/testing/guestbin/swan-prep
kroot@swantest:/home/build/libreswan/testing/pluto/newoe-25-cat-4\[root@east newoe-25-cat-4]# cp policies/* /etc/ipsec.d/policies/
kroot@swantest:/home/build/libreswan/testing/pluto/newoe-25-cat-4\[root@east newoe-25-cat-4]# echo "192.1.2.0/24"  >> /etc/ipsec.d/policies/clear-or-private
kroot@swantest:/home/build/libreswan/testing/pluto/newoe-25-cat-4\[root@east newoe-25-cat-4]# cp ikev2-east-oe.conf /etc/ipsec.d/ikev2-oe.conf
kroot@swantest:/home/build/libreswan/testing/pluto/newoe-25-cat-4\[root@east newoe-25-cat-4]# ipsec start
Error: Peer netns reference is invalid.
Error: Peer netns reference is invalid.
Error: Peer netns reference is invalid.
Error: Peer netns reference is invalid.
Error: Peer netns reference is invalid.
Error: Peer netns reference is invalid.
Error: Peer netns reference is invalid.
Error: Peer netns reference is invalid.
Error: Peer netns reference is invalid.
Redirecting to: /etc/init.d/ipsec start
Error: Peer netns reference is invalid.
Error: Peer netns reference is invalid.
Error: Peer netns reference is invalid.
Error: Peer netns reference is invalid.
Error: Peer netns reference is invalid.
Error: Peer netns reference is invalid.
Error: Peer netns reference is invalid.
Error: Peer netns reference is invalid.
Error: Peer netns reference is invalid.
Starting pluto IKE daemon for IPsec: 
kroot@swantest:/home/build/libreswan/testing/pluto/newoe-25-cat-4\[root@east newoe-25-cat-4]# /testing/pluto/bin/wait-until-pluto-started
kroot@swantest:/home/build/libreswan/testing/pluto/newoe-25-cat-4\[root@east newoe-25-cat-4]# # give OE policies time to load
kroot@swantest:/home/build/libreswan/testing/pluto/newoe-25-cat-4\[root@east newoe-25-cat-4]# sleep 2
kroot@swantest:/home/build/libreswan/testing/pluto/newoe-25-cat-4\[root@east newoe-25-cat-4]# echo "initdone"
initdone
kroot@swantest:/home/build/libreswan/testing/pluto/newoe-25-cat-4\[root@east newoe-25-cat-4]# ping -n -c 4 10.0.10.1
PING 10.0.10.1 (10.0.10.1) 56(84) bytes of data.

--- 10.0.10.1 ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 63ms

kroot@swantest:/home/build/libreswan/testing/pluto/newoe-25-cat-4\[root@east newoe-25-cat-4 1]# >>>>>>>>>>cutnonzeroexit>>>>>>>>>> exit status 1 final.sh 'ping -n -c 4 10.0.10.1' <<<<<<<<<<tuc<<<<<<<<<<ipsec whack --trafficstatus
whack: is Pluto running?  connect() for "/run/pluto/pluto.ctl" failed (111 Connection refused)
kroot@swantest:/home/build/libreswan/testing/pluto/newoe-25-cat-4\[root@east newoe-25-cat-4 33]# >>>>>>>>>>cutnonzeroexit>>>>>>>>>> exit status 33 final.sh 'ipsec whack --trafficstatus' <<<<<<<<<<tuc<<<<<<<<<<iptables -t nat -L -n
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         
kroot@swantest:/home/build/libreswan/testing/pluto/newoe-25-cat-4\[root@east newoe-25-cat-4]# ../../pluto/bin/ipsec-look.sh
==== cut ====
start raw xfrm state:
src 192.1.2.253/32 dst 192.1.2.23/32 \	dir fwd priority 1564639 ptype main \
src 192.1.2.253/32 dst 192.1.2.23/32 \	dir in priority 1564639 ptype main \
src 192.1.2.23/32 dst 192.1.2.253/32 \	dir out priority 1564639 ptype main \
src 192.1.3.253/32 dst 192.1.2.23/32 \	dir fwd priority 1564639 ptype main \
src 192.1.3.253/32 dst 192.1.2.23/32 \	dir in priority 1564639 ptype main \
src 192.1.2.23/32 dst 192.1.3.253/32 \	dir out priority 1564639 ptype main \
src 192.1.3.254/32 dst 192.1.2.23/32 \	dir fwd priority 1564639 ptype main \
src 192.1.3.254/32 dst 192.1.2.23/32 \	dir in priority 1564639 ptype main \
src 192.1.2.23/32 dst 192.1.3.254/32 \	dir out priority 1564639 ptype main \
end raw xfrm state:
==== tuc ====
east Mon Aug 26 18:31:42 UTC 2019
XFRM state:
XFRM policy:
src 192.1.2.23/32 dst 192.1.2.253/32
	dir out priority 1564639 ptype main
src 192.1.2.23/32 dst 192.1.3.253/32
	dir out priority 1564639 ptype main
src 192.1.2.23/32 dst 192.1.3.254/32
	dir out priority 1564639 ptype main
src 192.1.2.253/32 dst 192.1.2.23/32
	dir fwd priority 1564639 ptype main
src 192.1.2.253/32 dst 192.1.2.23/32
	dir in priority 1564639 ptype main
src 192.1.3.253/32 dst 192.1.2.23/32
	dir fwd priority 1564639 ptype main
src 192.1.3.253/32 dst 192.1.2.23/32
	dir in priority 1564639 ptype main
src 192.1.3.254/32 dst 192.1.2.23/32
	dir fwd priority 1564639 ptype main
src 192.1.3.254/32 dst 192.1.2.23/32
	dir in priority 1564639 ptype main
XFRM done
IPSEC mangle TABLES
NEW_IPSEC_CONN mangle TABLES
ROUTING TABLES
default via 192.1.2.254 dev eth1
192.0.1.0/24 via 192.1.2.45 dev eth1
192.0.2.0/24 dev eth0 proto kernel scope link src 192.0.2.254
192.1.2.0/24 dev eth1 proto kernel scope link src 192.1.2.23
NSS_CERTIFICATES

Certificate Nickname                                         Trust Attributes
                                                             SSL,S/MIME,JAR/XPI

kroot@swantest:/home/build/libreswan/testing/pluto/newoe-25-cat-4\[root@east newoe-25-cat-4]# : ==== cut ====
kroot@swantest:/home/build/libreswan/testing/pluto/newoe-25-cat-4\[root@east newoe-25-cat-4]# ipsec auto --status
whack: is Pluto running?  connect() for "/run/pluto/pluto.ctl" failed (111 Connection refused)
kroot@swantest:/home/build/libreswan/testing/pluto/newoe-25-cat-4\[root@east newoe-25-cat-4 33]# >>>>>>>>>>cutnonzeroexit>>>>>>>>>> exit status 33 final.sh 'ipsec auto --status' <<<<<<<<<<tuc<<<<<<<<<<: ==== tuc ====
kroot@swantest:/home/build/libreswan/testing/pluto/newoe-25-cat-4\[root@east newoe-25-cat-4]# ../bin/check-for-core.sh
kroot@swantest:/home/build/libreswan/testing/pluto/newoe-25-cat-4\[root@east newoe-25-cat-4]# if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi
type=AVC msg=audit(1566844133.486:265910): avc:  denied  { write } for  pid=7504 comm="ip" path="/tmp/pluto.log" dev="dm-0" ino=295084539 scontext=unconfined_u:system_r:ifconfig_t:s0 tcontext=unconfined_u:object_r:container_file_t:s0:c718,c778 tclass=file permissive=1
type=AVC msg=audit(1566844133.996:266013): avc:  denied  { write } for  pid=8463 comm="ip" path="/tmp/pluto.log" dev="dm-0" ino=63889669 scontext=unconfined_u:system_r:ifconfig_t:s0 tcontext=unconfined_u:object_r:container_file_t:s0:c718,c778 tclass=file permissive=1
type=AVC msg=audit(1566844302.258:276668): avc:  denied  { write } for  pid=1596 comm="ip" path="/tmp/pluto.log" dev="dm-0" ino=1016656299 scontext=unconfined_u:system_r:ifconfig_t:s0 tcontext=unconfined_u:object_r:container_file_t:s0:c718,c778 tclass=file permissive=1
type=AVC msg=audit(1566844302.825:276696): avc:  denied  { write } for  pid=2449 comm="ip" path="/tmp/pluto.log" dev="dm-0" ino=295172480 scontext=unconfined_u:system_r:ifconfig_t:s0 tcontext=unconfined_u:object_r:container_file_t:s0:c718,c778 tclass=file permissive=1
kroot@swantest:/home/build/libreswan/testing/pluto/newoe-25-cat-4\[root@east newoe-25-cat-4]# : ==== end ====
kroot@swantest:/home/build/libreswan/testing/pluto/newoe-25-cat-4\[root@east newoe-25-cat-4]#