iptables -t nat -F
kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-31-nat-rw-no-rekey\[root@nic ikev2-31-nat-rw-no-rekey]# iptables -F
kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-31-nat-rw-no-rekey\[root@nic ikev2-31-nat-rw-no-rekey]# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         
kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-31-nat-rw-no-rekey\[root@nic ikev2-31-nat-rw-no-rekey]# # NAT
kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-31-nat-rw-no-rekey\[root@nic ikev2-31-nat-rw-no-rekey]# iptables -t nat -A POSTROUTING -s 192.1.3.0/24 -p udp --sport 4500 -j SNAT --to-source 192.1.2.254:3500-3700
kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-31-nat-rw-no-rekey\[root@nic ikev2-31-nat-rw-no-rekey]# iptables -t nat -A POSTROUTING -s 192.1.3.0/24 -p udp --sport 500 -j SNAT --to-source 192.1.2.254:2500-2700
kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-31-nat-rw-no-rekey\[root@nic ikev2-31-nat-rw-no-rekey]# iptables -t nat -A POSTROUTING --source 192.1.3.0/24 --destination 0.0.0.0/0 -j SNAT --to-source 192.1.2.254
kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-31-nat-rw-no-rekey\[root@nic ikev2-31-nat-rw-no-rekey]# iptables -I FORWARD 1 --proto 50 -j DROP
kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-31-nat-rw-no-rekey\[root@nic ikev2-31-nat-rw-no-rekey]# echo done
done
kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-31-nat-rw-no-rekey\[root@nic ikev2-31-nat-rw-no-rekey]# : ==== end ====
kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-31-nat-rw-no-rekey\[root@nic ikev2-31-nat-rw-no-rekey]# : ==== cut ====
kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-31-nat-rw-no-rekey\[root@nic ikev2-31-nat-rw-no-rekey]# ipsec auto --status
whack: Pluto is not running (no "/run/pluto/pluto.ctl")
kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-31-nat-rw-no-rekey\[root@nic ikev2-31-nat-rw-no-rekey 33]# >>>>>>>>>>cutnonzeroexit>>>>>>>>>> exit status 33 final.sh 'ipsec auto --status' <<<<<<<<<<tuc<<<<<<<<<<: ==== tuc ====
kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-31-nat-rw-no-rekey\[root@nic ikev2-31-nat-rw-no-rekey]# ../bin/check-for-core.sh
kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-31-nat-rw-no-rekey\[root@nic ikev2-31-nat-rw-no-rekey]# if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi
kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-31-nat-rw-no-rekey\[root@nic ikev2-31-nat-rw-no-rekey 1]# >>>>>>>>>>cutnonzeroexit>>>>>>>>>> exit status 1 final.sh 'if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi' <<<<<<<<<<tuc<<<<<<<<<<: ==== end ====
kroot@swantest:/home/build/libreswan/testing/pluto/ikev2-31-nat-rw-no-rekey\[root@nic ikev2-31-nat-rw-no-rekey]#