/testing/guestbin/swan-prep
north #
 ifconfig eth0:1 192.0.2.254
north #
 ipsec start
Redirecting to: [initsystem]
north #
 /testing/pluto/bin/wait-until-pluto-started
north #
 ipsec auto --add any-northnet-ipv4-psk-ikev2
002 added connection description "any-northnet-ipv4-psk-ikev2"
north #
 echo "initdone"
initdone
north #
 sleep 2
north #
 ipsec look
north NOW
XFRM state:
src 192.1.2.45 dst 192.1.3.33
	proto esp spi 0xSPISPI reqid REQID mode tunnel
	replay-window 32 flag af-unspec
	aead rfc4106(gcm(aes)) 0xENCAUTHKEY 128
src 192.1.3.33 dst 192.1.2.45
	proto esp spi 0xSPISPI reqid REQID mode tunnel
	replay-window 32 flag af-unspec
	aead rfc4106(gcm(aes)) 0xENCAUTHKEY 128
XFRM policy:
src 192.0.1.0/24 dst 192.0.2.0/24
	dir fwd priority 1042407 ptype main
	tmpl src 192.1.2.45 dst 192.1.3.33
		proto esp reqid REQID mode tunnel
src 192.0.1.0/24 dst 192.0.2.0/24
	dir in priority 1042407 ptype main
	tmpl src 192.1.2.45 dst 192.1.3.33
		proto esp reqid REQID mode tunnel
src 192.0.2.0/24 dst 192.0.1.0/24
	dir out priority 1042407 ptype main
	tmpl src 192.1.3.33 dst 192.1.2.45
		proto esp reqid REQID mode tunnel
XFRM done
IPSEC mangle TABLES
NEW_IPSEC_CONN mangle TABLES
ROUTING TABLES
default via 192.1.3.254 dev eth1
192.0.2.0/24 dev eth0 proto kernel scope link src 192.0.2.254
192.0.3.0/24 dev eth0 proto kernel scope link src 192.0.3.254
192.1.3.0/24 dev eth1 proto kernel scope link src 192.1.3.33
NSS_CERTIFICATES
Certificate Nickname                                         Trust Attributes
                                                             SSL,S/MIME,JAR/XPI
north #
 # confirm east is in unrouted state again
north #
 hostname | grep east > /dev/null && ipsec status |grep "eroute owner"
north #
north #
 ../bin/check-for-core.sh
north #
 if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi