delete esp.c5a95a57@192.1.3.33
Aug 26 18:33:48.706146: | netlink response for Del SA esp.c5a95a57@192.1.3.33 included non-error error
Aug 26 18:33:48.706155: | in connection_discard for connection north-a-dpd
Aug 26 18:33:48.706158: | State DB: deleting IKEv1 state #4 in QUICK_I2
Aug 26 18:33:48.706162: | child state #4: QUICK_I2(established CHILD SA) => UNDEFINED(ignore)
Aug 26 18:33:48.706192: | stop processing: state #4 from 192.1.2.23 (in delete_state() at state.c:1143)
Aug 26 18:33:48.706216: | libevent_free: release ptr-libevent@0x55c66d94a328
Aug 26 18:33:48.706220: | free_event_entry: release EVENT_SA_EXPIRE-pe@0x55c66d95ef28
Aug 26 18:33:48.706222: | in statetime_stop() and could not find #4
Aug 26 18:33:48.706224: | processing: STOP state #0 (in timer_event_cb() at timer.c:557)
Aug 26 18:33:48.706236: | processing resume sending helper answer for #6
Aug 26 18:33:48.706241: | start processing: state #6 connection "north-a-dpd" from 192.1.2.23 (in resume_handler() at server.c:797)
Aug 26 18:33:48.706250: | crypto helper 3 replies to request ID 11
Aug 26 18:33:48.706253: | calling continuation function 0x55c66cb6db50
Aug 26 18:33:48.706257: | quick_outI1_continue for #6: calculated ke+nonce, sending I1
Aug 26 18:33:48.706281: | **emit ISAKMP Message:
Aug 26 18:33:48.706285: | initiator cookie:
Aug 26 18:33:48.706316: | 09 eb 5d d0 b4 d5 55 61
Aug 26 18:33:48.706322: | responder cookie:
Aug 26 18:33:48.706325: | 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:48.706327: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:48.706330: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:33:48.706334: | exchange type: ISAKMP_XCHG_QUICK (0x20)
Aug 26 18:33:48.706341: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:33:48.706344: | Message ID: 2673759972 (0x9f5e56e4)
Aug 26 18:33:48.706348: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Aug 26 18:33:48.706351: | ***emit ISAKMP Hash Payload:
Aug 26 18:33:48.706354: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:48.706358: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH)
Aug 26 18:33:48.706361: | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:48.706365: | emitting 32 zero bytes of HASH DATA into ISAKMP Hash Payload
Aug 26 18:33:48.706368: | emitting length of ISAKMP Hash Payload: 36
Aug 26 18:33:48.706371: | emitting quick defaults using policy none
Aug 26 18:33:48.706375: | empty esp_info, returning defaults for ENCRYPT
Aug 26 18:33:48.706382: | ***emit ISAKMP Security Association Payload:
Aug 26 18:33:48.706388: | next payload type: ISAKMP_NEXT_NONCE (0xa)
Aug 26 18:33:48.706392: | DOI: ISAKMP_DOI_IPSEC (0x1)
Aug 26 18:33:48.706396: | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE
Aug 26 18:33:48.706399: | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA)
Aug 26 18:33:48.706402: | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:48.706406: | ****emit IPsec DOI SIT:
Aug 26 18:33:48.706409: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
Aug 26 18:33:48.706412: | ikev1_out_sa pcn: 0 has 1 valid proposals
Aug 26 18:33:48.706415: | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 2
Aug 26 18:33:48.706418: | ****emit ISAKMP Proposal Payload:
Aug 26 18:33:48.706421: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:48.706424: | proposal number: 0 (0x0)
Aug 26 18:33:48.706427: | protocol ID: PROTO_IPSEC_ESP (0x3)
Aug 26 18:33:48.706429: | SPI size: 4 (0x4)
Aug 26 18:33:48.706432: | number of transforms: 2 (0x2)
Aug 26 18:33:48.706435: | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type'
Aug 26 18:33:48.706449: | netlink_get_spi: allocated 0x3775b39e for esp.0@192.1.3.33
Aug 26 18:33:48.706454: | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload
Aug 26 18:33:48.706456: | SPI 37 75 b3 9e
Aug 26 18:33:48.706460: | *****emit ISAKMP Transform Payload (ESP):
Aug 26 18:33:48.706462: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.706465: | ESP transform number: 0 (0x0)
Aug 26 18:33:48.706468: | ESP transform ID: ESP_AES (0xc)
Aug 26 18:33:48.706471: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type'
Aug 26 18:33:48.706474: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:48.706477: | af+type: AF+GROUP_DESCRIPTION (0x8003)
Aug 26 18:33:48.706480: | length/value: 14 (0xe)
Aug 26 18:33:48.706483: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:48.706485: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:48.706488: | af+type: AF+ENCAPSULATION_MODE (0x8004)
Aug 26 18:33:48.706490: | length/value: 1 (0x1)
Aug 26 18:33:48.706492: | [1 is ENCAPSULATION_MODE_TUNNEL]
Aug 26 18:33:48.706494: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:48.706496: | af+type: AF+SA_LIFE_TYPE (0x8001)
Aug 26 18:33:48.706498: | length/value: 1 (0x1)
Aug 26 18:33:48.706500: | [1 is SA_LIFE_TYPE_SECONDS]
Aug 26 18:33:48.706503: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:48.706505: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002)
Aug 26 18:33:48.706507: | length/value: 28800 (0x7080)
Aug 26 18:33:48.706509: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:48.706511: | af+type: AF+AUTH_ALGORITHM (0x8005)
Aug 26 18:33:48.706514: | length/value: 2 (0x2)
Aug 26 18:33:48.706516: | [2 is AUTH_ALGORITHM_HMAC_SHA1]
Aug 26 18:33:48.706518: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:48.706521: | af+type: AF+KEY_LENGTH (0x8006)
Aug 26 18:33:48.706523: | length/value: 128 (0x80)
Aug 26 18:33:48.706526: | emitting length of ISAKMP Transform Payload (ESP): 32
Aug 26 18:33:48.706529: | *****emit ISAKMP Transform Payload (ESP):
Aug 26 18:33:48.706531: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:48.706534: | ESP transform number: 1 (0x1)
Aug 26 18:33:48.706536: | ESP transform ID: ESP_3DES (0x3)
Aug 26 18:33:48.706539: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.706542: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type'
Aug 26 18:33:48.706545: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:48.706547: | af+type: AF+GROUP_DESCRIPTION (0x8003)
Aug 26 18:33:48.706551: | length/value: 14 (0xe)
Aug 26 18:33:48.706554: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:48.706557: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:48.706559: | af+type: AF+ENCAPSULATION_MODE (0x8004)
Aug 26 18:33:48.706561: | length/value: 1 (0x1)
Aug 26 18:33:48.706564: | [1 is ENCAPSULATION_MODE_TUNNEL]
Aug 26 18:33:48.706567: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:48.706569: | af+type: AF+SA_LIFE_TYPE (0x8001)
Aug 26 18:33:48.706572: | length/value: 1 (0x1)
Aug 26 18:33:48.706575: | [1 is SA_LIFE_TYPE_SECONDS]
Aug 26 18:33:48.706577: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:48.706580: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002)
Aug 26 18:33:48.706583: | length/value: 28800 (0x7080)
Aug 26 18:33:48.706586: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:48.706588: | af+type: AF+AUTH_ALGORITHM (0x8005)
Aug 26 18:33:48.706591: | length/value: 2 (0x2)
Aug 26 18:33:48.706594: | [2 is AUTH_ALGORITHM_HMAC_SHA1]
Aug 26 18:33:48.706597: | emitting length of ISAKMP Transform Payload (ESP): 28
Aug 26 18:33:48.706599: | emitting length of ISAKMP Proposal Payload: 72
Aug 26 18:33:48.706602: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0
Aug 26 18:33:48.706606: | emitting length of ISAKMP Security Association Payload: 84
Aug 26 18:33:48.706609: | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0
Aug 26 18:33:48.706613: | ***emit ISAKMP Nonce Payload:
Aug 26 18:33:48.706617: | next payload type: ISAKMP_NEXT_KE (0x4)
Aug 26 18:33:48.706620: | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE
Aug 26 18:33:48.706623: | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE)
Aug 26 18:33:48.706626: | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:48.706629: | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload
Aug 26 18:33:48.706632: | Ni f9 ab 0f 76 76 21 95 9e db 20 01 bd 28 20 d6 c3
Aug 26 18:33:48.706635: | Ni 7a 70 0e f6 37 89 61 26 af 31 6f 42 31 9c 53 e0
Aug 26 18:33:48.706637: | emitting length of ISAKMP Nonce Payload: 36
Aug 26 18:33:48.706640: | ***emit ISAKMP Key Exchange Payload:
Aug 26 18:33:48.706643: | next payload type: ISAKMP_NEXT_ID (0x5)
Aug 26 18:33:48.706645: | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID
Aug 26 18:33:48.706648: | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE)
Aug 26 18:33:48.706651: | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:48.706654: | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload
Aug 26 18:33:48.706657: | keyex value aa 19 19 68 8c 6d 58 b8 1f 34 ba c2 bb 65 68 7d
Aug 26 18:33:48.706660: | keyex value 4d bb e8 0b d1 35 9a d5 33 ae 4d e8 7e a9 61 0d
Aug 26 18:33:48.706662: | keyex value fc 75 ba 99 3c 5e 4c a9 6c 7c d8 70 ec e4 fe e6
Aug 26 18:33:48.706665: | keyex value 28 cd 30 0b 4b 2a cf 0b c1 8d 8c b0 82 16 9c ba
Aug 26 18:33:48.706667: | keyex value 10 63 f8 b6 7b c3 76 cc 0e 02 c3 9c 94 f7 1a 0c
Aug 26 18:33:48.706669: | keyex value 62 08 d5 1f ac 6b 1e 47 d8 fe 62 32 ab ee 34 82
Aug 26 18:33:48.706672: | keyex value fd 73 15 f2 eb 2a bb 7b da c4 fd 7d 17 be bd e8
Aug 26 18:33:48.706674: | keyex value 6e 80 52 69 e8 2c 49 30 62 9f ce 2e 1f a2 91 bc
Aug 26 18:33:48.706677: | keyex value ca 5b a5 96 6e df 9a ce 32 7c f7 7b 1c c8 4d b8
Aug 26 18:33:48.706679: | keyex value 90 74 be 0c e2 e6 33 0e 55 5a e8 3d 0c d3 88 ba
Aug 26 18:33:48.706682: | keyex value 87 b8 08 b0 cc 14 f0 49 35 85 0b 40 c0 7d 2c 86
Aug 26 18:33:48.706686: | keyex value 5c b4 9c a9 34 68 13 29 82 b3 70 79 13 62 32 ee
Aug 26 18:33:48.706688: | keyex value d1 a1 97 14 25 17 66 2e 95 cc 8e 8f be 26 24 1f
Aug 26 18:33:48.706691: | keyex value 3c 6c 7e ad 7b 39 da 35 f8 c0 d5 8e da 00 31 93
Aug 26 18:33:48.706693: | keyex value 18 e6 dd e0 a0 59 90 a3 14 2c c1 57 48 a3 08 ba
Aug 26 18:33:48.706696: | keyex value 0c eb 11 f9 a2 6f 77 9a 23 46 68 b5 05 42 75 d4
Aug 26 18:33:48.706698: | emitting length of ISAKMP Key Exchange Payload: 260
Aug 26 18:33:48.706701: | ***emit ISAKMP Identification Payload (IPsec DOI):
Aug 26 18:33:48.706704: | next payload type: ISAKMP_NEXT_ID (0x5)
Aug 26 18:33:48.706707: | ID type: ID_IPV4_ADDR_SUBNET (0x4)
Aug 26 18:33:48.706710: | Protocol ID: 0 (0x0)
Aug 26 18:33:48.706712: | port: 0 (0x0)
Aug 26 18:33:48.706716: | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID
Aug 26 18:33:48.706719: | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID)
Aug 26 18:33:48.706722: | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet'
Aug 26 18:33:48.706726: | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI)
Aug 26 18:33:48.706729: | client network c0 00 03 00
Aug 26 18:33:48.706732: | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI)
Aug 26 18:33:48.706735: | client mask ff ff ff 00
Aug 26 18:33:48.706737: | emitting length of ISAKMP Identification Payload (IPsec DOI): 16
Aug 26 18:33:48.706740: | ***emit ISAKMP Identification Payload (IPsec DOI):
Aug 26 18:33:48.706742: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:48.706744: | ID type: ID_IPV4_ADDR_SUBNET (0x4)
Aug 26 18:33:48.706746: | Protocol ID: 0 (0x0)
Aug 26 18:33:48.706748: | port: 0 (0x0)
Aug 26 18:33:48.706751: | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID)
Aug 26 18:33:48.706753: | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet'
Aug 26 18:33:48.706754: | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI)
Aug 26 18:33:48.706756: | client network c0 00 16 00
Aug 26 18:33:48.706758: | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI)
Aug 26 18:33:48.706759: | client mask ff ff ff 00
Aug 26 18:33:48.706761: | emitting length of ISAKMP Identification Payload (IPsec DOI): 16
Aug 26 18:33:48.706783: | outI1 HASH(1):
Aug 26 18:33:48.706786: | 50 6f 07 f4 f5 13 d0 3c 38 74 83 12 ee cd 75 ef
Aug 26 18:33:48.706787: | 8f 6c 10 7a c8 80 da a3 bc 28 e9 41 ee 49 6b 66
Aug 26 18:33:48.706795: | no IKEv1 message padding required
Aug 26 18:33:48.706797: | emitting length of ISAKMP Message: 476
Aug 26 18:33:48.706812: | sending 476 bytes for reply packet from quick_outI1 through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #6)
Aug 26 18:33:48.706814: | 09 eb 5d d0 b4 d5 55 61 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:48.706816: | 08 10 20 01 9f 5e 56 e4 00 00 01 dc 83 77 46 7d
Aug 26 18:33:48.706817: | 29 1e 11 c7 45 50 3b e9 55 68 98 60 19 29 61 4d
Aug 26 18:33:48.706819: | d9 4a a5 40 af 85 06 98 3d c1 a4 c4 b7 66 7c 1b
Aug 26 18:33:48.706820: | 06 a8 88 ab 94 3d d9 f0 98 4a 62 f3 d0 7c 5a 19
Aug 26 18:33:48.706822: | f4 6b 3a af 37 cb aa 85 5b 6a cf 42 2e e9 cd e0
Aug 26 18:33:48.706823: | d1 d8 20 2a 90 22 2b a0 b7 5a b8 5f 41 00 e5 1d
Aug 26 18:33:48.706825: | 76 67 90 dc 67 56 0f f9 e6 40 d5 fa c9 4b 97 b6
Aug 26 18:33:48.706826: | 0f 1d 23 25 ec 3d 8b e1 a7 d6 46 79 d3 e5 f3 fe
Aug 26 18:33:48.706828: | ac ef 7b 8e 73 a7 6d 8f 54 e5 f0 67 ba 69 73 3e
Aug 26 18:33:48.706829: | 9b 7a f7 f1 37 50 0a 33 ef 8b 15 d4 ec fd f3 4b
Aug 26 18:33:48.706832: | 86 eb f2 48 0e 36 39 b3 9a 4e 15 de 89 95 3a df
Aug 26 18:33:48.706834: | e0 02 b4 30 93 70 f6 90 82 6a d3 19 33 64 e9 7a
Aug 26 18:33:48.706835: | 0f d9 a0 fd 1f 6c b1 ec 35 1d b9 1d 6d d9 13 db
Aug 26 18:33:48.706837: | 5c 57 05 04 56 61 3b d4 2e a8 10 90 1a 6c 80 22
Aug 26 18:33:48.706838: | 5a 3c ff 7b 81 df e2 a8 95 3f ef 07 01 74 6f 8e
Aug 26 18:33:48.706840: | 54 e1 d5 bc 65 e7 fb 71 33 cb be e0 f9 50 37 17
Aug 26 18:33:48.706841: | 0a 51 f9 1a 48 e9 57 b4 57 a7 d4 b2 d2 21 39 2f
Aug 26 18:33:48.706843: | fc 37 6d 04 7c 0b 3e 2e 02 04 c1 d4 e5 75 8b 4d
Aug 26 18:33:48.706844: | be 2a 74 f9 d8 03 af 05 45 1f 03 d8 78 e2 81 4d
Aug 26 18:33:48.706846: | 93 38 6c 25 1e fb b9 a0 08 61 e4 18 14 44 41 57
Aug 26 18:33:48.706847: | 40 d4 28 5f ff eb 22 af 88 d5 f1 53 18 1f 1c d7
Aug 26 18:33:48.706849: | 96 36 23 7c 1c d8 05 df 38 fb 7c 51 8c 73 6f 53
Aug 26 18:33:48.706850: | c4 37 79 78 85 98 14 e5 00 3c 17 85 45 15 91 98
Aug 26 18:33:48.706852: | 54 ad 52 6b f5 56 f8 56 f1 86 da 1d 73 5d d5 39
Aug 26 18:33:48.706853: | 18 a7 a0 da c8 5f ba 63 70 c2 48 31 2a be e9 cc
Aug 26 18:33:48.706855: | 81 a0 84 1c 1b 86 38 be 03 13 f4 2e 51 6b b6 d0
Aug 26 18:33:48.706856: | 9f ee 4a 70 3c 63 46 49 4f 0e 63 b8 a4 45 b4 a3
Aug 26 18:33:48.706858: | f2 7a 46 1b 3a 90 96 6d e3 8b e0 e0 1c 42 62 96
Aug 26 18:33:48.706859: | 87 a3 b3 59 60 de 98 c9 bf 8a b4 e5
Aug 26 18:33:48.706887: | state #6 requesting EVENT_CRYPTO_TIMEOUT to be deleted
Aug 26 18:33:48.706890: | libevent_free: release ptr-libevent@0x55c66d957be8
Aug 26 18:33:48.706892: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7fbd04002b78
Aug 26 18:33:48.706895: | event_schedule: new EVENT_RETRANSMIT-pe@0x7fbd04002b78
Aug 26 18:33:48.706898: | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #6
Aug 26 18:33:48.706900: | libevent_malloc: new ptr-libevent@0x55c66d974918 size 128
Aug 26 18:33:48.706905: | #6 STATE_QUICK_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29714.449362
Aug 26 18:33:48.706909: | resume sending helper answer for #6 suppresed complete_v1_state_transition()
Aug 26 18:33:48.706915: | #6 spent 0.622 milliseconds in resume sending helper answer
Aug 26 18:33:48.706918: | stop processing: state #6 connection "north-a-dpd" from 192.1.2.23 (in resume_handler() at server.c:833)
Aug 26 18:33:48.706920: | libevent_free: release ptr-libevent@0x7fbd08005df8
Aug 26 18:33:48.706922: | processing signal PLUTO_SIGCHLD
Aug 26 18:33:48.706926: | waitpid returned ECHILD (no child processes left)
Aug 26 18:33:48.706930: | spent 0.004 milliseconds in signal handler PLUTO_SIGCHLD
Aug 26 18:33:48.706937: | spent 0.00127 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
Aug 26 18:33:48.706947: | *received 92 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500)
Aug 26 18:33:48.706949: | 09 eb 5d d0 b4 d5 55 61 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:48.706951: | 08 10 05 01 27 f6 4b 6c 00 00 00 5c 77 64 14 76
Aug 26 18:33:48.706952: | 70 4b 18 cf 29 6d b0 03 b8 64 92 a3 af f9 8a 86
Aug 26 18:33:48.706954: | c4 18 7a f9 61 10 6e db a0 b2 30 e4 ee 31 1f f4
Aug 26 18:33:48.706955: | 3c ba b6 68 06 e6 40 17 24 69 c0 ba d0 0e 83 81
Aug 26 18:33:48.706957: | ca ed d6 43 21 a1 54 5f 04 5c 76 f3
Aug 26 18:33:48.706960: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378)
Aug 26 18:33:48.706962: | **parse ISAKMP Message:
Aug 26 18:33:48.706964: | initiator cookie:
Aug 26 18:33:48.706966: | 09 eb 5d d0 b4 d5 55 61
Aug 26 18:33:48.706967: | responder cookie:
Aug 26 18:33:48.706969: | 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:48.706970: | next payload type: ISAKMP_NEXT_HASH (0x8)
Aug 26 18:33:48.706972: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:33:48.706974: | exchange type: ISAKMP_XCHG_INFO (0x5)
Aug 26 18:33:48.706976: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:33:48.706979: | Message ID: 670452588 (0x27f64b6c)
Aug 26 18:33:48.706981: | length: 92 (0x5c)
Aug 26 18:33:48.706983: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5)
Aug 26 18:33:48.706986: | peer and cookies match on #6; msgid=00000000 st_msgid=9f5e56e4 st_msgid_phase15=00000000
Aug 26 18:33:48.706988: | peer and cookies match on #5; msgid=00000000 st_msgid=ee37f542 st_msgid_phase15=00000000
Aug 26 18:33:48.706990: | peer and cookies match on #3; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000
Aug 26 18:33:48.706992: | p15 state object #3 found, in STATE_MAIN_I4
Aug 26 18:33:48.706994: | State DB: found IKEv1 state #3 in MAIN_I4 (find_v1_info_state)
Aug 26 18:33:48.706997: | start processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1479)
Aug 26 18:33:48.707004: | #3 is idle
Aug 26 18:33:48.707006: | #3 idle
Aug 26 18:33:48.707008: | received encrypted packet from 192.1.2.23:500
Aug 26 18:33:48.707014: | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0
Aug 26 18:33:48.707016: | ***parse ISAKMP Hash Payload:
Aug 26 18:33:48.707018: | next payload type: ISAKMP_NEXT_D (0xc)
Aug 26 18:33:48.707020: | length: 36 (0x24)
Aug 26 18:33:48.707022: | got payload 0x1000 (ISAKMP_NEXT_D) needed: 0x0 opt: 0x0
Aug 26 18:33:48.707023: | ***parse ISAKMP Delete Payload:
Aug 26 18:33:48.707025: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:48.707027: | length: 16 (0x10)
Aug 26 18:33:48.707028: | DOI: ISAKMP_DOI_IPSEC (0x1)
Aug 26 18:33:48.707030: | protocol ID: 3 (0x3)
Aug 26 18:33:48.707031: | SPI size: 4 (0x4)
Aug 26 18:33:48.707033: | number of SPIs: 1 (0x1)
Aug 26 18:33:48.707035: | removing 12 bytes of padding
Aug 26 18:33:48.707045: | informational HASH(1):
Aug 26 18:33:48.707048: | 1c d2 7d c4 97 5f e2 8c 69 d2 98 28 af da ab 16
Aug 26 18:33:48.707049: | 35 b2 9d 7e 84 2a 2f 3f 75 fd ef a5 43 a9 84 8c
Aug 26 18:33:48.707051: | received 'informational' message HASH(1) data ok
Aug 26 18:33:48.707053: | parsing 4 raw bytes of ISAKMP Delete Payload into SPI
Aug 26 18:33:48.707055: | SPI af 15 c4 ab
Aug 26 18:33:48.707057: | FOR_EACH_STATE_... in find_phase2_state_to_delete
Aug 26 18:33:48.707060: | start processing: connection "northnet-eastnet-b" (BACKGROUND) (in accept_delete() at ikev1_main.c:2515)
Aug 26 18:33:48.707062: "northnet-eastnet-b" #3: received Delete SA payload: replace IPsec State #5 now
Aug 26 18:33:48.707065: | state #5 requesting EVENT_SA_REPLACE to be deleted
Aug 26 18:33:48.707067: | libevent_free: release ptr-libevent@0x55c66d95d888
Aug 26 18:33:48.707070: | free_event_entry: release EVENT_SA_REPLACE-pe@0x7fbd18002b78
Aug 26 18:33:48.707072: | event_schedule: new EVENT_SA_REPLACE-pe@0x7fbd18002b78
Aug 26 18:33:48.707075: | inserting event EVENT_SA_REPLACE, timeout in 0 seconds for #5
Aug 26 18:33:48.707077: | libevent_malloc: new ptr-libevent@0x7fbd08005df8 size 128
Aug 26 18:33:48.707079: | stop processing: connection "northnet-eastnet-b" (BACKGROUND) (in accept_delete() at ikev1_main.c:2559)
Aug 26 18:33:48.707081: | del:
Aug 26 18:33:48.707085: | complete v1 state transition with STF_IGNORE
Aug 26 18:33:48.707088: | #3 spent 0.00373 milliseconds in process_packet_tail()
Aug 26 18:33:48.707091: | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380)
Aug 26 18:33:48.707094: | stop processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in process_md() at demux.c:382)
Aug 26 18:33:48.707096: | processing: STOP connection NULL (in process_md() at demux.c:383)
Aug 26 18:33:48.707098: | spent 0.158 milliseconds in comm_handle_cb() reading and processing packet
Aug 26 18:33:48.707103: | timer_event_cb: processing event@0x7fbd18002b78
Aug 26 18:33:48.707105: | handling event EVENT_SA_REPLACE for child state #5
Aug 26 18:33:48.707107: | start processing: state #5 connection "northnet-eastnet-b" from 192.1.2.23 (in timer_event_cb() at timer.c:250)
Aug 26 18:33:48.707110: | picked newest_ipsec_sa #5 for #5
Aug 26 18:33:48.707113: | replacing stale IPsec SA
Aug 26 18:33:48.707116: | dup_any(fd@-1) -> fd@-1 (in ipsecdoi_replace() at ipsec_doi.c:351)
Aug 26 18:33:48.707118: | FOR_EACH_STATE_... in find_phase1_state
Aug 26 18:33:48.707121: | creating state object #7 at 0x55c66d96e5f8
Aug 26 18:33:48.707123: | State DB: adding IKEv1 state #7 in UNDEFINED
Aug 26 18:33:48.707128: | pstats #7 ikev1.ipsec started
Aug 26 18:33:48.707130: | duplicating state object #3 "northnet-eastnet-b" as #7 for IPSEC SA
Aug 26 18:33:48.707134: | #7 setting local endpoint to 192.1.3.33:500 from #3.st_localport (in duplicate_state() at state.c:1484)
Aug 26 18:33:48.707138: | suspend processing: state #5 connection "northnet-eastnet-b" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685)
Aug 26 18:33:48.707141: | start processing: state #7 connection "northnet-eastnet-b" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:685)
Aug 26 18:33:48.707147: | child state #7: UNDEFINED(ignore) => QUICK_I1(established CHILD SA)
Aug 26 18:33:48.707151: "northnet-eastnet-b" #7: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO to replace #5 {using isakmp#3 msgid:b0514738 proposal=defaults pfsgroup=MODP2048}
Aug 26 18:33:48.707154: | adding quick_outI1 KE work-order 12 for state #7
Aug 26 18:33:48.707156: | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55c66d95ef28
Aug 26 18:33:48.707158: | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #7
Aug 26 18:33:48.707160: | libevent_malloc: new ptr-libevent@0x55c66d976578 size 128
Aug 26 18:33:48.707168: | stop processing: state #7 connection "northnet-eastnet-b" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764)
Aug 26 18:33:48.707170: | resume processing: state #5 connection "northnet-eastnet-b" from 192.1.2.23 (in quick_outI1() at ikev1_quick.c:764)
Aug 26 18:33:48.707173: | event_schedule: new EVENT_SA_EXPIRE-pe@0x55c66d94da38
Aug 26 18:33:48.707174: | crypto helper 1 resuming
Aug 26 18:33:48.707175: | inserting event EVENT_SA_EXPIRE, timeout in 0 seconds for #5
Aug 26 18:33:48.707193: | crypto helper 1 starting work-order 12 for state #7
Aug 26 18:33:48.707205: | libevent_malloc: new ptr-libevent@0x7fbd14003e78 size 128
Aug 26 18:33:48.707207: | crypto helper 1 doing build KE and nonce (quick_outI1 KE); request ID 12
Aug 26 18:33:48.707210: | libevent_free: release ptr-libevent@0x7fbd08005df8
Aug 26 18:33:48.707213: | free_event_entry: release EVENT_SA_REPLACE-pe@0x7fbd18002b78
Aug 26 18:33:48.707219: | #5 spent 0.105 milliseconds in timer_event_cb() EVENT_SA_REPLACE
Aug 26 18:33:48.707225: | stop processing: state #5 connection "northnet-eastnet-b" from 192.1.2.23 (in timer_event_cb() at timer.c:557)
Aug 26 18:33:48.707231: | timer_event_cb: processing event@0x55c66d94da38
Aug 26 18:33:48.707234: | handling event EVENT_SA_EXPIRE for child state #5
Aug 26 18:33:48.707238: | start processing: state #5 connection "northnet-eastnet-b" from 192.1.2.23 (in timer_event_cb() at timer.c:250)
Aug 26 18:33:48.707242: | picked newest_ipsec_sa #5 for #5
Aug 26 18:33:48.707245: | un-established partial CHILD SA timeout (SA expired)
Aug 26 18:33:48.707248: | pstats #5 ikev1.ipsec re-failed exchange-timeout
Aug 26 18:33:48.707250: | pstats #5 ikev1.ipsec deleted completed
Aug 26 18:33:48.707255: | [RE]START processing: state #5 connection "northnet-eastnet-b" from 192.1.2.23 (in delete_state() at state.c:879)
Aug 26 18:33:48.707259: "northnet-eastnet-b" #5: deleting state (STATE_QUICK_I2) aged 11.034s and sending notification
Aug 26 18:33:48.707262: | child state #5: QUICK_I2(established CHILD SA) => delete
Aug 26 18:33:48.707267: | get_sa_info esp.af15c4ab@192.1.2.23
Aug 26 18:33:48.707280: | get_sa_info esp.31a5aad0@192.1.3.33
Aug 26 18:33:48.707304: "northnet-eastnet-b" #5: ESP traffic information: in=0B out=0B
Aug 26 18:33:48.707312: | #5 send IKEv1 delete notification for STATE_QUICK_I2
Aug 26 18:33:48.707315: | FOR_EACH_STATE_... in find_phase1_state
Aug 26 18:33:48.707324: | **emit ISAKMP Message:
Aug 26 18:33:48.707328: | initiator cookie:
Aug 26 18:33:48.707332: | 09 eb 5d d0 b4 d5 55 61
Aug 26 18:33:48.707335: | responder cookie:
Aug 26 18:33:48.707338: | 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:48.707341: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:48.707344: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:33:48.707347: | exchange type: ISAKMP_XCHG_INFO (0x5)
Aug 26 18:33:48.707350: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:33:48.707353: | Message ID: 2620766481 (0x9c35b911)
Aug 26 18:33:48.707356: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Aug 26 18:33:48.707359: | ***emit ISAKMP Hash Payload:
Aug 26 18:33:48.707362: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:48.707365: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH)
Aug 26 18:33:48.707368: | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg'
Aug 26 18:33:48.707372: | emitting 32 zero bytes of HASH DATA into ISAKMP Hash Payload
Aug 26 18:33:48.707374: | emitting length of ISAKMP Hash Payload: 36
Aug 26 18:33:48.707377: | ***emit ISAKMP Delete Payload:
Aug 26 18:33:48.707380: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:48.707383: | DOI: ISAKMP_DOI_IPSEC (0x1)
Aug 26 18:33:48.707385: | protocol ID: 3 (0x3)
Aug 26 18:33:48.707388: | SPI size: 4 (0x4)
Aug 26 18:33:48.707391: | number of SPIs: 1 (0x1)
Aug 26 18:33:48.707394: | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D)
Aug 26 18:33:48.707397: | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg'
Aug 26 18:33:48.707401: | emitting 4 raw bytes of delete payload into ISAKMP Delete Payload
Aug 26 18:33:48.707404: | delete payload 31 a5 aa d0
Aug 26 18:33:48.707406: | emitting length of ISAKMP Delete Payload: 16
Aug 26 18:33:48.707429: | send delete HASH(1):
Aug 26 18:33:48.707434: | a9 f6 69 aa b5 ef c5 c0 9c 5c 79 11 6d 49 39 c8
Aug 26 18:33:48.707437: | 40 c2 dd 05 28 06 7e 3e e8 2f 7a 93 ee 03 e7 2a
Aug 26 18:33:48.707445: | emitting 12 zero bytes of encryption padding into ISAKMP Message
Aug 26 18:33:48.707449: | no IKEv1 message padding required
Aug 26 18:33:48.707452: | emitting length of ISAKMP Message: 92
Aug 26 18:33:48.707468: | sending 92 bytes for delete notify through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #3)
Aug 26 18:33:48.707471: | 09 eb 5d d0 b4 d5 55 61 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:48.707475: | 08 10 05 01 9c 35 b9 11 00 00 00 5c 5e 47 52 6b
Aug 26 18:33:48.707478: | 26 c0 87 68 e3 c3 5a 17 a0 fb 8a b8 1f 1b 49 29
Aug 26 18:33:48.707481: | d6 74 c0 f5 0d 96 cc c5 e3 31 a6 41 1d 83 b8 49
Aug 26 18:33:48.707483: | dc 7c 68 6e 77 27 14 0c da 81 67 cc 11 3a 9a 0a
Aug 26 18:33:48.707486: | 1e a7 e7 0e a0 e3 f7 91 fe 98 5e 4f
Aug 26 18:33:48.707564: | running updown command "ipsec _updown" for verb down
Aug 26 18:33:48.707570: | command executing down-client
Aug 26 18:33:48.707598: | trusted_ca_nss: trustee A = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:33:48.707605: | trusted_ca_nss: trustor B = 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org'
Aug 26 18:33:48.707625: | executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='northnet-eastnet-b' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.3.254' PLUTO_ME='192.1.3.33' PLUTO_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org' PLUTO_MY_CLIENT='192.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16392' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='netkey' PLUTO_ADDTIME='1566844417' PLUTO_CONN_
Aug 26 18:33:48.707632: | popen cmd is 1414 chars long
Aug 26 18:33:48.707635: | cmd( 0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='northnet-eastnet-:
Aug 26 18:33:48.707639: | cmd( 80):b' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.3.254' PLUTO_ME='192.1.3.33' PLU:
Aug 26 18:33:48.707642: | cmd( 160):TO_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north:
Aug 26 18:33:48.707645: | cmd( 240):.testing.libreswan.org, E=user-north@testing.libreswan.org' PLUTO_MY_CLIENT='192:
Aug 26 18:33:48.707647: | cmd( 320):.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' :
Aug 26 18:33:48.707650: | cmd( 400):PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16392' PLUTO_SA_TYPE='ES:
Aug 26 18:33:48.707653: | cmd( 480):P' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libresw:
Aug 26 18:33:48.707656: | cmd( 560):an, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libre:
Aug 26 18:33:48.707658: | cmd( 640):swan.org' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLU:
Aug 26 18:33:48.707661: | cmd( 720):TO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' :
Aug 26 18:33:48.707664: | cmd( 800):PLUTO_PEER_CA='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=:
Aug 26 18:33:48.707666: | cmd( 880):Libreswan test CA for mainca, E=testing@libreswan.org' PLUTO_STACK='netkey' PLUT:
Aug 26 18:33:48.707669: | cmd( 960):O_ADDTIME='1566844417' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALL:
Aug 26 18:33:48.707672: | cmd(1040):OW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_:
Aug 26 18:33:48.707675: | cmd(1120):ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' :
Aug 26 18:33:48.707677: | cmd(1200):PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CL:
Aug 26 18:33:48.707680: | cmd(1280):IENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' S:
Aug 26 18:33:48.707683: | cmd(1360):PI_IN=0xaf15c4ab SPI_OUT=0x31a5aad0 ipsec _updown 2>&1:
Aug 26 18:33:48.708193: | crypto helper 1 finished build KE and nonce (quick_outI1 KE); request ID 12 time elapsed 0.000986 seconds
Aug 26 18:33:48.708205: | (#7) spent 0.667 milliseconds in crypto helper computing work-order 12: quick_outI1 KE (pcr)
Aug 26 18:33:48.708207: | crypto helper 1 sending results from work-order 12 for state #7 to event queue
Aug 26 18:33:48.708210: | scheduling resume sending helper answer for #7
Aug 26 18:33:48.708212: | libevent_malloc: new ptr-libevent@0x7fbd0c0072f8 size 128
Aug 26 18:33:48.708223: | crypto helper 1 waiting (nothing to do)
Aug 26 18:33:48.715984: | shunt_eroute() called for connection 'northnet-eastnet-b' to 'replace with shunt' for rt_kind 'prospective erouted' using protoports 0--0->-0
Aug 26 18:33:48.716004: | netlink_shunt_eroute for proto 0, and source port 0 dest port 0
Aug 26 18:33:48.716008: | priority calculation of connection "northnet-eastnet-b" is 0xfe7e7
Aug 26 18:33:48.716013: | IPsec Sa SPD priority set to 1042407
Aug 26 18:33:48.716054: | delete esp.af15c4ab@192.1.2.23
Aug 26 18:33:48.716073: | netlink response for Del SA esp.af15c4ab@192.1.2.23 included non-error error
Aug 26 18:33:48.716077: | priority calculation of connection "northnet-eastnet-b" is 0xfe7e7
Aug 26 18:33:48.716084: | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.3.0/24:0 => unk255.10000@192.1.3.33 (raw_eroute)
Aug 26 18:33:48.716107: | raw_eroute result=success
Aug 26 18:33:48.716111: | delete esp.31a5aad0@192.1.3.33
Aug 26 18:33:48.716122: | netlink response for Del SA esp.31a5aad0@192.1.3.33 included non-error error
Aug 26 18:33:48.716138: | in connection_discard for connection northnet-eastnet-b
Aug 26 18:33:48.716142: | State DB: deleting IKEv1 state #5 in QUICK_I2
Aug 26 18:33:48.716147: | child state #5: QUICK_I2(established CHILD SA) => UNDEFINED(ignore)
Aug 26 18:33:48.716188: | stop processing: state #5 from 192.1.2.23 (in delete_state() at state.c:1143)
Aug 26 18:33:48.716213: | libevent_free: release ptr-libevent@0x7fbd14003e78
Aug 26 18:33:48.716219: | free_event_entry: release EVENT_SA_EXPIRE-pe@0x55c66d94da38
Aug 26 18:33:48.716223: | in statetime_stop() and could not find #5
Aug 26 18:33:48.716226: | processing: STOP state #0 (in timer_event_cb() at timer.c:557)
Aug 26 18:33:48.716241: | processing resume sending helper answer for #7
Aug 26 18:33:48.716247: | start processing: state #7 connection "northnet-eastnet-b" from 192.1.2.23 (in resume_handler() at server.c:797)
Aug 26 18:33:48.716252: | crypto helper 1 replies to request ID 12
Aug 26 18:33:48.716255: | calling continuation function 0x55c66cb6db50
Aug 26 18:33:48.716258: | quick_outI1_continue for #7: calculated ke+nonce, sending I1
Aug 26 18:33:48.716281: | **emit ISAKMP Message:
Aug 26 18:33:48.716285: | initiator cookie:
Aug 26 18:33:48.716287: | 09 eb 5d d0 b4 d5 55 61
Aug 26 18:33:48.716302: | responder cookie:
Aug 26 18:33:48.716304: | 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:48.716307: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:48.716310: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:33:48.716313: | exchange type: ISAKMP_XCHG_QUICK (0x20)
Aug 26 18:33:48.716318: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:33:48.716320: | Message ID: 2958116664 (0xb0514738)
Aug 26 18:33:48.716324: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Aug 26 18:33:48.716327: | ***emit ISAKMP Hash Payload:
Aug 26 18:33:48.716330: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:48.716333: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH)
Aug 26 18:33:48.716336: | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:48.716340: | emitting 32 zero bytes of HASH DATA into ISAKMP Hash Payload
Aug 26 18:33:48.716343: | emitting length of ISAKMP Hash Payload: 36
Aug 26 18:33:48.716345: | emitting quick defaults using policy none
Aug 26 18:33:48.716349: | empty esp_info, returning defaults for ENCRYPT
Aug 26 18:33:48.716355: | ***emit ISAKMP Security Association Payload:
Aug 26 18:33:48.716358: | next payload type: ISAKMP_NEXT_NONCE (0xa)
Aug 26 18:33:48.716361: | DOI: ISAKMP_DOI_IPSEC (0x1)
Aug 26 18:33:48.716364: | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE
Aug 26 18:33:48.716367: | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA)
Aug 26 18:33:48.716370: | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:48.716373: | ****emit IPsec DOI SIT:
Aug 26 18:33:48.716376: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
Aug 26 18:33:48.716379: | ikev1_out_sa pcn: 0 has 1 valid proposals
Aug 26 18:33:48.716382: | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 2
Aug 26 18:33:48.716385: | ****emit ISAKMP Proposal Payload:
Aug 26 18:33:48.716387: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:48.716390: | proposal number: 0 (0x0)
Aug 26 18:33:48.716393: | protocol ID: PROTO_IPSEC_ESP (0x3)
Aug 26 18:33:48.716395: | SPI size: 4 (0x4)
Aug 26 18:33:48.716398: | number of transforms: 2 (0x2)
Aug 26 18:33:48.716401: | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type'
Aug 26 18:33:48.716412: | netlink_get_spi: allocated 0x8953f1df for esp.0@192.1.3.33
Aug 26 18:33:48.716418: | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload
Aug 26 18:33:48.716421: | SPI 89 53 f1 df
Aug 26 18:33:48.716424: | *****emit ISAKMP Transform Payload (ESP):
Aug 26 18:33:48.716426: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.716429: | ESP transform number: 0 (0x0)
Aug 26 18:33:48.716432: | ESP transform ID: ESP_AES (0xc)
Aug 26 18:33:48.716435: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type'
Aug 26 18:33:48.716438: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:48.716441: | af+type: AF+GROUP_DESCRIPTION (0x8003)
Aug 26 18:33:48.716443: | length/value: 14 (0xe)
Aug 26 18:33:48.716446: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:48.716449: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:48.716452: | af+type: AF+ENCAPSULATION_MODE (0x8004)
Aug 26 18:33:48.716454: | length/value: 1 (0x1)
Aug 26 18:33:48.716457: | [1 is ENCAPSULATION_MODE_TUNNEL]
Aug 26 18:33:48.716459: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:48.716462: | af+type: AF+SA_LIFE_TYPE (0x8001)
Aug 26 18:33:48.716465: | length/value: 1 (0x1)
Aug 26 18:33:48.716467: | [1 is SA_LIFE_TYPE_SECONDS]
Aug 26 18:33:48.716470: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:48.716473: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002)
Aug 26 18:33:48.716476: | length/value: 28800 (0x7080)
Aug 26 18:33:48.716478: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:48.716481: | af+type: AF+AUTH_ALGORITHM (0x8005)
Aug 26 18:33:48.716484: | length/value: 2 (0x2)
Aug 26 18:33:48.716486: | [2 is AUTH_ALGORITHM_HMAC_SHA1]
Aug 26 18:33:48.716489: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:48.716492: | af+type: AF+KEY_LENGTH (0x8006)
Aug 26 18:33:48.716494: | length/value: 128 (0x80)
Aug 26 18:33:48.716497: | emitting length of ISAKMP Transform Payload (ESP): 32
Aug 26 18:33:48.716500: | *****emit ISAKMP Transform Payload (ESP):
Aug 26 18:33:48.716502: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:48.716505: | ESP transform number: 1 (0x1)
Aug 26 18:33:48.716508: | ESP transform ID: ESP_3DES (0x3)
Aug 26 18:33:48.716511: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.716514: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type'
Aug 26 18:33:48.716516: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:48.716519: | af+type: AF+GROUP_DESCRIPTION (0x8003)
Aug 26 18:33:48.716522: | length/value: 14 (0xe)
Aug 26 18:33:48.716524: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:48.716527: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:48.716530: | af+type: AF+ENCAPSULATION_MODE (0x8004)
Aug 26 18:33:48.716532: | length/value: 1 (0x1)
Aug 26 18:33:48.716535: | [1 is ENCAPSULATION_MODE_TUNNEL]
Aug 26 18:33:48.716538: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:48.716541: | af+type: AF+SA_LIFE_TYPE (0x8001)
Aug 26 18:33:48.716543: | length/value: 1 (0x1)
Aug 26 18:33:48.716546: | [1 is SA_LIFE_TYPE_SECONDS]
Aug 26 18:33:48.716548: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:48.716551: | af+type: AF+SA_LIFE_DURATION (variable length) (0x8002)
Aug 26 18:33:48.716554: | length/value: 28800 (0x7080)
Aug 26 18:33:48.716556: | ******emit ISAKMP IPsec DOI attribute:
Aug 26 18:33:48.716559: | af+type: AF+AUTH_ALGORITHM (0x8005)
Aug 26 18:33:48.716561: | length/value: 2 (0x2)
Aug 26 18:33:48.716564: | [2 is AUTH_ALGORITHM_HMAC_SHA1]
Aug 26 18:33:48.716567: | emitting length of ISAKMP Transform Payload (ESP): 28
Aug 26 18:33:48.716569: | emitting length of ISAKMP Proposal Payload: 72
Aug 26 18:33:48.716572: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ESP)'.'next payload type' is 0
Aug 26 18:33:48.716575: | emitting length of ISAKMP Security Association Payload: 84
Aug 26 18:33:48.716579: | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0
Aug 26 18:33:48.716585: | ***emit ISAKMP Nonce Payload:
Aug 26 18:33:48.716588: | next payload type: ISAKMP_NEXT_KE (0x4)
Aug 26 18:33:48.716591: | next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 4:ISAKMP_NEXT_KE
Aug 26 18:33:48.716595: | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE)
Aug 26 18:33:48.716598: | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:48.716601: | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload
Aug 26 18:33:48.716604: | Ni a1 53 d2 6f 68 c2 3b b8 6e 85 c4 c0 f6 dd 08 b0
Aug 26 18:33:48.716607: | Ni e0 68 51 c0 2d 18 87 ba 20 13 ea 62 4d ba 2d de
Aug 26 18:33:48.716609: | emitting length of ISAKMP Nonce Payload: 36
Aug 26 18:33:48.716613: | ***emit ISAKMP Key Exchange Payload:
Aug 26 18:33:48.716615: | next payload type: ISAKMP_NEXT_ID (0x5)
Aug 26 18:33:48.716618: | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 5:ISAKMP_NEXT_ID
Aug 26 18:33:48.716622: | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE)
Aug 26 18:33:48.716624: | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:48.716628: | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload
Aug 26 18:33:48.716630: | keyex value fa d9 57 33 f6 49 6c d2 13 f0 e4 c6 69 cb 15 de
Aug 26 18:33:48.716633: | keyex value 69 9d 3d 9d 29 29 7c 45 27 fc a6 4a 18 17 94 9e
Aug 26 18:33:48.716635: | keyex value d3 57 18 21 39 10 02 e2 8c e9 0b 7c c8 11 ad 81
Aug 26 18:33:48.716638: | keyex value 69 c9 dd 9d 02 8e 03 14 c0 44 d5 f6 da 19 c0 77
Aug 26 18:33:48.716641: | keyex value 3b d0 57 c3 7a c0 5a 6d c6 8f 51 1a ef c6 50 2a
Aug 26 18:33:48.716643: | keyex value 4b 9d 95 ac b4 88 ea 62 e4 19 80 cc eb 3b ab b4
Aug 26 18:33:48.716646: | keyex value ce 7c 84 c0 48 69 b6 64 e4 96 d9 18 84 54 25 c0
Aug 26 18:33:48.716648: | keyex value 1e 50 8d 3e fd 66 06 91 df 02 b9 20 18 3e 94 72
Aug 26 18:33:48.716651: | keyex value d6 a9 5c 9e 8b 81 43 69 2e 95 d1 68 c9 0b 6b 7e
Aug 26 18:33:48.716653: | keyex value 4f 52 1f 33 c9 fb 30 b7 1a 31 05 72 80 cc d9 fd
Aug 26 18:33:48.716656: | keyex value cb c2 dc ad 4a 52 b3 88 81 b7 fc 55 49 78 08 e8
Aug 26 18:33:48.716658: | keyex value 94 7c 1d 3a d3 5d 17 11 b8 c3 c0 5b cc d6 5b 3a
Aug 26 18:33:48.716661: | keyex value 82 d7 52 7a 1e 11 37 94 36 b3 0d 51 e3 a2 6b 2a
Aug 26 18:33:48.716663: | keyex value 8a d9 10 fe 70 dc cc 7b 31 95 ee 46 43 7a d1 2a
Aug 26 18:33:48.716666: | keyex value e6 60 08 13 ae b3 6a 96 6d cf 9c c9 ee 2a 60 98
Aug 26 18:33:48.716669: | keyex value 96 d9 0c 32 6d 1c de 5e c7 b2 75 9c 57 7b c4 26
Aug 26 18:33:48.716671: | emitting length of ISAKMP Key Exchange Payload: 260
Aug 26 18:33:48.716674: | ***emit ISAKMP Identification Payload (IPsec DOI):
Aug 26 18:33:48.716677: | next payload type: ISAKMP_NEXT_ID (0x5)
Aug 26 18:33:48.716680: | ID type: ID_IPV4_ADDR_SUBNET (0x4)
Aug 26 18:33:48.716682: | Protocol ID: 0 (0x0)
Aug 26 18:33:48.716685: | port: 0 (0x0)
Aug 26 18:33:48.716688: | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 5:ISAKMP_NEXT_ID
Aug 26 18:33:48.716691: | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID)
Aug 26 18:33:48.716694: | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet'
Aug 26 18:33:48.716697: | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI)
Aug 26 18:33:48.716700: | client network c0 00 03 00
Aug 26 18:33:48.716705: | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI)
Aug 26 18:33:48.716707: | client mask ff ff ff 00
Aug 26 18:33:48.716710: | emitting length of ISAKMP Identification Payload (IPsec DOI): 16
Aug 26 18:33:48.716713: | ***emit ISAKMP Identification Payload (IPsec DOI):
Aug 26 18:33:48.716715: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:48.716718: | ID type: ID_IPV4_ADDR_SUBNET (0x4)
Aug 26 18:33:48.716720: | Protocol ID: 0 (0x0)
Aug 26 18:33:48.716723: | port: 0 (0x0)
Aug 26 18:33:48.716726: | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID)
Aug 26 18:33:48.716729: | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet'
Aug 26 18:33:48.716732: | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI)
Aug 26 18:33:48.716735: | client network c0 00 02 00
Aug 26 18:33:48.716738: | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI)
Aug 26 18:33:48.716740: | client mask ff ff ff 00
Aug 26 18:33:48.716743: | emitting length of ISAKMP Identification Payload (IPsec DOI): 16
Aug 26 18:33:48.716781: | outI1 HASH(1):
Aug 26 18:33:48.716785: | e5 d6 50 0b 98 1a 28 e8 a0 0f e6 6b eb d1 c9 4a
Aug 26 18:33:48.716787: | 2c be 03 76 95 8e d1 2e be a6 43 08 56 e7 2b 9d
Aug 26 18:33:48.716800: | no IKEv1 message padding required
Aug 26 18:33:48.716803: | emitting length of ISAKMP Message: 476
Aug 26 18:33:48.716824: | sending 476 bytes for reply packet from quick_outI1 through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #7)
Aug 26 18:33:48.716827: | 09 eb 5d d0 b4 d5 55 61 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:48.716829: | 08 10 20 01 b0 51 47 38 00 00 01 dc 7f e3 df 87
Aug 26 18:33:48.716832: | b4 68 4b f5 34 3c 5e 24 5f b2 80 08 e3 be 45 11
Aug 26 18:33:48.716834: | 12 98 9b 96 c5 48 76 80 89 1f 92 68 df 96 63 58
Aug 26 18:33:48.716837: | 68 70 9b 96 65 86 01 bd 4d f6 bd af f6 fc 3c 8b
Aug 26 18:33:48.716840: | 69 29 39 c9 67 b8 cd 2a 2e 91 93 c9 df 7b 98 53
Aug 26 18:33:48.716842: | 8d e9 58 9b 4c f0 b4 92 aa 92 d4 eb ed ec 4b ed
Aug 26 18:33:48.716845: | c6 83 eb d9 b3 3d 78 d7 ad b6 70 78 d0 c6 db a1
Aug 26 18:33:48.716847: | b1 57 d5 f9 38 aa 5c 0f 8e 69 c1 33 3b 71 2a 41
Aug 26 18:33:48.716850: | 43 23 c5 1c 19 6f 94 32 8c 8f 2c fe 84 94 2f 0e
Aug 26 18:33:48.716852: | fd 75 d9 1c 85 95 70 dd 13 71 6b f6 f1 0e 38 44
Aug 26 18:33:48.716855: | ef 32 74 e0 b6 0a a2 d7 28 96 f8 16 a3 f2 4d 6b
Aug 26 18:33:48.716857: | d2 81 99 88 4a dc 6e 19 04 a3 a3 5f bc c2 74 30
Aug 26 18:33:48.716860: | d9 f3 6f c5 9b 44 09 46 97 2e 23 02 8c 98 a2 cd
Aug 26 18:33:48.716862: | 21 d1 a8 e3 f2 99 8f 92 cf 9d 79 cc cb f9 b6 1e
Aug 26 18:33:48.716865: | 85 6e ba 72 c1 f5 f3 df 06 c6 73 3b 31 e3 07 83
Aug 26 18:33:48.716867: | 37 d1 31 e3 55 ac e8 08 27 e3 8a 4f 3b a5 35 e5
Aug 26 18:33:48.716870: | c2 45 5e 37 9c 26 c4 8a de f6 eb 14 14 d8 8c 37
Aug 26 18:33:48.716872: | 16 9c b1 17 d7 2a fc 94 56 42 06 90 14 96 b3 d0
Aug 26 18:33:48.716875: | 11 02 e1 f5 67 ef 2e 60 15 35 41 fa 5b 51 23 37
Aug 26 18:33:48.716877: | 1d 82 3e e8 8d ca 4d 57 0f 18 66 18 4d a0 e4 08
Aug 26 18:33:48.716879: | 8e 7b f5 d6 af 13 0d 1b 01 a3 5a 1e 12 a9 ae cb
Aug 26 18:33:48.716882: | ad 3f 22 16 bf 98 f0 ea 90 16 d0 ca 9d 7c 47 4e
Aug 26 18:33:48.716885: | 60 ee 5b 4e f7 99 a5 e1 80 b1 3b d3 07 3a 23 af
Aug 26 18:33:48.716887: | 4b 91 f1 17 2c 89 a4 ce 52 8c f6 0b a8 e6 fa 4a
Aug 26 18:33:48.716890: | 9a 25 4a be fb 16 c6 3c 7b 05 dd 00 fe 6f b8 39
Aug 26 18:33:48.716892: | 09 7a ec e3 1c 3c c3 e1 ff 4d 39 e5 a3 c3 de 3c
Aug 26 18:33:48.716895: | e5 7f a4 08 18 25 3c ff 13 40 4e 78 13 0e 95 5c
Aug 26 18:33:48.716897: | 5c 7c 2f 18 32 ea 92 16 0e af 37 d1 39 50 64 f9
Aug 26 18:33:48.716901: | 7b 3a 36 e2 6a a1 f6 33 ad 5f 07 16
Aug 26 18:33:48.716952: | state #7 requesting EVENT_CRYPTO_TIMEOUT to be deleted
Aug 26 18:33:48.716958: | libevent_free: release ptr-libevent@0x55c66d976578
Aug 26 18:33:48.716962: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55c66d95ef28
Aug 26 18:33:48.716967: | event_schedule: new EVENT_RETRANSMIT-pe@0x55c66d95ef28
Aug 26 18:33:48.716971: | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #7
Aug 26 18:33:48.716974: | libevent_malloc: new ptr-libevent@0x55c66d957be8 size 128
Aug 26 18:33:48.716980: | #7 STATE_QUICK_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29714.459433
Aug 26 18:33:48.716985: | resume sending helper answer for #7 suppresed complete_v1_state_transition()
Aug 26 18:33:48.716993: | #7 spent 0.704 milliseconds in resume sending helper answer
Aug 26 18:33:48.716998: | stop processing: state #7 connection "northnet-eastnet-b" from 192.1.2.23 (in resume_handler() at server.c:833)
Aug 26 18:33:48.717001: | libevent_free: release ptr-libevent@0x7fbd0c0072f8
Aug 26 18:33:48.717005: | processing signal PLUTO_SIGCHLD
Aug 26 18:33:48.717011: | waitpid returned ECHILD (no child processes left)
Aug 26 18:33:48.717015: | spent 0.00552 milliseconds in signal handler PLUTO_SIGCHLD
Aug 26 18:33:48.719635: | spent 0.00247 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
Aug 26 18:33:48.719655: | *received 92 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500)
Aug 26 18:33:48.719658: | 09 eb 5d d0 b4 d5 55 61 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:48.719660: | 08 10 05 01 3d ee fe 2d 00 00 00 5c f6 38 0a 6f
Aug 26 18:33:48.719661: | 5d 34 a3 44 77 44 e8 9b 53 cc 89 cc 82 e3 b0 27
Aug 26 18:33:48.719663: | a0 07 3d 81 4a 64 30 b4 90 7a 62 5a cd 3b 75 4a
Aug 26 18:33:48.719664: | 86 d4 a3 39 fa 59 10 b2 3f 22 41 72 6a f1 e5 03
Aug 26 18:33:48.719666: | f2 0b 9b 7e 5a f6 63 8a d0 f0 da 1b
Aug 26 18:33:48.719669: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378)
Aug 26 18:33:48.719672: | **parse ISAKMP Message:
Aug 26 18:33:48.719673: | initiator cookie:
Aug 26 18:33:48.719675: | 09 eb 5d d0 b4 d5 55 61
Aug 26 18:33:48.719677: | responder cookie:
Aug 26 18:33:48.719678: | 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:48.719680: | next payload type: ISAKMP_NEXT_HASH (0x8)
Aug 26 18:33:48.719682: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:33:48.719684: | exchange type: ISAKMP_XCHG_INFO (0x5)
Aug 26 18:33:48.719685: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:33:48.719687: | Message ID: 1039072813 (0x3deefe2d)
Aug 26 18:33:48.719689: | length: 92 (0x5c)
Aug 26 18:33:48.719691: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5)
Aug 26 18:33:48.719694: | peer and cookies match on #7; msgid=00000000 st_msgid=b0514738 st_msgid_phase15=00000000
Aug 26 18:33:48.719696: | peer and cookies match on #6; msgid=00000000 st_msgid=9f5e56e4 st_msgid_phase15=00000000
Aug 26 18:33:48.719698: | peer and cookies match on #3; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000
Aug 26 18:33:48.719700: | p15 state object #3 found, in STATE_MAIN_I4
Aug 26 18:33:48.719702: | State DB: found IKEv1 state #3 in MAIN_I4 (find_v1_info_state)
Aug 26 18:33:48.719706: | start processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1479)
Aug 26 18:33:48.719717: | #3 is idle
Aug 26 18:33:48.719719: | #3 idle
Aug 26 18:33:48.719722: | received encrypted packet from 192.1.2.23:500
Aug 26 18:33:48.719729: | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0
Aug 26 18:33:48.719732: | ***parse ISAKMP Hash Payload:
Aug 26 18:33:48.719734: | next payload type: ISAKMP_NEXT_D (0xc)
Aug 26 18:33:48.719735: | length: 36 (0x24)
Aug 26 18:33:48.719737: | got payload 0x1000 (ISAKMP_NEXT_D) needed: 0x0 opt: 0x0
Aug 26 18:33:48.719739: | ***parse ISAKMP Delete Payload:
Aug 26 18:33:48.719741: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:48.719745: | length: 28 (0x1c)
Aug 26 18:33:48.719747: | DOI: ISAKMP_DOI_IPSEC (0x1)
Aug 26 18:33:48.719749: | protocol ID: 1 (0x1)
Aug 26 18:33:48.719750: | SPI size: 16 (0x10)
Aug 26 18:33:48.719752: | number of SPIs: 1 (0x1)
Aug 26 18:33:48.719765: | informational HASH(1):
Aug 26 18:33:48.719767: | d7 84 c4 6a 90 c7 4a d1 0f 35 c8 74 05 f5 29 b3
Aug 26 18:33:48.719769: | 75 bb db 26 a1 b9 1e 3c c5 00 e2 23 a0 85 d0 16
Aug 26 18:33:48.719771: | received 'informational' message HASH(1) data ok
Aug 26 18:33:48.719773: | parsing 8 raw bytes of ISAKMP Delete Payload into iCookie
Aug 26 18:33:48.719774: | iCookie 09 eb 5d d0 b4 d5 55 61
Aug 26 18:33:48.719776: | parsing 8 raw bytes of ISAKMP Delete Payload into rCookie
Aug 26 18:33:48.719778: | rCookie 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:48.719780: | State DB: found IKEv1 state #3 in MAIN_I4 (find_state_ikev1)
Aug 26 18:33:48.719782: | del:
Aug 26 18:33:48.719784: "northnet-eastnet-b" #3: received Delete SA payload: self-deleting ISAKMP State #3
Aug 26 18:33:48.719786: | pstats #3 ikev1.isakmp deleted completed
Aug 26 18:33:48.719791: | [RE]START processing: state #3 connection "northnet-eastnet-b" from 192.1.2.23 (in delete_state() at state.c:879)
Aug 26 18:33:48.719793: "northnet-eastnet-b" #3: deleting state (STATE_MAIN_I4) aged 43.049s and sending notification
Aug 26 18:33:48.719795: | parent state #3: MAIN_I4(established IKE SA) => delete
Aug 26 18:33:48.719831: | #3 send IKEv1 delete notification for STATE_MAIN_I4
Aug 26 18:33:48.719836: | **emit ISAKMP Message:
Aug 26 18:33:48.719838: | initiator cookie:
Aug 26 18:33:48.719840: | 09 eb 5d d0 b4 d5 55 61
Aug 26 18:33:48.719842: | responder cookie:
Aug 26 18:33:48.719843: | 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:48.719845: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:48.719847: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:33:48.719848: | exchange type: ISAKMP_XCHG_INFO (0x5)
Aug 26 18:33:48.719850: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:33:48.719852: | Message ID: 862185975 (0x3363e9f7)
Aug 26 18:33:48.719854: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Aug 26 18:33:48.719856: | ***emit ISAKMP Hash Payload:
Aug 26 18:33:48.719857: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:48.719859: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH)
Aug 26 18:33:48.719861: | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg'
Aug 26 18:33:48.719863: | emitting 32 zero bytes of HASH DATA into ISAKMP Hash Payload
Aug 26 18:33:48.719865: | emitting length of ISAKMP Hash Payload: 36
Aug 26 18:33:48.719867: | ***emit ISAKMP Delete Payload:
Aug 26 18:33:48.719868: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:48.719870: | DOI: ISAKMP_DOI_IPSEC (0x1)
Aug 26 18:33:48.719872: | protocol ID: 1 (0x1)
Aug 26 18:33:48.719873: | SPI size: 16 (0x10)
Aug 26 18:33:48.719875: | number of SPIs: 1 (0x1)
Aug 26 18:33:48.719877: | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D)
Aug 26 18:33:48.719879: | next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg'
Aug 26 18:33:48.719881: | emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload
Aug 26 18:33:48.719882: | initiator SPI 09 eb 5d d0 b4 d5 55 61
Aug 26 18:33:48.719884: | emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload
Aug 26 18:33:48.719886: | responder SPI 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:48.719887: | emitting length of ISAKMP Delete Payload: 28
Aug 26 18:33:48.719899: | send delete HASH(1):
Aug 26 18:33:48.719901: | 86 dc 44 10 89 6d 6e 0b 00 0a 1a 4f 34 be 4f 51
Aug 26 18:33:48.719903: | 75 df 1f 21 7b 8e 19 fb 9c 45 e3 a0 c8 12 ae e6
Aug 26 18:33:48.719907: | no IKEv1 message padding required
Aug 26 18:33:48.719911: | emitting length of ISAKMP Message: 92
Aug 26 18:33:48.719920: | sending 92 bytes for delete notify through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #3)
Aug 26 18:33:48.719923: | 09 eb 5d d0 b4 d5 55 61 3c fa 15 28 e4 f5 fb 3c
Aug 26 18:33:48.719925: | 08 10 05 01 33 63 e9 f7 00 00 00 5c 3e 8e f4 42
Aug 26 18:33:48.719926: | 4f c7 44 e2 bd f0 92 b5 f2 58 5f 3e 3c 3e f7 57
Aug 26 18:33:48.719928: | 1d 36 d6 4f 47 70 d5 63 0d 17 cf 63 d8 84 48 ec
Aug 26 18:33:48.719929: | 85 b5 ab 24 17 a1 ee 9f 49 8f bb 10 92 a2 53 86
Aug 26 18:33:48.719931: | 85 fe 4b 90 78 fa ba a1 59 bb 1b 55
Aug 26 18:33:48.719953: | state #3 requesting EVENT_SA_REPLACE to be deleted
Aug 26 18:33:48.719956: | libevent_free: release ptr-libevent@0x7fbd00000f48
Aug 26 18:33:48.719961: | free_event_entry: release EVENT_SA_REPLACE-pe@0x7fbd0c002b78
Aug 26 18:33:48.719964: "northnet-eastnet-b" #3: reschedule pending child #7 STATE_QUICK_I1 of connection "northnet-eastnet-b" - the parent is going away
Aug 26 18:33:48.719966: | state #7 requesting EVENT_RETRANSMIT to be deleted
Aug 26 18:33:48.719968: | #7 STATE_QUICK_I1: retransmits: cleared
Aug 26 18:33:48.719970: | libevent_free: release ptr-libevent@0x55c66d957be8
Aug 26 18:33:48.719972: | free_event_entry: release EVENT_RETRANSMIT-pe@0x55c66d95ef28
Aug 26 18:33:48.719974: | event_schedule: new EVENT_SA_REPLACE-pe@0x7fbd0c002b78
Aug 26 18:33:48.719976: | inserting event EVENT_SA_REPLACE, timeout in 0 seconds for #7
Aug 26 18:33:48.719978: | libevent_malloc: new ptr-libevent@0x7fbd0c0072f8 size 128
Aug 26 18:33:48.719981: "northnet-eastnet-b" #3: reschedule pending child #6 STATE_QUICK_I1 of connection "north-a-dpd" - the parent is going away
Aug 26 18:33:48.719983: | state #6 requesting EVENT_RETRANSMIT to be deleted
Aug 26 18:33:48.719985: | #6 STATE_QUICK_I1: retransmits: cleared
Aug 26 18:33:48.719986: | libevent_free: release ptr-libevent@0x55c66d974918
Aug 26 18:33:48.719989: | free_event_entry: release EVENT_RETRANSMIT-pe@0x7fbd04002b78
Aug 26 18:33:48.719992: | event_schedule: new EVENT_SA_REPLACE-pe@0x7fbd04002b78
Aug 26 18:33:48.719994: | inserting event EVENT_SA_REPLACE, timeout in 0 seconds for #6
Aug 26 18:33:48.719996: | libevent_malloc: new ptr-libevent@0x55c66d974918 size 128
Aug 26 18:33:48.719998: | State DB: IKEv1 state not found (flush_incomplete_children)
Aug 26 18:33:48.720000: | picked newest_isakmp_sa #0 for #3
Aug 26 18:33:48.720002: "northnet-eastnet-b" #3: deleting IKE SA for connection 'northnet-eastnet-b' but connection is supposed to remain up; schedule EVENT_REVIVE_CONNS
Aug 26 18:33:48.720004: | add revival: connection 'northnet-eastnet-b' added to the list and scheduled for 0 seconds
Aug 26 18:33:48.720006: | global one-shot timer EVENT_REVIVE_CONNS scheduled in 0 seconds
Aug 26 18:33:48.720010: | in connection_discard for connection northnet-eastnet-b
Aug 26 18:33:48.720011: | State DB: deleting IKEv1 state #3 in MAIN_I4
Aug 26 18:33:48.720016: | parent state #3: MAIN_I4(established IKE SA) => UNDEFINED(ignore)
Aug 26 18:33:48.720023: | unreference key: 0x55c66d973c08 C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org cnt 2--
Aug 26 18:33:48.720036: | stop processing: state #3 from 192.1.2.23 (in delete_state() at state.c:1143)
Aug 26 18:33:48.720044: | unreference key: 0x55c66d973c08 C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org cnt 1--
Aug 26 18:33:48.720048: | unreference key: 0x55c66d974e78 user-east@testing.libreswan.org cnt 1--
Aug 26 18:33:48.720052: | unreference key: 0x55c66d954b18 @east.testing.libreswan.org cnt 1--
Aug 26 18:33:48.720054: | unreference key: 0x55c66d9630d8 east@testing.libreswan.org cnt 1--
Aug 26 18:33:48.720057: | unreference key: 0x55c66d963328 192.1.2.23 cnt 1--
Aug 26 18:33:48.720068: | in statetime_start() with no state
Aug 26 18:33:48.720071: | complete v1 state transition with STF_IGNORE
Aug 26 18:33:48.720073: | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380)
Aug 26 18:33:48.720077: | processing: STOP state #0 (in process_md() at demux.c:382)
Aug 26 18:33:48.720079: | processing: STOP connection NULL (in process_md() at demux.c:383)
Aug 26 18:33:48.720083: | spent 0.425 milliseconds in comm_handle_cb() reading and processing packet
Aug 26 18:33:48.720090: | spent 0.00128 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
Aug 26 18:33:48.720097: | *received 92 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500)
Aug 26 18:33:48.720099: | 35 80 c1 69 e2 a9 e2 31 4b 16 40 1f 95 19 a0 1f
Aug 26 18:33:48.720100: | 08 10 05 01 d5 a5 94 aa 00 00 00 5c 09 d9 b2 7d
Aug 26 18:33:48.720102: | 11 f9 70 88 83 21 b6 ff 46 ba 00 da 11 9e 21 8c
Aug 26 18:33:48.720103: | 96 59 5f 55 71 2f 5a cf 8b 1a 82 92 97 8c 93 ee
Aug 26 18:33:48.720105: | 36 2e b2 8c 63 71 1b d2 37 97 8f 0e 71 cf 2d 22
Aug 26 18:33:48.720106: | 35 2c b1 b7 da 71 f2 af 0a ba 23 18
Aug 26 18:33:48.720109: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378)
Aug 26 18:33:48.720111: | **parse ISAKMP Message:
Aug 26 18:33:48.720113: | initiator cookie:
Aug 26 18:33:48.720115: | 35 80 c1 69 e2 a9 e2 31
Aug 26 18:33:48.720116: | responder cookie:
Aug 26 18:33:48.720118: | 4b 16 40 1f 95 19 a0 1f
Aug 26 18:33:48.720119: | next payload type: ISAKMP_NEXT_HASH (0x8)
Aug 26 18:33:48.720121: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:33:48.720123: | exchange type: ISAKMP_XCHG_INFO (0x5)
Aug 26 18:33:48.720125: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Aug 26 18:33:48.720126: | Message ID: 3584398506 (0xd5a594aa)
Aug 26 18:33:48.720128: | length: 92 (0x5c)
Aug 26 18:33:48.720130: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5)
Aug 26 18:33:48.720132: | State DB: IKEv1 state not found (find_v1_info_state)
Aug 26 18:33:48.720134: | State DB: IKEv1 state not found (find_state_ikev1_init)
Aug 26 18:33:48.720136: | Informational Exchange is for an unknown (expired?) SA with MSGID:0xd5a594aa
Aug 26 18:33:48.720138: | - unknown SA's md->hdr.isa_ike_initiator_spi.bytes:
Aug 26 18:33:48.720139: | 35 80 c1 69 e2 a9 e2 31
Aug 26 18:33:48.720141: | - unknown SA's md->hdr.isa_ike_responder_spi.bytes:
Aug 26 18:33:48.720142: | 4b 16 40 1f 95 19 a0 1f
Aug 26 18:33:48.720144: | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380)
Aug 26 18:33:48.720146: | processing: STOP state #0 (in process_md() at demux.c:382)
Aug 26 18:33:48.720148: | processing: STOP connection NULL (in process_md() at demux.c:383)
Aug 26 18:33:48.720151: | spent 0.0582 milliseconds in comm_handle_cb() reading and processing packet
Aug 26 18:33:48.720153: | timer_event_cb: processing event@0x7fbd0c002b78
Aug 26 18:33:48.720155: | handling event EVENT_SA_REPLACE for child state #7
Aug 26 18:33:48.720158: | start processing: state #7 connection "northnet-eastnet-b" from 192.1.2.23 (in timer_event_cb() at timer.c:250)
Aug 26 18:33:48.720161: | picked newest_ipsec_sa #0 for #7
Aug 26 18:33:48.720162: | replacing stale IPsec SA
Aug 26 18:33:48.720165: | dup_any(fd@-1) -> fd@-1 (in ipsecdoi_replace() at ipsec_doi.c:351)
Aug 26 18:33:48.720167: | FOR_EACH_STATE_... in find_phase1_state
Aug 26 18:33:48.720171: | creating state object #8 at 0x55c66d956938
Aug 26 18:33:48.720173: | State DB: adding IKEv1 state #8 in UNDEFINED
Aug 26 18:33:48.720177: | pstats #8 ikev1.isakmp started
Aug 26 18:33:48.720182: | suspend processing: state #7 connection "northnet-eastnet-b" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118)
Aug 26 18:33:48.720184: | start processing: state #8 connection "northnet-eastnet-b" from 192.1.2.23 (in main_outI1() at ikev1_main.c:118)
Aug 26 18:33:48.720187: | parent state #8: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA)
Aug 26 18:33:48.720189: | dup_any(fd@-1) -> fd@-1 (in main_outI1() at ikev1_main.c:123)
Aug 26 18:33:48.720192: | Queuing pending IPsec SA negotiating with 192.1.2.23 "northnet-eastnet-b" IKE SA #8 "northnet-eastnet-b"
Aug 26 18:33:48.720196: "northnet-eastnet-b" #8: initiating Main Mode
Aug 26 18:33:48.720199: | **emit ISAKMP Message:
Aug 26 18:33:48.720201: | initiator cookie:
Aug 26 18:33:48.720203: | cb 9b 9c 83 21 57 56 d4
Aug 26 18:33:48.720204: | responder cookie:
Aug 26 18:33:48.720206: | 00 00 00 00 00 00 00 00
Aug 26 18:33:48.720208: | next payload type: ISAKMP_NEXT_SA (0x1)
Aug 26 18:33:48.720209: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Aug 26 18:33:48.720211: | exchange type: ISAKMP_XCHG_IDPROT (0x2)
Aug 26 18:33:48.720213: | flags: none (0x0)
Aug 26 18:33:48.720214: | Message ID: 0 (0x0)
Aug 26 18:33:48.720216: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Aug 26 18:33:48.720218: | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA
Aug 26 18:33:48.720221: | no specific IKE algorithms specified - using defaults
Aug 26 18:33:48.720239: | oakley_alg_makedb() processing ealg=aes=7 halg=sha2_256=4 modp=MODP2048=14 eklen=0
Aug 26 18:33:48.720244: | oakley_alg_makedb() processing ealg=aes=7 halg=sha2_512=6 modp=MODP2048=14 eklen=0
Aug 26 18:33:48.720247: | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=0
Aug 26 18:33:48.720251: | oakley_alg_makedb() processing ealg=aes=7 halg=sha2_256=4 modp=MODP1536=5 eklen=0
Aug 26 18:33:48.720254: | oakley_alg_makedb() processing ealg=aes=7 halg=sha2_512=6 modp=MODP1536=5 eklen=0
Aug 26 18:33:48.720259: | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP1536=5 eklen=0
Aug 26 18:33:48.720265: | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_256=4 modp=MODP2048=14 eklen=0
Aug 26 18:33:48.720268: | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_512=6 modp=MODP2048=14 eklen=0
Aug 26 18:33:48.720272: | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP2048=14 eklen=0
Aug 26 18:33:48.720275: | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_256=4 modp=MODP1536=5 eklen=0
Aug 26 18:33:48.720279: | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_512=6 modp=MODP1536=5 eklen=0
Aug 26 18:33:48.720282: | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP1536=5 eklen=0
Aug 26 18:33:48.720286: | oakley_alg_makedb() returning 0x55c66d964ae8
Aug 26 18:33:48.720306: | ***emit ISAKMP Security Association Payload:
Aug 26 18:33:48.720311: | next payload type: ISAKMP_NEXT_VID (0xd)
Aug 26 18:33:48.720313: | DOI: ISAKMP_DOI_IPSEC (0x1)
Aug 26 18:33:48.720315: | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
Aug 26 18:33:48.720317: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA)
Aug 26 18:33:48.720319: | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:48.720321: | ****emit IPsec DOI SIT:
Aug 26 18:33:48.720323: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
Aug 26 18:33:48.720325: | ikev1_out_sa pcn: 0 has 1 valid proposals
Aug 26 18:33:48.720327: | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 18
Aug 26 18:33:48.720328: | ****emit ISAKMP Proposal Payload:
Aug 26 18:33:48.720330: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:48.720332: | proposal number: 0 (0x0)
Aug 26 18:33:48.720333: | protocol ID: PROTO_ISAKMP (0x1)
Aug 26 18:33:48.720335: | SPI size: 0 (0x0)
Aug 26 18:33:48.720337: | number of transforms: 18 (0x12)
Aug 26 18:33:48.720339: | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type'
Aug 26 18:33:48.720340: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:48.720342: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.720344: | ISAKMP transform number: 0 (0x0)
Aug 26 18:33:48.720346: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:48.720347: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:48.720351: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720353: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:48.720355: | length/value: 1 (0x1)
Aug 26 18:33:48.720357: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:48.720358: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720360: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:48.720362: | length/value: 3600 (0xe10)
Aug 26 18:33:48.720364: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720365: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:48.720367: | length/value: 7 (0x7)
Aug 26 18:33:48.720369: | [7 is OAKLEY_AES_CBC]
Aug 26 18:33:48.720370: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720372: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:48.720374: | length/value: 4 (0x4)
Aug 26 18:33:48.720375: | [4 is OAKLEY_SHA2_256]
Aug 26 18:33:48.720377: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720379: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:48.720380: | length/value: 3 (0x3)
Aug 26 18:33:48.720382: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:48.720383: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720385: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:48.720387: | length/value: 14 (0xe)
Aug 26 18:33:48.720388: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:48.720390: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720392: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:33:48.720393: | length/value: 256 (0x100)
Aug 26 18:33:48.720395: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:33:48.720397: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:48.720398: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.720400: | ISAKMP transform number: 1 (0x1)
Aug 26 18:33:48.720402: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:48.720404: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.720406: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:48.720407: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720409: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:48.720411: | length/value: 1 (0x1)
Aug 26 18:33:48.720412: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:48.720414: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720415: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:48.720417: | length/value: 3600 (0xe10)
Aug 26 18:33:48.720419: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720420: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:48.720422: | length/value: 7 (0x7)
Aug 26 18:33:48.720424: | [7 is OAKLEY_AES_CBC]
Aug 26 18:33:48.720425: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720427: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:48.720428: | length/value: 4 (0x4)
Aug 26 18:33:48.720430: | [4 is OAKLEY_SHA2_256]
Aug 26 18:33:48.720431: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720433: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:48.720435: | length/value: 3 (0x3)
Aug 26 18:33:48.720436: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:48.720438: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720440: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:48.720441: | length/value: 14 (0xe)
Aug 26 18:33:48.720443: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:48.720444: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720446: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:33:48.720448: | length/value: 128 (0x80)
Aug 26 18:33:48.720449: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:33:48.720451: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:48.720453: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.720456: | ISAKMP transform number: 2 (0x2)
Aug 26 18:33:48.720457: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:48.720459: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.720461: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:48.720463: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720464: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:48.720466: | length/value: 1 (0x1)
Aug 26 18:33:48.720468: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:48.720469: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720471: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:48.720472: | length/value: 3600 (0xe10)
Aug 26 18:33:48.720474: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720476: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:48.720477: | length/value: 7 (0x7)
Aug 26 18:33:48.720479: | [7 is OAKLEY_AES_CBC]
Aug 26 18:33:48.720480: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720482: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:48.720484: | length/value: 6 (0x6)
Aug 26 18:33:48.720485: | [6 is OAKLEY_SHA2_512]
Aug 26 18:33:48.720487: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720488: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:48.720490: | length/value: 3 (0x3)
Aug 26 18:33:48.720492: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:48.720493: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720495: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:48.720496: | length/value: 14 (0xe)
Aug 26 18:33:48.720498: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:48.720499: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720501: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:33:48.720503: | length/value: 256 (0x100)
Aug 26 18:33:48.720504: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:33:48.720506: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:48.720508: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.720509: | ISAKMP transform number: 3 (0x3)
Aug 26 18:33:48.720511: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:48.720513: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.720515: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:48.720516: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720518: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:48.720519: | length/value: 1 (0x1)
Aug 26 18:33:48.720521: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:48.720523: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720524: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:48.720526: | length/value: 3600 (0xe10)
Aug 26 18:33:48.720527: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720529: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:48.720531: | length/value: 7 (0x7)
Aug 26 18:33:48.720532: | [7 is OAKLEY_AES_CBC]
Aug 26 18:33:48.720534: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720535: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:48.720537: | length/value: 6 (0x6)
Aug 26 18:33:48.720539: | [6 is OAKLEY_SHA2_512]
Aug 26 18:33:48.720540: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720542: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:48.720543: | length/value: 3 (0x3)
Aug 26 18:33:48.720545: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:48.720546: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720548: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:48.720550: | length/value: 14 (0xe)
Aug 26 18:33:48.720551: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:48.720554: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720555: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:33:48.720557: | length/value: 128 (0x80)
Aug 26 18:33:48.720559: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:33:48.720560: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:48.720562: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.720563: | ISAKMP transform number: 4 (0x4)
Aug 26 18:33:48.720565: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:48.720567: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.720569: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:48.720570: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720572: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:48.720573: | length/value: 1 (0x1)
Aug 26 18:33:48.720575: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:48.720577: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720578: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:48.720580: | length/value: 3600 (0xe10)
Aug 26 18:33:48.720581: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720583: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:48.720585: | length/value: 7 (0x7)
Aug 26 18:33:48.720586: | [7 is OAKLEY_AES_CBC]
Aug 26 18:33:48.720588: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720589: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:48.720591: | length/value: 2 (0x2)
Aug 26 18:33:48.720592: | [2 is OAKLEY_SHA1]
Aug 26 18:33:48.720594: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720596: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:48.720597: | length/value: 3 (0x3)
Aug 26 18:33:48.720599: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:48.720600: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720602: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:48.720603: | length/value: 14 (0xe)
Aug 26 18:33:48.720605: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:48.720607: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720608: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:33:48.720610: | length/value: 256 (0x100)
Aug 26 18:33:48.720611: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:33:48.720613: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:48.720615: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.720616: | ISAKMP transform number: 5 (0x5)
Aug 26 18:33:48.720618: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:48.720620: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.720622: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:48.720623: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720625: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:48.720626: | length/value: 1 (0x1)
Aug 26 18:33:48.720628: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:48.720630: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720631: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:48.720633: | length/value: 3600 (0xe10)
Aug 26 18:33:48.720634: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720636: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:48.720638: | length/value: 7 (0x7)
Aug 26 18:33:48.720639: | [7 is OAKLEY_AES_CBC]
Aug 26 18:33:48.720641: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720642: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:48.720644: | length/value: 2 (0x2)
Aug 26 18:33:48.720645: | [2 is OAKLEY_SHA1]
Aug 26 18:33:48.720647: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720649: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:48.720651: | length/value: 3 (0x3)
Aug 26 18:33:48.720653: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:48.720654: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720656: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:48.720657: | length/value: 14 (0xe)
Aug 26 18:33:48.720659: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:48.720660: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720662: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:33:48.720664: | length/value: 128 (0x80)
Aug 26 18:33:48.720665: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:33:48.720667: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:48.720669: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.720670: | ISAKMP transform number: 6 (0x6)
Aug 26 18:33:48.720672: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:48.720674: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.720675: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:48.720677: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720679: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:48.720680: | length/value: 1 (0x1)
Aug 26 18:33:48.720682: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:48.720683: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720685: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:48.720687: | length/value: 3600 (0xe10)
Aug 26 18:33:48.720688: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720690: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:48.720691: | length/value: 7 (0x7)
Aug 26 18:33:48.720693: | [7 is OAKLEY_AES_CBC]
Aug 26 18:33:48.720694: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720696: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:48.720698: | length/value: 4 (0x4)
Aug 26 18:33:48.720699: | [4 is OAKLEY_SHA2_256]
Aug 26 18:33:48.720701: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720702: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:48.720704: | length/value: 3 (0x3)
Aug 26 18:33:48.720706: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:48.720707: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720709: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:48.720710: | length/value: 5 (0x5)
Aug 26 18:33:48.720712: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:33:48.720713: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720715: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:33:48.720717: | length/value: 256 (0x100)
Aug 26 18:33:48.720718: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:33:48.720720: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:48.720721: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.720723: | ISAKMP transform number: 7 (0x7)
Aug 26 18:33:48.720725: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:48.720727: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.720728: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:48.720730: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720732: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:48.720733: | length/value: 1 (0x1)
Aug 26 18:33:48.720735: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:48.720736: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720738: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:48.720740: | length/value: 3600 (0xe10)
Aug 26 18:33:48.720741: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720743: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:48.720745: | length/value: 7 (0x7)
Aug 26 18:33:48.720747: | [7 is OAKLEY_AES_CBC]
Aug 26 18:33:48.720748: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720750: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:48.720752: | length/value: 4 (0x4)
Aug 26 18:33:48.720753: | [4 is OAKLEY_SHA2_256]
Aug 26 18:33:48.720755: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720756: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:48.720758: | length/value: 3 (0x3)
Aug 26 18:33:48.720760: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:48.720763: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720765: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:48.720767: | length/value: 5 (0x5)
Aug 26 18:33:48.720770: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:33:48.720772: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720775: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:33:48.720777: | length/value: 128 (0x80)
Aug 26 18:33:48.720780: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:33:48.720782: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:48.720785: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.720787: | ISAKMP transform number: 8 (0x8)
Aug 26 18:33:48.720789: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:48.720792: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.720795: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:48.720798: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720800: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:48.720802: | length/value: 1 (0x1)
Aug 26 18:33:48.720805: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:48.720807: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720809: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:48.720811: | length/value: 3600 (0xe10)
Aug 26 18:33:48.720813: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720816: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:48.720818: | length/value: 7 (0x7)
Aug 26 18:33:48.720821: | [7 is OAKLEY_AES_CBC]
Aug 26 18:33:48.720823: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720825: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:48.720828: | length/value: 6 (0x6)
Aug 26 18:33:48.720830: | [6 is OAKLEY_SHA2_512]
Aug 26 18:33:48.720832: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720835: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:48.720837: | length/value: 3 (0x3)
Aug 26 18:33:48.720840: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:48.720842: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720844: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:48.720847: | length/value: 5 (0x5)
Aug 26 18:33:48.720849: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:33:48.720851: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720854: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:33:48.720856: | length/value: 256 (0x100)
Aug 26 18:33:48.720859: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:33:48.720861: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:48.720863: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.720866: | ISAKMP transform number: 9 (0x9)
Aug 26 18:33:48.720868: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:48.720871: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.720873: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:48.720876: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720878: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:48.720880: | length/value: 1 (0x1)
Aug 26 18:33:48.720884: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:48.720886: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720889: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:48.720891: | length/value: 3600 (0xe10)
Aug 26 18:33:48.720894: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720896: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:48.720899: | length/value: 7 (0x7)
Aug 26 18:33:48.720901: | [7 is OAKLEY_AES_CBC]
Aug 26 18:33:48.720903: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720905: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:48.720908: | length/value: 6 (0x6)
Aug 26 18:33:48.720910: | [6 is OAKLEY_SHA2_512]
Aug 26 18:33:48.720912: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720915: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:48.720917: | length/value: 3 (0x3)
Aug 26 18:33:48.720920: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:48.720922: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720924: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:48.720927: | length/value: 5 (0x5)
Aug 26 18:33:48.720929: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:33:48.720932: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720934: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:33:48.720936: | length/value: 128 (0x80)
Aug 26 18:33:48.720939: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:33:48.720941: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:48.720943: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.720945: | ISAKMP transform number: 10 (0xa)
Aug 26 18:33:48.720948: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:48.720950: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.720953: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:48.720956: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720958: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:48.720960: | length/value: 1 (0x1)
Aug 26 18:33:48.720963: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:48.720965: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720967: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:48.720970: | length/value: 3600 (0xe10)
Aug 26 18:33:48.720972: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720974: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:48.720977: | length/value: 7 (0x7)
Aug 26 18:33:48.720979: | [7 is OAKLEY_AES_CBC]
Aug 26 18:33:48.720981: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720984: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:48.720986: | length/value: 2 (0x2)
Aug 26 18:33:48.720988: | [2 is OAKLEY_SHA1]
Aug 26 18:33:48.720990: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.720993: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:48.720995: | length/value: 3 (0x3)
Aug 26 18:33:48.720997: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:48.720999: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721001: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:48.721004: | length/value: 5 (0x5)
Aug 26 18:33:48.721006: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:33:48.721008: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721011: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:33:48.721013: | length/value: 256 (0x100)
Aug 26 18:33:48.721015: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:33:48.721018: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:48.721020: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.721023: | ISAKMP transform number: 11 (0xb)
Aug 26 18:33:48.721026: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:48.721029: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.721033: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:48.721036: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721039: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:48.721042: | length/value: 1 (0x1)
Aug 26 18:33:48.721044: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:48.721046: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721049: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:48.721051: | length/value: 3600 (0xe10)
Aug 26 18:33:48.721054: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721056: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:48.721059: | length/value: 7 (0x7)
Aug 26 18:33:48.721061: | [7 is OAKLEY_AES_CBC]
Aug 26 18:33:48.721063: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721066: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:48.721068: | length/value: 2 (0x2)
Aug 26 18:33:48.721071: | [2 is OAKLEY_SHA1]
Aug 26 18:33:48.721073: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721075: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:48.721077: | length/value: 3 (0x3)
Aug 26 18:33:48.721079: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:48.721082: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721084: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:48.721086: | length/value: 5 (0x5)
Aug 26 18:33:48.721089: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:33:48.721091: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721094: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Aug 26 18:33:48.721096: | length/value: 128 (0x80)
Aug 26 18:33:48.721099: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Aug 26 18:33:48.721101: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:48.721104: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.721106: | ISAKMP transform number: 12 (0xc)
Aug 26 18:33:48.721109: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:48.721112: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.721115: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:48.721118: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721121: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:48.721123: | length/value: 1 (0x1)
Aug 26 18:33:48.721125: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:48.721128: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721131: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:48.721134: | length/value: 3600 (0xe10)
Aug 26 18:33:48.721136: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721139: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:48.721142: | length/value: 5 (0x5)
Aug 26 18:33:48.721144: | [5 is OAKLEY_3DES_CBC]
Aug 26 18:33:48.721146: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721149: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:48.721151: | length/value: 4 (0x4)
Aug 26 18:33:48.721154: | [4 is OAKLEY_SHA2_256]
Aug 26 18:33:48.721156: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721159: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:48.721162: | length/value: 3 (0x3)
Aug 26 18:33:48.721164: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:48.721167: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721169: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:48.721172: | length/value: 14 (0xe)
Aug 26 18:33:48.721175: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:48.721177: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Aug 26 18:33:48.721179: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:48.721182: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.721186: | ISAKMP transform number: 13 (0xd)
Aug 26 18:33:48.721189: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:48.721193: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.721196: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:48.721199: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721201: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:48.721204: | length/value: 1 (0x1)
Aug 26 18:33:48.721206: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:48.721209: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721212: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:48.721215: | length/value: 3600 (0xe10)
Aug 26 18:33:48.721218: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721221: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:48.721223: | length/value: 5 (0x5)
Aug 26 18:33:48.721225: | [5 is OAKLEY_3DES_CBC]
Aug 26 18:33:48.721228: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721231: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:48.721233: | length/value: 6 (0x6)
Aug 26 18:33:48.721235: | [6 is OAKLEY_SHA2_512]
Aug 26 18:33:48.721238: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721241: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:48.721243: | length/value: 3 (0x3)
Aug 26 18:33:48.721246: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:48.721249: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721252: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:48.721254: | length/value: 14 (0xe)
Aug 26 18:33:48.721257: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:48.721260: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Aug 26 18:33:48.721263: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:48.721265: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.721268: | ISAKMP transform number: 14 (0xe)
Aug 26 18:33:48.721270: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:48.721274: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.721277: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:48.721279: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721282: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:48.721285: | length/value: 1 (0x1)
Aug 26 18:33:48.721292: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:48.721297: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721300: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:48.721302: | length/value: 3600 (0xe10)
Aug 26 18:33:48.721305: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721308: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:48.721311: | length/value: 5 (0x5)
Aug 26 18:33:48.721313: | [5 is OAKLEY_3DES_CBC]
Aug 26 18:33:48.721316: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721319: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:48.721321: | length/value: 2 (0x2)
Aug 26 18:33:48.721324: | [2 is OAKLEY_SHA1]
Aug 26 18:33:48.721327: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721329: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:48.721332: | length/value: 3 (0x3)
Aug 26 18:33:48.721334: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:48.721336: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721339: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:48.721341: | length/value: 14 (0xe)
Aug 26 18:33:48.721344: | [14 is OAKLEY_GROUP_MODP2048]
Aug 26 18:33:48.721346: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Aug 26 18:33:48.721348: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:48.721353: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.721355: | ISAKMP transform number: 15 (0xf)
Aug 26 18:33:48.721358: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:48.721361: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.721364: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:48.721367: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721370: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:48.721372: | length/value: 1 (0x1)
Aug 26 18:33:48.721375: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:48.721377: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721380: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:48.721382: | length/value: 3600 (0xe10)
Aug 26 18:33:48.721385: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721388: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:48.721391: | length/value: 5 (0x5)
Aug 26 18:33:48.721393: | [5 is OAKLEY_3DES_CBC]
Aug 26 18:33:48.721395: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721398: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:48.721400: | length/value: 4 (0x4)
Aug 26 18:33:48.721403: | [4 is OAKLEY_SHA2_256]
Aug 26 18:33:48.721405: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721408: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:48.721410: | length/value: 3 (0x3)
Aug 26 18:33:48.721413: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:48.721415: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721418: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:48.721420: | length/value: 5 (0x5)
Aug 26 18:33:48.721423: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:33:48.721425: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Aug 26 18:33:48.721428: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:48.721430: | next payload type: ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.721433: | ISAKMP transform number: 16 (0x10)
Aug 26 18:33:48.721436: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:48.721439: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.721442: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:48.721445: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721448: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:48.721451: | length/value: 1 (0x1)
Aug 26 18:33:48.721454: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:48.721457: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721460: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:48.721462: | length/value: 3600 (0xe10)
Aug 26 18:33:48.721465: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721467: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:48.721470: | length/value: 5 (0x5)
Aug 26 18:33:48.721472: | [5 is OAKLEY_3DES_CBC]
Aug 26 18:33:48.721475: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721477: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:48.721480: | length/value: 6 (0x6)
Aug 26 18:33:48.721482: | [6 is OAKLEY_SHA2_512]
Aug 26 18:33:48.721484: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721487: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:48.721490: | length/value: 3 (0x3)
Aug 26 18:33:48.721492: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:48.721495: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721497: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:48.721500: | length/value: 5 (0x5)
Aug 26 18:33:48.721502: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:33:48.721505: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Aug 26 18:33:48.721507: | *****emit ISAKMP Transform Payload (ISAKMP):
Aug 26 18:33:48.721512: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:48.721514: | ISAKMP transform number: 17 (0x11)
Aug 26 18:33:48.721517: | ISAKMP transform ID: KEY_IKE (0x1)
Aug 26 18:33:48.721520: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Aug 26 18:33:48.721523: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Aug 26 18:33:48.721525: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721528: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Aug 26 18:33:48.721531: | length/value: 1 (0x1)
Aug 26 18:33:48.721533: | [1 is OAKLEY_LIFE_SECONDS]
Aug 26 18:33:48.721536: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721539: | af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Aug 26 18:33:48.721541: | length/value: 3600 (0xe10)
Aug 26 18:33:48.721543: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721546: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Aug 26 18:33:48.721549: | length/value: 5 (0x5)
Aug 26 18:33:48.721551: | [5 is OAKLEY_3DES_CBC]
Aug 26 18:33:48.721554: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721556: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Aug 26 18:33:48.721559: | length/value: 2 (0x2)
Aug 26 18:33:48.721562: | [2 is OAKLEY_SHA1]
Aug 26 18:33:48.721564: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721566: | af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Aug 26 18:33:48.721569: | length/value: 3 (0x3)
Aug 26 18:33:48.721571: | [3 is OAKLEY_RSA_SIG]
Aug 26 18:33:48.721574: | ******emit ISAKMP Oakley attribute:
Aug 26 18:33:48.721577: | af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Aug 26 18:33:48.721579: | length/value: 5 (0x5)
Aug 26 18:33:48.721582: | [5 is OAKLEY_GROUP_MODP1536]
Aug 26 18:33:48.721584: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Aug 26 18:33:48.721587: | emitting length of ISAKMP Proposal Payload: 632
Aug 26 18:33:48.721590: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0
Aug 26 18:33:48.721592: | emitting length of ISAKMP Security Association Payload: 644
Aug 26 18:33:48.721595: | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0
Aug 26 18:33:48.721600: | out_vid(): sending [FRAGMENTATION]
Aug 26 18:33:48.721603: | ***emit ISAKMP Vendor ID Payload:
Aug 26 18:33:48.721606: | next payload type: ISAKMP_NEXT_VID (0xd)
Aug 26 18:33:48.721609: | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
Aug 26 18:33:48.721613: | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
Aug 26 18:33:48.721616: | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:48.721620: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Aug 26 18:33:48.721622: | V_ID 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3
Aug 26 18:33:48.721625: | emitting length of ISAKMP Vendor ID Payload: 20
Aug 26 18:33:48.721627: | out_vid(): sending [Dead Peer Detection]
Aug 26 18:33:48.721630: | ***emit ISAKMP Vendor ID Payload:
Aug 26 18:33:48.721633: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:48.721637: | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
Aug 26 18:33:48.721639: | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:48.721642: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Aug 26 18:33:48.721645: | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00
Aug 26 18:33:48.721648: | emitting length of ISAKMP Vendor ID Payload: 20
Aug 26 18:33:48.721654: | nat add vid
Aug 26 18:33:48.721657: | sending draft and RFC NATT VIDs
Aug 26 18:33:48.721659: | out_vid(): sending [RFC 3947]
Aug 26 18:33:48.721662: | ***emit ISAKMP Vendor ID Payload:
Aug 26 18:33:48.721664: | next payload type: ISAKMP_NEXT_VID (0xd)
Aug 26 18:33:48.721668: | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
Aug 26 18:33:48.721671: | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
Aug 26 18:33:48.721674: | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:48.721677: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Aug 26 18:33:48.721680: | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
Aug 26 18:33:48.721683: | emitting length of ISAKMP Vendor ID Payload: 20
Aug 26 18:33:48.721685: | skipping VID_NATT_RFC
Aug 26 18:33:48.721688: | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03]
Aug 26 18:33:48.721691: | ***emit ISAKMP Vendor ID Payload:
Aug 26 18:33:48.721694: | next payload type: ISAKMP_NEXT_VID (0xd)
Aug 26 18:33:48.721697: | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
Aug 26 18:33:48.721700: | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
Aug 26 18:33:48.721703: | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:48.721706: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Aug 26 18:33:48.721709: | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56
Aug 26 18:33:48.721712: | emitting length of ISAKMP Vendor ID Payload: 20
Aug 26 18:33:48.721715: | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n]
Aug 26 18:33:48.721718: | ***emit ISAKMP Vendor ID Payload:
Aug 26 18:33:48.721720: | next payload type: ISAKMP_NEXT_VID (0xd)
Aug 26 18:33:48.721724: | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
Aug 26 18:33:48.721727: | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
Aug 26 18:33:48.721730: | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:48.721733: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Aug 26 18:33:48.721736: | V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f
Aug 26 18:33:48.721739: | emitting length of ISAKMP Vendor ID Payload: 20
Aug 26 18:33:48.721741: | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02]
Aug 26 18:33:48.721744: | ***emit ISAKMP Vendor ID Payload:
Aug 26 18:33:48.721747: | next payload type: ISAKMP_NEXT_NONE (0x0)
Aug 26 18:33:48.721751: | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
Aug 26 18:33:48.721754: | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
Aug 26 18:33:48.721757: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Aug 26 18:33:48.721760: | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48
Aug 26 18:33:48.721762: | emitting length of ISAKMP Vendor ID Payload: 20
Aug 26 18:33:48.721765: | no IKEv1 message padding required
Aug 26 18:33:48.721768: | emitting length of ISAKMP Message: 792
Aug 26 18:33:48.721776: | sending 792 bytes for reply packet for main_outI1 through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #8)
Aug 26 18:33:48.721779: | cb 9b 9c 83 21 57 56 d4 00 00 00 00 00 00 00 00
Aug 26 18:33:48.721782: | 01 10 02 00 00 00 00 00 00 00 03 18 0d 00 02 84
Aug 26 18:33:48.721784: | 00 00 00 01 00 00 00 01 00 00 02 78 00 01 00 12
Aug 26 18:33:48.721787: | 03 00 00 24 00 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:48.721792: | 80 01 00 07 80 02 00 04 80 03 00 03 80 04 00 0e
Aug 26 18:33:48.721794: | 80 0e 01 00 03 00 00 24 01 01 00 00 80 0b 00 01
Aug 26 18:33:48.721797: | 80 0c 0e 10 80 01 00 07 80 02 00 04 80 03 00 03
Aug 26 18:33:48.721799: | 80 04 00 0e 80 0e 00 80 03 00 00 24 02 01 00 00
Aug 26 18:33:48.721802: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 06
Aug 26 18:33:48.721805: | 80 03 00 03 80 04 00 0e 80 0e 01 00 03 00 00 24
Aug 26 18:33:48.721807: | 03 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:48.721810: | 80 02 00 06 80 03 00 03 80 04 00 0e 80 0e 00 80
Aug 26 18:33:48.721813: | 03 00 00 24 04 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:48.721816: | 80 01 00 07 80 02 00 02 80 03 00 03 80 04 00 0e
Aug 26 18:33:48.721818: | 80 0e 01 00 03 00 00 24 05 01 00 00 80 0b 00 01
Aug 26 18:33:48.721821: | 80 0c 0e 10 80 01 00 07 80 02 00 02 80 03 00 03
Aug 26 18:33:48.721823: | 80 04 00 0e 80 0e 00 80 03 00 00 24 06 01 00 00
Aug 26 18:33:48.721826: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 04
Aug 26 18:33:48.721829: | 80 03 00 03 80 04 00 05 80 0e 01 00 03 00 00 24
Aug 26 18:33:48.721832: | 07 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:48.721834: | 80 02 00 04 80 03 00 03 80 04 00 05 80 0e 00 80
Aug 26 18:33:48.721837: | 03 00 00 24 08 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:48.721839: | 80 01 00 07 80 02 00 06 80 03 00 03 80 04 00 05
Aug 26 18:33:48.721842: | 80 0e 01 00 03 00 00 24 09 01 00 00 80 0b 00 01
Aug 26 18:33:48.721845: | 80 0c 0e 10 80 01 00 07 80 02 00 06 80 03 00 03
Aug 26 18:33:48.721847: | 80 04 00 05 80 0e 00 80 03 00 00 24 0a 01 00 00
Aug 26 18:33:48.721849: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 02 00 02
Aug 26 18:33:48.721852: | 80 03 00 03 80 04 00 05 80 0e 01 00 03 00 00 24
Aug 26 18:33:48.721855: | 0b 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
Aug 26 18:33:48.721857: | 80 02 00 02 80 03 00 03 80 04 00 05 80 0e 00 80
Aug 26 18:33:48.721859: | 03 00 00 20 0c 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:48.721862: | 80 01 00 05 80 02 00 04 80 03 00 03 80 04 00 0e
Aug 26 18:33:48.721864: | 03 00 00 20 0d 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:48.721866: | 80 01 00 05 80 02 00 06 80 03 00 03 80 04 00 0e
Aug 26 18:33:48.721869: | 03 00 00 20 0e 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:48.721872: | 80 01 00 05 80 02 00 02 80 03 00 03 80 04 00 0e
Aug 26 18:33:48.721874: | 03 00 00 20 0f 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:48.721876: | 80 01 00 05 80 02 00 04 80 03 00 03 80 04 00 05
Aug 26 18:33:48.721879: | 03 00 00 20 10 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:48.721881: | 80 01 00 05 80 02 00 06 80 03 00 03 80 04 00 05
Aug 26 18:33:48.721883: | 00 00 00 20 11 01 00 00 80 0b 00 01 80 0c 0e 10
Aug 26 18:33:48.721886: | 80 01 00 05 80 02 00 02 80 03 00 03 80 04 00 05
Aug 26 18:33:48.721888: | 0d 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f
Aug 26 18:33:48.721891: | 00 d6 c2 d3 0d 00 00 14 af ca d7 13 68 a1 f1 c9
Aug 26 18:33:48.721894: | 6b 86 96 fc 77 57 01 00 0d 00 00 14 4a 13 1c 81
Aug 26 18:33:48.721896: | 07 03 58 45 5c 57 28 f2 0e 95 45 2f 0d 00 00 14
Aug 26 18:33:48.721899: | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56
Aug 26 18:33:48.721902: | 0d 00 00 14 90 cb 80 91 3e bb 69 6e 08 63 81 b5
Aug 26 18:33:48.721904: | ec 42 7b 1f 00 00 00 14 cd 60 46 43 35 df 21 f8
Aug 26 18:33:48.721907: | 7c fd b2 fc 68 b6 a4 48
Aug 26 18:33:48.721933: | event_schedule: new EVENT_RETRANSMIT-pe@0x55c66d94da38
Aug 26 18:33:48.721939: | inserting event EVENT_RETRANSMIT, timeout in 0.5 seconds for #8
Aug 26 18:33:48.721942: | libevent_malloc: new ptr-libevent@0x7fbd0c003878 size 128
Aug 26 18:33:48.721948: | #8 STATE_MAIN_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29714.464398
Aug 26 18:33:48.721954: | #8 spent 1.76 milliseconds in main_outI1()
Aug 26 18:33:48.721960: | stop processing: state #8 connection "northnet-eastnet-b" from 192.1.2.23 (in main_outI1() at ikev1_main.c:228)
Aug 26 18:33:48.721966: | event_schedule: new EVENT_SA_EXPIRE-pe@0x55c66d8e2208
Aug 26 18:33:48.721971: | inserting event EVENT_SA_EXPIRE, timeout in 0 seconds for #7
Aug 26 18:33:48.721974: | libevent_malloc: new ptr-libevent@0x55c66d94a328 size 128
Aug 26 18:33:48.721979: | libevent_free: release ptr-libevent@0x7fbd0c0072f8
Aug 26 18:33:48.721982: | free_event_entry: release EVENT_SA_REPLACE-pe@0x7fbd0c002b78
Aug 26 18:33:48.721986: | #7 spent 1.8 milliseconds in timer_event_cb() EVENT_SA_REPLACE
Aug 26 18:33:48.721990: | processing: STOP state #0 (in timer_event_cb() at timer.c:557)
Aug 26 18:33:48.721994: | timer_event_cb: processing event@0x7fbd04002b78
Aug 26 18:33:48.721997: | handling event EVENT_SA_REPLACE for child state #6
Aug 26 18:33:48.722002: | start processing: state #6 connection "north-a-dpd" from 192.1.2.23 (in timer_event_cb() at timer.c:250)
Aug 26 18:33:48.722006: | picked newest_ipsec_sa #0 for #6
Aug 26 18:33:48.722008: | replacing stale IPsec SA
Aug 26 18:33:48.722012: | dup_any(fd@-1) -> fd@-1 (in ipsecdoi_replace() at ipsec_doi.c:351)
Aug 26 18:33:48.722015: | FOR_EACH_STATE_... in find_phase1_state
Aug 26 18:33:48.722020: | Queuing pending IPsec SA negotiating with 192.1.2.23 "north-a-dpd" IKE SA #8 "northnet-eastnet-b"
Aug 26 18:33:48.722024: | event_schedule: new EVENT_SA_EXPIRE-pe@0x7fbd0c002b78
Aug 26 18:33:48.722027: | inserting event EVENT_SA_EXPIRE, timeout in 0 seconds for #6
Aug 26 18:33:48.722030: | libevent_malloc: new ptr-libevent@0x7fbd0c0072f8 size 128
Aug 26 18:33:48.722034: | libevent_free: release ptr-libevent@0x55c66d974918
Aug 26 18:33:48.722037: | free_event_entry: release EVENT_SA_REPLACE-pe@0x7fbd04002b78
Aug 26 18:33:48.722041: | #6 spent 0.0465 milliseconds in timer_event_cb() EVENT_SA_REPLACE
Aug 26 18:33:48.722046: | stop processing: state #6 connection "north-a-dpd" from 192.1.2.23 (in timer_event_cb() at timer.c:557)
Aug 26 18:33:48.722049: | processing global timer EVENT_REVIVE_CONNS
Aug 26 18:33:48.722052: Initiating connection northnet-eastnet-b which received a Delete/Notify but must remain up per local policy
Aug 26 18:33:48.722055: | FOR_EACH_CONNECTION_... in conn_by_name
Aug 26 18:33:48.722059: | start processing: connection "northnet-eastnet-b" (in initiate_a_connection() at initiate.c:186)
Aug 26 18:33:48.722063: | empty esp_info, returning defaults for ENCRYPT
Aug 26 18:33:48.722067: | connection 'northnet-eastnet-b' +POLICY_UP
Aug 26 18:33:48.722070: | dup_any(fd@-1) -> fd@-1 (in initiate_a_connection() at initiate.c:342)
Aug 26 18:33:48.722073: | FOR_EACH_STATE_... in find_phase1_state
Aug 26 18:33:48.722077: | Ignored already queued up pending IPsec SA negotiation with 192.1.2.23 "northnet-eastnet-b"
Aug 26 18:33:48.722081: | stop processing: connection "northnet-eastnet-b" (in initiate_a_connection() at initiate.c:349)
Aug 26 18:33:48.722086: | spent 0.0329 milliseconds in global timer EVENT_REVIVE_CONNS
Aug 26 18:33:48.722092: | timer_event_cb: processing event@0x55c66d8e2208
Aug 26 18:33:48.722095: | handling event EVENT_SA_EXPIRE for child state #7
Aug 26 18:33:48.722100: | start processing: state #7 connection "northnet-eastnet-b" from 192.1.2.23 (in timer_event_cb() at timer.c:250)
Aug 26 18:33:48.722103: | picked newest_ipsec_sa #0 for #7
Aug 26 18:33:48.722106: | un-established partial CHILD SA timeout (SA expired)
Aug 26 18:33:48.722108: | pstats #7 ikev1.ipsec failed exchange-timeout
Aug 26 18:33:48.722111: | pstats #7 ikev1.ipsec deleted exchange-timeout
Aug 26 18:33:48.722116: | [RE]START processing: state #7 connection "northnet-eastnet-b" from 192.1.2.23 (in delete_state() at state.c:879)
Aug 26 18:33:48.722119: "northnet-eastnet-b" #7: deleting state (STATE_QUICK_I1) aged 0.014s and NOT sending notification
Aug 26 18:33:48.722122: | child state #7: QUICK_I1(established CHILD SA) => delete
Aug 26 18:33:48.722126: | child state #7: QUICK_I1(established CHILD SA) => CHILDSA_DEL(informational)
Aug 26 18:33:48.722130: | priority calculation of connection "northnet-eastnet-b" is 0xfe7e7
Aug 26 18:33:48.722139: | delete inbound eroute 192.0.2.0/24:0 --0-> 192.0.3.0/24:0 => unk255.10000@192.1.3.33 (raw_eroute)
Aug 26 18:33:48.722152: | raw_eroute result=success
Aug 26 18:33:48.722156: | in connection_discard for connection northnet-eastnet-b
Aug 26 18:33:48.722158: | State DB: deleting IKEv1 state #7 in CHILDSA_DEL
Aug 26 18:33:48.722162: | child state #7: CHILDSA_DEL(informational) => UNDEFINED(ignore)
Aug 26 18:33:48.722175: | stop processing: state #7 from 192.1.2.23 (in delete_state() at state.c:1143)
Aug 26 18:33:48.722180: | libevent_free: release ptr-libevent@0x55c66d94a328
Aug 26 18:33:48.722183: | free_event_entry: release EVENT_SA_EXPIRE-pe@0x55c66d8e2208
Aug 26 18:33:48.722185: | in statetime_stop() and could not find #7
Aug 26 18:33:48.722188: | processing: STOP state #0 (in timer_event_cb() at timer.c:557)
Aug 26 18:33:48.722191: | timer_event_cb: processing event@0x7fbd0c002b78
Aug 26 18:33:48.722194: | handling event EVENT_SA_EXPIRE for child state #6
Aug 26 18:33:48.722199: | start processing: state #6 connection "north-a-dpd" from 192.1.2.23 (in timer_event_cb() at timer.c:250)
Aug 26 18:33:48.722202: | picked newest_ipsec_sa #0 for #6
Aug 26 18:33:48.722205: | un-established partial CHILD SA timeout (SA expired)
Aug 26 18:33:48.722208: | pstats #6 ikev1.ipsec failed exchange-timeout
Aug 26 18:33:48.722210: | pstats #6 ikev1.ipsec deleted exchange-timeout
Aug 26 18:33:48.722215: | [RE]START processing: state #6 connection "north-a-dpd" from 192.1.2.23 (in delete_state() at state.c:879)
Aug 26 18:33:48.722218: "north-a-dpd" #6: deleting state (STATE_QUICK_I1) aged 0.025s and NOT sending notification
Aug 26 18:33:48.722221: | child state #6: QUICK_I1(established CHILD SA) => delete
Aug 26 18:33:48.722224: | child state #6: QUICK_I1(established CHILD SA) => CHILDSA_DEL(informational)
Aug 26 18:33:48.722228: | priority calculation of connection "north-a-dpd" is 0xfe7e7
Aug 26 18:33:48.722234: | delete inbound eroute 192.0.22.0/24:0 --0-> 192.0.3.0/24:0 => unk255.10000@192.1.3.33 (raw_eroute)
Aug 26 18:33:48.722243: | raw_eroute result=success
Aug 26 18:33:48.722247: | in connection_discard for connection north-a-dpd
Aug 26 18:33:48.722250: | State DB: deleting IKEv1 state #6 in CHILDSA_DEL
Aug 26 18:33:48.722253: | child state #6: CHILDSA_DEL(informational) => UNDEFINED(ignore)
Aug 26 18:33:48.722274: | stop processing: state #6 from 192.1.2.23 (in delete_state() at state.c:1143)
Aug 26 18:33:48.722306: | libevent_free: release ptr-libevent@0x7fbd0c0072f8
Aug 26 18:33:48.722311: | free_event_entry: release EVENT_SA_EXPIRE-pe@0x7fbd0c002b78
Aug 26 18:33:48.722314: | in statetime_stop() and could not find #6
Aug 26 18:33:48.722317: | processing: STOP state #0 (in timer_event_cb() at timer.c:557)
Aug 26 18:33:49.183229: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722)
Aug 26 18:33:49.183255: shutting down
Aug 26 18:33:49.183263: | processing: RESET whack log_fd (was fd@16) (in exit_pluto() at plutomain.c:1825)
Aug 26 18:33:49.183265: destroying root certificate cache
Aug 26 18:33:49.183294: | certs and keys locked by 'free_preshared_secrets'
Aug 26 18:33:49.183300: forgetting secrets
Aug 26 18:33:49.183307: | certs and keys unlocked by 'free_preshared_secrets'
Aug 26 18:33:49.183316: | unreference key: 0x55c66d954908 C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org cnt 1--
Aug 26 18:33:49.183321: | unreference key: 0x55c66d9543b8 user-east@testing.libreswan.org cnt 1--
Aug 26 18:33:49.183325: | unreference key: 0x55c66d956848 @east.testing.libreswan.org cnt 1--
Aug 26 18:33:49.183329: | unreference key: 0x55c66d953608 east@testing.libreswan.org cnt 1--
Aug 26 18:33:49.183336: | unreference key: 0x55c66d952218 192.1.2.23 cnt 1--
Aug 26 18:33:49.183344: | unreference key: 0x55c66d94e058 C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org cnt 1--
Aug 26 18:33:49.183352: | unreference key: 0x55c66d94de38 user-north@testing.libreswan.org cnt 1--
Aug 26 18:33:49.183357: | unreference key: 0x55c66d94a9e8 @north.testing.libreswan.org cnt 1--
Aug 26 18:33:49.183375: | start processing: connection "northnet-eastnet-b" (in delete_connection() at connections.c:189)
Aug 26 18:33:49.183379: | removing pending policy for no connection {0x55c66d9631c8}
Aug 26 18:33:49.183382: | Deleting states for connection - including all other IPsec SA's of this IKE SA
Aug 26 18:33:49.183384: | pass 0
Aug 26 18:33:49.183387: | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete
Aug 26 18:33:49.183390: | state #8
Aug 26 18:33:49.183394: | suspend processing: connection "northnet-eastnet-b" (in foreach_state_by_connection_func_delete() at state.c:1310)
Aug 26 18:33:49.183399: | start processing: state #8 connection "northnet-eastnet-b" from 192.1.2.23 (in foreach_state_by_connection_func_delete() at state.c:1310)
Aug 26 18:33:49.183402: | pstats #8 ikev1.isakmp deleted other
Aug 26 18:33:49.183407: | [RE]START processing: state #8 connection "northnet-eastnet-b" from 192.1.2.23 (in delete_state() at state.c:879)
Aug 26 18:33:49.183412: "northnet-eastnet-b" #8: deleting state (STATE_MAIN_I1) aged 0.463s and NOT sending notification
Aug 26 18:33:49.183415: | parent state #8: MAIN_I1(half-open IKE SA) => delete
Aug 26 18:33:49.183500: | state #8 requesting EVENT_RETRANSMIT to be deleted
Aug 26 18:33:49.183506: | #8 STATE_MAIN_I1: retransmits: cleared
Aug 26 18:33:49.183511: | libevent_free: release ptr-libevent@0x7fbd0c003878
Aug 26 18:33:49.183515: | free_event_entry: release EVENT_RETRANSMIT-pe@0x55c66d94da38
Aug 26 18:33:49.183518: | in connection_discard for connection north-a-dpd
Aug 26 18:33:49.183521: | removing pending policy for "north-a-dpd" {0x55c66d974848}
Aug 26 18:33:49.183525: | State DB: IKEv1 state not found (flush_incomplete_children)
Aug 26 18:33:49.183528: | picked newest_isakmp_sa #0 for #8
Aug 26 18:33:49.183532: "northnet-eastnet-b" #8: deleting IKE SA for connection 'northnet-eastnet-b' but connection is supposed to remain up; schedule EVENT_REVIVE_CONNS
Aug 26 18:33:49.183536: | add revival: connection 'northnet-eastnet-b' added to the list and scheduled for 5 seconds
Aug 26 18:33:49.183539: | global one-shot timer EVENT_REVIVE_CONNS scheduled in 5 seconds
Aug 26 18:33:49.183546: | stop processing: connection "northnet-eastnet-b" (BACKGROUND) (in update_state_connection() at connections.c:4076)
Aug 26 18:33:49.183549: | start processing: connection NULL (in update_state_connection() at connections.c:4077)
Aug 26 18:33:49.183552: | in connection_discard for connection northnet-eastnet-b
Aug 26 18:33:49.183555: | State DB: deleting IKEv1 state #8 in MAIN_I1
Aug 26 18:33:49.183558: | parent state #8: MAIN_I1(half-open IKE SA) => UNDEFINED(ignore)
Aug 26 18:33:49.183564: | stop processing: state #8 from 192.1.2.23 (in delete_state() at state.c:1143)
Aug 26 18:33:49.183569: | processing: STOP state #0 (in foreach_state_by_connection_func_delete() at state.c:1312)
Aug 26 18:33:49.183571: | pass 1
Aug 26 18:33:49.183574: | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete
Aug 26 18:33:49.183578: | shunt_eroute() called for connection 'northnet-eastnet-b' to 'delete' for rt_kind 'unrouted' using protoports 0--0->-0
Aug 26 18:33:49.183581: | netlink_shunt_eroute for proto 0, and source port 0 dest port 0
Aug 26 18:33:49.183585: | priority calculation of connection "northnet-eastnet-b" is 0xfe7e7
Aug 26 18:33:49.183617: | priority calculation of connection "northnet-eastnet-b" is 0xfe7e7
Aug 26 18:33:49.183629: | FOR_EACH_CONNECTION_... in route_owner
Aug 26 18:33:49.183633: | conn northnet-eastnet-b mark 0/00000000, 0/00000000 vs
Aug 26 18:33:49.183637: | conn northnet-eastnet-b mark 0/00000000, 0/00000000
Aug 26 18:33:49.183640: | conn northnet-eastnet-b mark 0/00000000, 0/00000000 vs
Aug 26 18:33:49.183643: | conn north-a-dpd mark 0/00000000, 0/00000000
Aug 26 18:33:49.183647: | route owner of "northnet-eastnet-b" unrouted: NULL
Aug 26 18:33:49.183654: | running updown command "ipsec _updown" for verb unroute
Aug 26 18:33:49.183657: | command executing unroute-client
Aug 26 18:33:49.183697: | executing unroute-client: PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='northnet-eastnet-b' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.3.254' PLUTO_ME='192.1.3.33' PLUTO_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org' PLUTO_MY_CLIENT='192.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16392' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO
Aug 26 18:33:49.183702: | popen cmd is 1277 chars long
Aug 26 18:33:49.183705: | cmd( 0):PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='northnet-eastn:
Aug 26 18:33:49.183708: | cmd( 80):et-b' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.3.254' PLUTO_ME='192.1.3.33' :
Aug 26 18:33:49.183712: | cmd( 160):PLUTO_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=no:
Aug 26 18:33:49.183714: | cmd( 240):rth.testing.libreswan.org, E=user-north@testing.libreswan.org' PLUTO_MY_CLIENT=':
Aug 26 18:33:49.183717: | cmd( 320):192.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.:
Aug 26 18:33:49.183720: | cmd( 400):0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16392' PLUTO_SA_TYPE=:
Aug 26 18:33:49.183723: | cmd( 480):'none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Lib:
Aug 26 18:33:49.183726: | cmd( 560):reswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.l:
Aug 26 18:33:49.183729: | cmd( 640):ibreswan.org' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0':
Aug 26 18:33:49.183731: | cmd( 720): PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL=:
Aug 26 18:33:49.183734: | cmd( 800):'0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='R:
Aug 26 18:33:49.183737: | cmd( 880):SASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO:
Aug 26 18:33:49.183740: | cmd( 960):_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_P:
Aug 26 18:33:49.183742: | cmd(1040):EER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER:
Aug 26 18:33:49.183745: | cmd(1120):='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE=:
Aug 26 18:33:49.183748: | cmd(1200):'' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x0 SPI_OUT=0x0 ipsec _updown 2>&1:
Aug 26 18:33:49.192420: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192448: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192452: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192456: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192461: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192475: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192489: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192502: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192521: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192548: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192561: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192590: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192604: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192617: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192629: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192642: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192657: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192670: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192683: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192696: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192709: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192724: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192736: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192749: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192762: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192775: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192792: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192805: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192833: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192846: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192860: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192875: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192889: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192903: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192916: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192930: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192946: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192960: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192973: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.192986: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.193001: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.193018: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.193032: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.193045: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.193203: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.193216: unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.200526: | flush revival: connection 'northnet-eastnet-b' revival flushed
Aug 26 18:33:49.200560: | processing: STOP connection NULL (in discard_connection() at connections.c:249)
Aug 26 18:33:49.200575: | start processing: connection "north-a-dpd" (in delete_connection() at connections.c:189)
Aug 26 18:33:49.200580: | Deleting states for connection - including all other IPsec SA's of this IKE SA
Aug 26 18:33:49.200583: | pass 0
Aug 26 18:33:49.200586: | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete
Aug 26 18:33:49.200588: | pass 1
Aug 26 18:33:49.200591: | FOR_EACH_STATE_... in foreach_state_by_connection_func_delete
Aug 26 18:33:49.200595: | shunt_eroute() called for connection 'north-a-dpd' to 'delete' for rt_kind 'unrouted' using protoports 0--0->-0
Aug 26 18:33:49.200599: | netlink_shunt_eroute for proto 0, and source port 0 dest port 0
Aug 26 18:33:49.200603: | priority calculation of connection "north-a-dpd" is 0xfe7e7
Aug 26 18:33:49.200926: | priority calculation of connection "north-a-dpd" is 0xfe7e7
Aug 26 18:33:49.200945: | FOR_EACH_CONNECTION_... in route_owner
Aug 26 18:33:49.200950: | conn north-a-dpd mark 0/00000000, 0/00000000 vs
Aug 26 18:33:49.200953: | conn north-a-dpd mark 0/00000000, 0/00000000
Aug 26 18:33:49.200957: | route owner of "north-a-dpd" unrouted: NULL
Aug 26 18:33:49.200960: | running updown command "ipsec _updown" for verb unroute
Aug 26 18:33:49.200963: | command executing unroute-client
Aug 26 18:33:49.201007: | executing unroute-client: PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='north-a-dpd' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.3.254' PLUTO_ME='192.1.3.33' PLUTO_MY_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org' PLUTO_MY_CLIENT='192.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='none' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org' PLUTO_PEER_CLIENT='192.0.22.0/24' PLUTO_PEER_CLIENT_NET='192.0.22.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN
Aug 26 18:33:49.201012: | popen cmd is 1272 chars long
Aug 26 18:33:49.201016: | cmd( 0):PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='north-a-dpd' P:
Aug 26 18:33:49.201019: | cmd( 80):LUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.3.254' PLUTO_ME='192.1.3.33' PLUTO_M:
Aug 26 18:33:49.201022: | cmd( 160):Y_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.tes:
Aug 26 18:33:49.201025: | cmd( 240):ting.libreswan.org, E=user-north@testing.libreswan.org' PLUTO_MY_CLIENT='192.0.3:
Aug 26 18:33:49.201028: | cmd( 320):.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUT:
Aug 26 18:33:49.201031: | cmd( 400):O_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='none' :
Aug 26 18:33:49.201034: | cmd( 480):PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='C=CA, ST=Ontario, L=Toronto, O=Libreswan,:
Aug 26 18:33:49.201036: | cmd( 560): OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswa:
Aug 26 18:33:49.201040: | cmd( 640):n.org' PLUTO_PEER_CLIENT='192.0.22.0/24' PLUTO_PEER_CLIENT_NET='192.0.22.0' PLUT:
Aug 26 18:33:49.201042: | cmd( 720):O_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' P:
Aug 26 18:33:49.201045: | cmd( 800):LUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='RSASIG:
Aug 26 18:33:49.201048: | cmd( 880):+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN:
Aug 26 18:33:49.201051: | cmd( 960):_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_C:
Aug 26 18:33:49.201054: | cmd(1040):ISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' P:
Aug 26 18:33:49.201057: | cmd(1120):LUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VT:
Aug 26 18:33:49.201060: | cmd(1200):I_ROUTING='no' VTI_SHARED='no' SPI_IN=0x0 SPI_OUT=0x0 ipsec _updown 2>&1:
Aug 26 18:33:49.212950: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.212976: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.212980: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.212983: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.212986: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.212989: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.212993: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213005: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213016: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213023: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213033: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213044: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213054: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213063: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213073: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213082: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213092: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213101: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213111: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213121: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213131: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213142: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213151: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213161: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213170: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213179: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213191: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213200: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213210: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213220: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213230: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213240: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213254: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213263: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213272: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213281: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213299: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213312: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213321: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213330: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213340: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213352: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213362: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213372: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213521: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.213536: "north-a-dpd": unroute-client output: Error: Peer netns reference is invalid.
Aug 26 18:33:49.218978: | free hp@0x55c66d953128
Aug 26 18:33:49.219001: | flush revival: connection 'north-a-dpd' wasn't on the list
Aug 26 18:33:49.219010: | stop processing: connection "north-a-dpd" (in discard_connection() at connections.c:249)
Aug 26 18:33:49.219047: | crl fetch request list locked by 'free_crl_fetch'
Aug 26 18:33:49.219050: | crl fetch request list unlocked by 'free_crl_fetch'
Aug 26 18:33:49.219065: shutting down interface lo/lo 127.0.0.1:4500
Aug 26 18:33:49.219069: shutting down interface lo/lo 127.0.0.1:500
Aug 26 18:33:49.219072: shutting down interface eth0/eth0 192.0.3.254:4500
Aug 26 18:33:49.219076: shutting down interface eth0/eth0 192.0.3.254:500
Aug 26 18:33:49.219079: shutting down interface eth1/eth1 192.1.3.33:4500
Aug 26 18:33:49.219083: shutting down interface eth1/eth1 192.1.3.33:500
Aug 26 18:33:49.219088: | FOR_EACH_STATE_... in delete_states_dead_interfaces
Aug 26 18:33:49.219104: | libevent_free: release ptr-libevent@0x55c66d93c6c8
Aug 26 18:33:49.219109: | free_event_entry: release EVENT_NULL-pe@0x55c66d9484e8
Aug 26 18:33:49.219121: | libevent_free: release ptr-libevent@0x55c66d8e2f08
Aug 26 18:33:49.219125: | free_event_entry: release EVENT_NULL-pe@0x55c66d948598
Aug 26 18:33:49.219132: | libevent_free: release ptr-libevent@0x55c66d8e2fb8
Aug 26 18:33:49.219136: | free_event_entry: release EVENT_NULL-pe@0x55c66d948648
Aug 26 18:33:49.219144: | libevent_free: release ptr-libevent@0x55c66d8e1f28
Aug 26 18:33:49.219147: | free_event_entry: release EVENT_NULL-pe@0x55c66d9486f8
Aug 26 18:33:49.219154: | libevent_free: release ptr-libevent@0x55c66d8ea238
Aug 26 18:33:49.219157: | free_event_entry: release EVENT_NULL-pe@0x55c66d9487a8
Aug 26 18:33:49.219165: | libevent_free: release ptr-libevent@0x55c66d8ead58
Aug 26 18:33:49.219168: | free_event_entry: release EVENT_NULL-pe@0x55c66d948858
Aug 26 18:33:49.219175: | FOR_EACH_UNORIENTED_CONNECTION_... in check_orientations
Aug 26 18:33:49.219595: | libevent_free: release ptr-libevent@0x55c66d93c778
Aug 26 18:33:49.219604: | free_event_entry: release EVENT_NULL-pe@0x55c66d930918
Aug 26 18:33:49.219611: | libevent_free: release ptr-libevent@0x55c66d929418
Aug 26 18:33:49.219614: | free_event_entry: release EVENT_NULL-pe@0x55c66d930478
Aug 26 18:33:49.219618: | libevent_free: release ptr-libevent@0x55c66d929368
Aug 26 18:33:49.219621: | free_event_entry: release EVENT_NULL-pe@0x55c66d8ea3f8
Aug 26 18:33:49.219626: | global timer EVENT_REINIT_SECRET uninitialized
Aug 26 18:33:49.219629: | global timer EVENT_SHUNT_SCAN uninitialized
Aug 26 18:33:49.219631: | global timer EVENT_PENDING_DDNS uninitialized
Aug 26 18:33:49.219634: | global timer EVENT_PENDING_PHASE2 uninitialized
Aug 26 18:33:49.219637: | global timer EVENT_CHECK_CRLS uninitialized
Aug 26 18:33:49.219640: | global timer EVENT_REVIVE_CONNS uninitialized
Aug 26 18:33:49.219642: | global timer EVENT_FREE_ROOT_CERTS uninitialized
Aug 26 18:33:49.219645: | global timer EVENT_RESET_LOG_RATE_LIMIT uninitialized
Aug 26 18:33:49.219647: | global timer EVENT_NAT_T_KEEPALIVE uninitialized
Aug 26 18:33:49.219652: | libevent_free: release ptr-libevent@0x55c66d8ee9c8
Aug 26 18:33:49.219656: | signal event handler PLUTO_SIGCHLD uninstalled
Aug 26 18:33:49.219660: | libevent_free: release ptr-libevent@0x55c66d864c58
Aug 26 18:33:49.219663: | signal event handler PLUTO_SIGTERM uninstalled
Aug 26 18:33:49.219666: | libevent_free: release ptr-libevent@0x55c66d868038
Aug 26 18:33:49.219669: | signal event handler PLUTO_SIGHUP uninstalled
Aug 26 18:33:49.219672: | libevent_free: release ptr-libevent@0x55c66d947f08
Aug 26 18:33:49.219675: | signal event handler PLUTO_SIGSYS uninstalled
Aug 26 18:33:49.219678: | releasing event base
Aug 26 18:33:49.219690: | libevent_free: release ptr-libevent@0x55c66d947dd8
Aug 26 18:33:49.219693: | libevent_free: release ptr-libevent@0x55c66d92ad38
Aug 26 18:33:49.219698: | libevent_free: release ptr-libevent@0x55c66d92ace8
Aug 26 18:33:49.219700: | libevent_free: release ptr-libevent@0x55c66d9494d8
Aug 26 18:33:49.219703: | libevent_free: release ptr-libevent@0x55c66d92aca8
Aug 26 18:33:49.219707: | libevent_free: release ptr-libevent@0x55c66d947a68
Aug 26 18:33:49.219712: | libevent_free: release ptr-libevent@0x55c66d947cd8
Aug 26 18:33:49.219715: | libevent_free: release ptr-libevent@0x55c66d92aee8
Aug 26 18:33:49.219717: | libevent_free: release ptr-libevent@0x55c66d9304e8
Aug 26 18:33:49.219720: | libevent_free: release ptr-libevent@0x55c66d930148
Aug 26 18:33:49.219723: | libevent_free: release ptr-libevent@0x55c66d9488c8
Aug 26 18:33:49.219726: | libevent_free: release ptr-libevent@0x55c66d948818
Aug 26 18:33:49.219728: | libevent_free: release ptr-libevent@0x55c66d948768
Aug 26 18:33:49.219731: | libevent_free: release ptr-libevent@0x55c66d9486b8
Aug 26 18:33:49.219734: | libevent_free: release ptr-libevent@0x55c66d948608
Aug 26 18:33:49.219736: | libevent_free: release ptr-libevent@0x55c66d948558
Aug 26 18:33:49.219739: | libevent_free: release ptr-libevent@0x55c66d8631c8
Aug 26 18:33:49.219742: | libevent_free: release ptr-libevent@0x55c66d947d58
Aug 26 18:33:49.219744: | libevent_free: release ptr-libevent@0x55c66d947d18
Aug 26 18:33:49.219747: | libevent_free: release ptr-libevent@0x55c66d947bd8
Aug 26 18:33:49.219750: | libevent_free: release ptr-libevent@0x55c66d947d98
Aug 26 18:33:49.219752: | libevent_free: release ptr-libevent@0x55c66d947aa8
Aug 26 18:33:49.219755: | libevent_free: release ptr-libevent@0x55c66d8f0558
Aug 26 18:33:49.219758: | libevent_free: release ptr-libevent@0x55c66d8f04d8
Aug 26 18:33:49.219760: | libevent_free: release ptr-libevent@0x55c66d863538
Aug 26 18:33:49.219763: | releasing global libevent data
Aug 26 18:33:49.219766: | libevent_free: release ptr-libevent@0x55c66d8f06d8
Aug 26 18:33:49.219769: | libevent_free: release ptr-libevent@0x55c66d8f0658
Aug 26 18:33:49.219772: | libevent_free: release ptr-libevent@0x55c66d8f05d8
Aug 26 18:33:49.219805: leak detective found no leaks