Sep 21 07:19:58.643667: FIPS Product: YES
Sep 21 07:19:58.643709: FIPS Kernel: NO
Sep 21 07:19:58.643712: FIPS Mode: NO
Sep 21 07:19:58.643715: NSS DB directory: sql:/etc/ipsec.d
Sep 21 07:19:58.643894: Initializing NSS
Sep 21 07:19:58.643900: Opening NSS database "sql:/etc/ipsec.d" read-only
Sep 21 07:19:58.713238: NSS initialized
Sep 21 07:19:58.713259: NSS crypto library initialized
Sep 21 07:19:58.713262: FIPS HMAC integrity support [enabled]
Sep 21 07:19:58.713264: FIPS mode disabled for pluto daemon
Sep 21 07:19:58.822340: FIPS HMAC integrity verification self-test FAILED
Sep 21 07:19:58.822455: libcap-ng support [enabled]
Sep 21 07:19:58.822467: Linux audit support [enabled]
Sep 21 07:19:58.822495: Linux audit activated
Sep 21 07:19:58.822501: Starting Pluto (Libreswan Version v3.28-827-gc9aa82b8a6-master-s2 XFRM(netkey) esp-hw-offload FORK PTHREAD_SETSCHEDPRIO NSS (IPsec profile) DNSSEC SYSTEMD_WATCHDOG FIPS_CHECK LABELED_IPSEC SECCOMP LIBCAP_NG LINUX_AUDIT XAUTH_PAM NETWORKMANAGER CURL(non-NSS)) pid:17370
Sep 21 07:19:58.822504: core dump dir: /tmp
Sep 21 07:19:58.822506: secrets file: /etc/ipsec.secrets
Sep 21 07:19:58.822508: leak-detective disabled
Sep 21 07:19:58.822509: NSS crypto [enabled]
Sep 21 07:19:58.822511: XAUTH PAM support [enabled]
Sep 21 07:19:58.822591: | libevent is using pluto's memory allocator
Sep 21 07:19:58.822597: Initializing libevent in pthreads mode: headers: 2.1.8-stable (2010800); library: 2.1.8-stable (2010800)
Sep 21 07:19:58.822613: | libevent_malloc: new ptr-libevent@0x5648c3bb8f90 size 40
Sep 21 07:19:58.822617: | libevent_malloc: new ptr-libevent@0x5648c3bba240 size 40
Sep 21 07:19:58.822620: | libevent_malloc: new ptr-libevent@0x5648c3bba270 size 40
Sep 21 07:19:58.822622: | creating event base
Sep 21 07:19:58.822625: | libevent_malloc: new ptr-libevent@0x5648c3bba200 size 56
Sep 21 07:19:58.822628: | libevent_malloc: new ptr-libevent@0x5648c3bba2a0 size 664
Sep 21 07:19:58.822638: | libevent_malloc: new ptr-libevent@0x5648c3bba540 size 24
Sep 21 07:19:58.822642: | libevent_malloc: new ptr-libevent@0x5648c3babca0 size 384
Sep 21 07:19:58.822652: | libevent_malloc: new ptr-libevent@0x5648c3bba560 size 16
Sep 21 07:19:58.822655: | libevent_malloc: new ptr-libevent@0x5648c3bba580 size 40
Sep 21 07:19:58.822657: | libevent_malloc: new ptr-libevent@0x5648c3bba5b0 size 48
Sep 21 07:19:58.822664: | libevent_realloc: new ptr-libevent@0x5648c3b3c370 size 256
Sep 21 07:19:58.822667: | libevent_malloc: new ptr-libevent@0x5648c3bba5f0 size 16
Sep 21 07:19:58.822673: | libevent_free: release ptr-libevent@0x5648c3bba200
Sep 21 07:19:58.822677: | libevent initialized
Sep 21 07:19:58.822681: | libevent_realloc: new ptr-libevent@0x5648c3bba610 size 64
Sep 21 07:19:58.822685: | global periodic timer EVENT_RESET_LOG_RATE_LIMIT enabled with interval of 3600 seconds
Sep 21 07:19:58.822703: | init_nat_traversal() initialized with keep_alive=0s
Sep 21 07:19:58.822706: NAT-Traversal support  [enabled]
Sep 21 07:19:58.822714: | global one-shot timer EVENT_NAT_T_KEEPALIVE initialized
Sep 21 07:19:58.822727: | global one-shot timer EVENT_FREE_ROOT_CERTS initialized
Sep 21 07:19:58.822731: | global periodic timer EVENT_REINIT_SECRET enabled with interval of 3600 seconds
Sep 21 07:19:58.822773: | global one-shot timer EVENT_REVIVE_CONNS initialized
Sep 21 07:19:58.822777: | global periodic timer EVENT_PENDING_DDNS enabled with interval of 60 seconds
Sep 21 07:19:58.822781: | global periodic timer EVENT_PENDING_PHASE2 enabled with interval of 120 seconds
Sep 21 07:19:58.822841: Encryption algorithms:
Sep 21 07:19:58.822856:   AES_CCM_16              IKEv1:     ESP     IKEv2:     ESP     FIPS  {256,192,*128}  aes_ccm, aes_ccm_c
Sep 21 07:19:58.822860:   AES_CCM_12              IKEv1:     ESP     IKEv2:     ESP     FIPS  {256,192,*128}  aes_ccm_b
Sep 21 07:19:58.822864:   AES_CCM_8               IKEv1:     ESP     IKEv2:     ESP     FIPS  {256,192,*128}  aes_ccm_a
Sep 21 07:19:58.822868:   3DES_CBC                IKEv1: IKE ESP     IKEv2: IKE ESP     FIPS  [*192]  3des
Sep 21 07:19:58.822871:   CAMELLIA_CTR            IKEv1:     ESP     IKEv2:     ESP           {256,192,*128}
Sep 21 07:19:58.822882:   CAMELLIA_CBC            IKEv1: IKE ESP     IKEv2: IKE ESP           {256,192,*128}  camellia
Sep 21 07:19:58.822886:   AES_GCM_16              IKEv1:     ESP     IKEv2: IKE ESP     FIPS  {256,192,*128}  aes_gcm, aes_gcm_c
Sep 21 07:19:58.822890:   AES_GCM_12              IKEv1:     ESP     IKEv2: IKE ESP     FIPS  {256,192,*128}  aes_gcm_b
Sep 21 07:19:58.822893:   AES_GCM_8               IKEv1:     ESP     IKEv2: IKE ESP     FIPS  {256,192,*128}  aes_gcm_a
Sep 21 07:19:58.822897:   AES_CTR                 IKEv1: IKE ESP     IKEv2: IKE ESP     FIPS  {256,192,*128}  aesctr
Sep 21 07:19:58.822901:   AES_CBC                 IKEv1: IKE ESP     IKEv2: IKE ESP     FIPS  {256,192,*128}  aes
Sep 21 07:19:58.822904:   SERPENT_CBC             IKEv1: IKE ESP     IKEv2: IKE ESP           {256,192,*128}  serpent
Sep 21 07:19:58.822908:   TWOFISH_CBC             IKEv1: IKE ESP     IKEv2: IKE ESP           {256,192,*128}  twofish
Sep 21 07:19:58.822911:   TWOFISH_SSH             IKEv1: IKE         IKEv2: IKE ESP           {256,192,*128}  twofish_cbc_ssh
Sep 21 07:19:58.822915:   NULL_AUTH_AES_GMAC      IKEv1:     ESP     IKEv2:     ESP     FIPS  {256,192,*128}  aes_gmac
Sep 21 07:19:58.822918:   NULL                    IKEv1:     ESP     IKEv2:     ESP           []
Sep 21 07:19:58.822921:   CHACHA20_POLY1305       IKEv1:             IKEv2: IKE ESP           [*256]  chacha20poly1305
Sep 21 07:19:58.822929: Hash algorithms:
Sep 21 07:19:58.822932:   MD5                     IKEv1: IKE         IKEv2:                 
Sep 21 07:19:58.822935:   SHA1                    IKEv1: IKE         IKEv2:             FIPS  sha
Sep 21 07:19:58.822938:   SHA2_256                IKEv1: IKE         IKEv2:             FIPS  sha2, sha256
Sep 21 07:19:58.822941:   SHA2_384                IKEv1: IKE         IKEv2:             FIPS  sha384
Sep 21 07:19:58.822943:   SHA2_512                IKEv1: IKE         IKEv2:             FIPS  sha512
Sep 21 07:19:58.822957: PRF algorithms:
Sep 21 07:19:58.822960:   HMAC_MD5                IKEv1: IKE         IKEv2: IKE               md5
Sep 21 07:19:58.822963:   HMAC_SHA1               IKEv1: IKE         IKEv2: IKE         FIPS  sha, sha1
Sep 21 07:19:58.822966:   HMAC_SHA2_256           IKEv1: IKE         IKEv2: IKE         FIPS  sha2, sha256, sha2_256
Sep 21 07:19:58.822969:   HMAC_SHA2_384           IKEv1: IKE         IKEv2: IKE         FIPS  sha384, sha2_384
Sep 21 07:19:58.822972:   HMAC_SHA2_512           IKEv1: IKE         IKEv2: IKE         FIPS  sha512, sha2_512
Sep 21 07:19:58.822975:   AES_XCBC                IKEv1:             IKEv2: IKE               aes128_xcbc
Sep 21 07:19:58.823000: Integrity algorithms:
Sep 21 07:19:58.823004:   HMAC_MD5_96             IKEv1: IKE ESP AH  IKEv2: IKE ESP AH        md5, hmac_md5
Sep 21 07:19:58.823008:   HMAC_SHA1_96            IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  sha, sha1, sha1_96, hmac_sha1
Sep 21 07:19:58.823012:   HMAC_SHA2_512_256       IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  sha512, sha2_512, sha2_512_256, hmac_sha2_512
Sep 21 07:19:58.823016:   HMAC_SHA2_384_192       IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  sha384, sha2_384, sha2_384_192, hmac_sha2_384
Sep 21 07:19:58.823020:   HMAC_SHA2_256_128       IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  sha2, sha256, sha2_256, sha2_256_128, hmac_sha2_256
Sep 21 07:19:58.823023:   HMAC_SHA2_256_TRUNCBUG  IKEv1:     ESP AH  IKEv2:         AH      
Sep 21 07:19:58.823026:   AES_XCBC_96             IKEv1:     ESP AH  IKEv2: IKE ESP AH        aes_xcbc, aes128_xcbc, aes128_xcbc_96
Sep 21 07:19:58.823029:   AES_CMAC_96             IKEv1:     ESP AH  IKEv2:     ESP AH  FIPS  aes_cmac
Sep 21 07:19:58.823032:   NONE                    IKEv1:     ESP     IKEv2: IKE ESP     FIPS  null
Sep 21 07:19:58.823044: DH algorithms:
Sep 21 07:19:58.823048:   NONE                    IKEv1:             IKEv2: IKE ESP AH  FIPS  null, dh0
Sep 21 07:19:58.823050:   MODP1536                IKEv1: IKE ESP AH  IKEv2: IKE ESP AH        dh5
Sep 21 07:19:58.823053:   MODP2048                IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  dh14
Sep 21 07:19:58.823058:   MODP3072                IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  dh15
Sep 21 07:19:58.823061:   MODP4096                IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  dh16
Sep 21 07:19:58.823063:   MODP6144                IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  dh17
Sep 21 07:19:58.823066:   MODP8192                IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  dh18
Sep 21 07:19:58.823069:   DH19                    IKEv1: IKE         IKEv2: IKE ESP AH  FIPS  ecp_256, ecp256
Sep 21 07:19:58.823072:   DH20                    IKEv1: IKE         IKEv2: IKE ESP AH  FIPS  ecp_384, ecp384
Sep 21 07:19:58.823075:   DH21                    IKEv1: IKE         IKEv2: IKE ESP AH  FIPS  ecp_521, ecp521
Sep 21 07:19:58.823077:   DH31                    IKEv1: IKE         IKEv2: IKE ESP AH        curve25519
Sep 21 07:19:58.823080: testing CAMELLIA_CBC:
Sep 21 07:19:58.823083:   Camellia: 16 bytes with 128-bit key
Sep 21 07:19:58.823221:   Camellia: 16 bytes with 128-bit key
Sep 21 07:19:58.823255:   Camellia: 16 bytes with 256-bit key
Sep 21 07:19:58.823289:   Camellia: 16 bytes with 256-bit key
Sep 21 07:19:58.823320: testing AES_GCM_16:
Sep 21 07:19:58.823324:   empty string
Sep 21 07:19:58.823356:   one block
Sep 21 07:19:58.823385:   two blocks
Sep 21 07:19:58.823413:   two blocks with associated data
Sep 21 07:19:58.823440: testing AES_CTR:
Sep 21 07:19:58.823443:   Encrypting 16 octets using AES-CTR with 128-bit key
Sep 21 07:19:58.823472:   Encrypting 32 octets using AES-CTR with 128-bit key
Sep 21 07:19:58.823500:   Encrypting 36 octets using AES-CTR with 128-bit key
Sep 21 07:19:58.823529:   Encrypting 16 octets using AES-CTR with 192-bit key
Sep 21 07:19:58.823556:   Encrypting 32 octets using AES-CTR with 192-bit key
Sep 21 07:19:58.823587:   Encrypting 36 octets using AES-CTR with 192-bit key
Sep 21 07:19:58.823615:   Encrypting 16 octets using AES-CTR with 256-bit key
Sep 21 07:19:58.823641:   Encrypting 32 octets using AES-CTR with 256-bit key
Sep 21 07:19:58.823669:   Encrypting 36 octets using AES-CTR with 256-bit key
Sep 21 07:19:58.823701: testing AES_CBC:
Sep 21 07:19:58.823704:   Encrypting 16 bytes (1 block) using AES-CBC with 128-bit key
Sep 21 07:19:58.823733:   Encrypting 32 bytes (2 blocks) using AES-CBC with 128-bit key
Sep 21 07:19:58.823764:   Encrypting 48 bytes (3 blocks) using AES-CBC with 128-bit key
Sep 21 07:19:58.823800:   Encrypting 64 bytes (4 blocks) using AES-CBC with 128-bit key
Sep 21 07:19:58.823840: testing AES_XCBC:
Sep 21 07:19:58.823844:   RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input
Sep 21 07:19:58.823968:   RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input
Sep 21 07:19:58.824105:   RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input
Sep 21 07:19:58.824236:   RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input
Sep 21 07:19:58.824367:   RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input
Sep 21 07:19:58.824499:   RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input
Sep 21 07:19:58.824636:   RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input
Sep 21 07:19:58.824943:   RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16)
Sep 21 07:19:58.825082:   RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10)
Sep 21 07:19:58.825227:   RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18)
Sep 21 07:19:58.825477: testing HMAC_MD5:
Sep 21 07:19:58.825482:   RFC 2104: MD5_HMAC test 1
Sep 21 07:19:58.825671:   RFC 2104: MD5_HMAC test 2
Sep 21 07:19:58.825839:   RFC 2104: MD5_HMAC test 3
Sep 21 07:19:58.826026: 8 CPU cores online
Sep 21 07:19:58.826032: starting up 7 crypto helpers
Sep 21 07:19:58.826075: started thread for crypto helper 0
Sep 21 07:19:58.826100: started thread for crypto helper 1
Sep 21 07:19:58.826123: started thread for crypto helper 2
Sep 21 07:19:58.826145: started thread for crypto helper 3
Sep 21 07:19:58.826167: started thread for crypto helper 4
Sep 21 07:19:58.826188: started thread for crypto helper 5
Sep 21 07:19:58.826214: started thread for crypto helper 6
Sep 21 07:19:58.826219: | checking IKEv1 state table
Sep 21 07:19:58.826227: |   MAIN_R0: category: half-open IKE SA flags: 0:
Sep 21 07:19:58.826230: |     -> MAIN_R1 EVENT_SO_DISCARD
Sep 21 07:19:58.826233: |   MAIN_I1: category: half-open IKE SA flags: 0:
Sep 21 07:19:58.826235: |     -> MAIN_I2 EVENT_RETRANSMIT
Sep 21 07:19:58.826238: |   MAIN_R1: category: open IKE SA flags: 200:
Sep 21 07:19:58.826240: |     -> MAIN_R2 EVENT_RETRANSMIT
Sep 21 07:19:58.826242: |     -> UNDEFINED EVENT_RETRANSMIT
Sep 21 07:19:58.826245: |     -> UNDEFINED EVENT_RETRANSMIT
Sep 21 07:19:58.826247: |   MAIN_I2: category: open IKE SA flags: 0:
Sep 21 07:19:58.826250: |     -> MAIN_I3 EVENT_RETRANSMIT
Sep 21 07:19:58.826252: |     -> UNDEFINED EVENT_RETRANSMIT
Sep 21 07:19:58.826254: |     -> UNDEFINED EVENT_RETRANSMIT
Sep 21 07:19:58.826257: |   MAIN_R2: category: open IKE SA flags: 0:
Sep 21 07:19:58.826259: |     -> MAIN_R3 EVENT_SA_REPLACE
Sep 21 07:19:58.826261: |     -> MAIN_R3 EVENT_SA_REPLACE
Sep 21 07:19:58.826264: |     -> UNDEFINED EVENT_SA_REPLACE
Sep 21 07:19:58.826266: |   MAIN_I3: category: open IKE SA flags: 0:
Sep 21 07:19:58.826269: |     -> MAIN_I4 EVENT_SA_REPLACE
Sep 21 07:19:58.826271: |     -> MAIN_I4 EVENT_SA_REPLACE
Sep 21 07:19:58.826272: |     -> UNDEFINED EVENT_SA_REPLACE
Sep 21 07:19:58.826275: |   MAIN_R3: category: established IKE SA flags: 200:
Sep 21 07:19:58.826278: |     -> UNDEFINED EVENT_NULL
Sep 21 07:19:58.826280: |   MAIN_I4: category: established IKE SA flags: 0:
Sep 21 07:19:58.826283: |     -> UNDEFINED EVENT_NULL
Sep 21 07:19:58.826285: |   AGGR_R0: category: half-open IKE SA flags: 0:
Sep 21 07:19:58.826288: |     -> AGGR_R1 EVENT_SO_DISCARD
Sep 21 07:19:58.826290: |   AGGR_I1: category: half-open IKE SA flags: 0:
Sep 21 07:19:58.826292: |     -> AGGR_I2 EVENT_SA_REPLACE
Sep 21 07:19:58.826295: |     -> AGGR_I2 EVENT_SA_REPLACE
Sep 21 07:19:58.826297: |   AGGR_R1: category: open IKE SA flags: 200:
Sep 21 07:19:58.826300: |     -> AGGR_R2 EVENT_SA_REPLACE
Sep 21 07:19:58.826302: |     -> AGGR_R2 EVENT_SA_REPLACE
Sep 21 07:19:58.826305: |   AGGR_I2: category: established IKE SA flags: 200:
Sep 21 07:19:58.826307: |     -> UNDEFINED EVENT_NULL
Sep 21 07:19:58.826310: |   AGGR_R2: category: established IKE SA flags: 0:
Sep 21 07:19:58.826312: |     -> UNDEFINED EVENT_NULL
Sep 21 07:19:58.826315: |   QUICK_R0: category: established CHILD SA flags: 0:
Sep 21 07:19:58.826317: |     -> QUICK_R1 EVENT_RETRANSMIT
Sep 21 07:19:58.826320: |   QUICK_I1: category: established CHILD SA flags: 0:
Sep 21 07:19:58.826322: |     -> QUICK_I2 EVENT_SA_REPLACE
Sep 21 07:19:58.826324: |   QUICK_R1: category: established CHILD SA flags: 0:
Sep 21 07:19:58.826326: |     -> QUICK_R2 EVENT_SA_REPLACE
Sep 21 07:19:58.826329: |   QUICK_I2: category: established CHILD SA flags: 200:
Sep 21 07:19:58.826332: |     -> UNDEFINED EVENT_NULL
Sep 21 07:19:58.826334: |   QUICK_R2: category: established CHILD SA flags: 0:
Sep 21 07:19:58.826337: |     -> UNDEFINED EVENT_NULL
Sep 21 07:19:58.826339: |   INFO: category: informational flags: 0:
Sep 21 07:19:58.826342: |     -> UNDEFINED EVENT_NULL
Sep 21 07:19:58.826344: |   INFO_PROTECTED: category: informational flags: 0:
Sep 21 07:19:58.826347: |     -> UNDEFINED EVENT_NULL
Sep 21 07:19:58.826349: |   XAUTH_R0: category: established IKE SA flags: 0:
Sep 21 07:19:58.826352: |     -> XAUTH_R1 EVENT_NULL
Sep 21 07:19:58.826354: |   XAUTH_R1: category: established IKE SA flags: 0:
Sep 21 07:19:58.826356: |     -> MAIN_R3 EVENT_SA_REPLACE
Sep 21 07:19:58.826359: |   MODE_CFG_R0: category: informational flags: 0:
Sep 21 07:19:58.826361: |     -> MODE_CFG_R1 EVENT_SA_REPLACE
Sep 21 07:19:58.826364: |   MODE_CFG_R1: category: established IKE SA flags: 0:
Sep 21 07:19:58.826366: |     -> MODE_CFG_R2 EVENT_SA_REPLACE
Sep 21 07:19:58.826369: |   MODE_CFG_R2: category: established IKE SA flags: 0:
Sep 21 07:19:58.826371: |     -> UNDEFINED EVENT_NULL
Sep 21 07:19:58.826373: |   MODE_CFG_I1: category: established IKE SA flags: 0:
Sep 21 07:19:58.826379: |     -> MAIN_I4 EVENT_SA_REPLACE
Sep 21 07:19:58.826382: |   XAUTH_I0: category: established IKE SA flags: 0:
Sep 21 07:19:58.826384: |     -> XAUTH_I1 EVENT_RETRANSMIT
Sep 21 07:19:58.826386: |   XAUTH_I1: category: established IKE SA flags: 0:
Sep 21 07:19:58.826388: |     -> MAIN_I4 EVENT_RETRANSMIT
Sep 21 07:19:58.826396: | checking IKEv2 state table
Sep 21 07:19:58.826402: |   PARENT_I0: category: ignore flags: 0:
Sep 21 07:19:58.826405: |     -> PARENT_I1 EVENT_RETRANSMIT send-request (initiate IKE_SA_INIT)
Sep 21 07:19:58.826408: |   PARENT_I1: category: half-open IKE SA flags: 0:
Sep 21 07:19:58.826411: |     -> PARENT_I1 EVENT_RETAIN send-request (Initiator: process SA_INIT reply notification)
Sep 21 07:19:58.826414: |     -> PARENT_I2 EVENT_RETRANSMIT send-request (Initiator: process IKE_SA_INIT reply, initiate IKE_AUTH)
Sep 21 07:19:58.826417: |   PARENT_I2: category: open IKE SA flags: 0:
Sep 21 07:19:58.826419: |     -> PARENT_I2 EVENT_NULL (Initiator: process INVALID_SYNTAX AUTH notification)
Sep 21 07:19:58.826422: |     -> PARENT_I2 EVENT_NULL (Initiator: process AUTHENTICATION_FAILED AUTH notification)
Sep 21 07:19:58.826425: |     -> PARENT_I2 EVENT_NULL (Initiator: process UNSUPPORTED_CRITICAL_PAYLOAD AUTH notification)
Sep 21 07:19:58.826428: |     -> V2_IPSEC_I EVENT_SA_REPLACE (Initiator: process IKE_AUTH response)
Sep 21 07:19:58.826430: |     -> PARENT_I2 EVENT_NULL (IKE SA: process IKE_AUTH response containing unknown notification)
Sep 21 07:19:58.826433: |   PARENT_I3: category: established IKE SA flags: 0:
Sep 21 07:19:58.826436: |     -> PARENT_I3 EVENT_RETAIN (I3: Informational Request)
Sep 21 07:19:58.826438: |     -> PARENT_I3 EVENT_RETAIN (I3: Informational Response)
Sep 21 07:19:58.826441: |     -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Request)
Sep 21 07:19:58.826443: |     -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Response)
Sep 21 07:19:58.826446: |   PARENT_R0: category: half-open IKE SA flags: 0:
Sep 21 07:19:58.826449: |     -> PARENT_R1 EVENT_SO_DISCARD send-request (Respond to IKE_SA_INIT)
Sep 21 07:19:58.826451: |   PARENT_R1: category: half-open IKE SA flags: 0:
Sep 21 07:19:58.826454: |     -> PARENT_R1 EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request (no SKEYSEED))
Sep 21 07:19:58.826457: |     -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request)
Sep 21 07:19:58.826460: |   PARENT_R2: category: established IKE SA flags: 0:
Sep 21 07:19:58.826462: |     -> PARENT_R2 EVENT_RETAIN (R2: process Informational Request)
Sep 21 07:19:58.826465: |     -> PARENT_R2 EVENT_RETAIN (R2: process Informational Response)
Sep 21 07:19:58.826467: |     -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Request)
Sep 21 07:19:58.826470: |     -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Response)
Sep 21 07:19:58.826472: |   V2_CREATE_I0: category: established IKE SA flags: 0:
Sep 21 07:19:58.826475: |     -> V2_CREATE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec SA)
Sep 21 07:19:58.826478: |   V2_CREATE_I: category: established IKE SA flags: 0:
Sep 21 07:19:58.826480: |     -> V2_IPSEC_I EVENT_SA_REPLACE (Process CREATE_CHILD_SA IPsec SA Response)
Sep 21 07:19:58.826483: |   V2_REKEY_IKE_I0: category: established IKE SA flags: 0:
Sep 21 07:19:58.826486: |     -> V2_REKEY_IKE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IKE Rekey)
Sep 21 07:19:58.826489: |   V2_REKEY_IKE_I: category: established IKE SA flags: 0:
Sep 21 07:19:58.826491: |     -> PARENT_I3 EVENT_SA_REPLACE (Process CREATE_CHILD_SA IKE Rekey Response)
Sep 21 07:19:58.826494: |   V2_REKEY_CHILD_I0: category: established IKE SA flags: 0:
Sep 21 07:19:58.826496: |     -> V2_REKEY_CHILD_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec Rekey SA)
Sep 21 07:19:58.826499: |   V2_REKEY_CHILD_I: category: established IKE SA flags: 0: <none>
Sep 21 07:19:58.826502: |   V2_CREATE_R: category: established IKE SA flags: 0:
Sep 21 07:19:58.826505: |     -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IPsec SA Request)
Sep 21 07:19:58.826510: |   V2_REKEY_IKE_R: category: established IKE SA flags: 0:
Sep 21 07:19:58.826513: |     -> PARENT_R2 EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IKE Rekey)
Sep 21 07:19:58.826515: |   V2_REKEY_CHILD_R: category: established IKE SA flags: 0: <none>
Sep 21 07:19:58.826518: |   V2_IPSEC_I: category: established CHILD SA flags: 0: <none>
Sep 21 07:19:58.826521: |   V2_IPSEC_R: category: established CHILD SA flags: 0: <none>
Sep 21 07:19:58.826524: |   IKESA_DEL: category: established IKE SA flags: 0:
Sep 21 07:19:58.826527: |     -> IKESA_DEL EVENT_RETAIN (IKE_SA_DEL: process INFORMATIONAL)
Sep 21 07:19:58.826530: |   CHILDSA_DEL: category: informational flags: 0: <none>
Sep 21 07:19:58.826585: Using Linux XFRM/NETKEY IPsec interface code on 5.2.11+
Sep 21 07:19:58.826637: | Hard-wiring algorithms
Sep 21 07:19:58.826642: | adding AES_CCM_16 to kernel algorithm db
Sep 21 07:19:58.826647: | adding AES_CCM_12 to kernel algorithm db
Sep 21 07:19:58.826650: | adding AES_CCM_8 to kernel algorithm db
Sep 21 07:19:58.826652: | adding 3DES_CBC to kernel algorithm db
Sep 21 07:19:58.826655: | adding CAMELLIA_CBC to kernel algorithm db
Sep 21 07:19:58.826657: | adding AES_GCM_16 to kernel algorithm db
Sep 21 07:19:58.826659: | adding AES_GCM_12 to kernel algorithm db
Sep 21 07:19:58.826662: | adding AES_GCM_8 to kernel algorithm db
Sep 21 07:19:58.826664: | adding AES_CTR to kernel algorithm db
Sep 21 07:19:58.826666: | adding AES_CBC to kernel algorithm db
Sep 21 07:19:58.826669: | adding SERPENT_CBC to kernel algorithm db
Sep 21 07:19:58.826672: | adding TWOFISH_CBC to kernel algorithm db
Sep 21 07:19:58.826674: | adding NULL_AUTH_AES_GMAC to kernel algorithm db
Sep 21 07:19:58.826677: | adding NULL to kernel algorithm db
Sep 21 07:19:58.826680: | adding CHACHA20_POLY1305 to kernel algorithm db
Sep 21 07:19:58.826682: | adding HMAC_MD5_96 to kernel algorithm db
Sep 21 07:19:58.826685: | adding HMAC_SHA1_96 to kernel algorithm db
Sep 21 07:19:58.826687: | adding HMAC_SHA2_512_256 to kernel algorithm db
Sep 21 07:19:58.826690: | adding HMAC_SHA2_384_192 to kernel algorithm db
Sep 21 07:19:58.826692: | adding HMAC_SHA2_256_128 to kernel algorithm db
Sep 21 07:19:58.826695: | adding HMAC_SHA2_256_TRUNCBUG to kernel algorithm db
Sep 21 07:19:58.826697: | adding AES_XCBC_96 to kernel algorithm db
Sep 21 07:19:58.826700: | adding AES_CMAC_96 to kernel algorithm db
Sep 21 07:19:58.826702: | adding NONE to kernel algorithm db
Sep 21 07:19:58.826728: | net.ipv6.conf.all.disable_ipv6=1 ignore ipv6 holes
Sep 21 07:19:58.826735: | global periodic timer EVENT_SHUNT_SCAN enabled with interval of 20 seconds
Sep 21 07:19:58.826738: | setup kernel fd callback
Sep 21 07:19:58.826741: | add_fd_read_event_handler: new KERNEL_XRM_FD-pe@0x5648c3bbfce0
Sep 21 07:19:58.826746: | libevent_malloc: new ptr-libevent@0x5648c3bcbe80 size 128
Sep 21 07:19:58.826749: | libevent_malloc: new ptr-libevent@0x5648c3bbefc0 size 16
Sep 21 07:19:58.826756: | add_fd_read_event_handler: new KERNEL_ROUTE_FD-pe@0x5648c3bbfca0
Sep 21 07:19:58.826759: | libevent_malloc: new ptr-libevent@0x5648c3bcbf10 size 128
Sep 21 07:19:58.826761: | libevent_malloc: new ptr-libevent@0x5648c3bbefe0 size 16
Sep 21 07:19:58.827349: | global one-shot timer EVENT_CHECK_CRLS initialized
Sep 21 07:19:58.827363: selinux support is enabled.
Sep 21 07:19:58.827448: systemd watchdog not enabled - not sending watchdog keepalives
Sep 21 07:19:58.827643: | unbound context created - setting debug level to 5
Sep 21 07:19:58.827672: | /etc/hosts lookups activated
Sep 21 07:19:58.827691: | /etc/resolv.conf usage activated
Sep 21 07:19:58.827745: | outgoing-port-avoid set 0-65535
Sep 21 07:19:58.827775: | outgoing-port-permit set 32768-60999
Sep 21 07:19:58.827778: | Loading dnssec root key from:/var/lib/unbound/root.key
Sep 21 07:19:58.827781: | No additional dnssec trust anchors defined via dnssec-trusted= option
Sep 21 07:19:58.827788: | Setting up events, loop start
Sep 21 07:19:58.827794: | add_fd_read_event_handler: new PLUTO_CTL_FD-pe@0x5648c3bba200
Sep 21 07:19:58.827800: | libevent_malloc: new ptr-libevent@0x5648c3bd6480 size 128
Sep 21 07:19:58.827804: | libevent_malloc: new ptr-libevent@0x5648c3bd6510 size 16
Sep 21 07:19:58.827812: | libevent_realloc: new ptr-libevent@0x5648c3b3a5b0 size 256
Sep 21 07:19:58.827815: | libevent_malloc: new ptr-libevent@0x5648c3bd6530 size 8
Sep 21 07:19:58.827818: | libevent_realloc: new ptr-libevent@0x5648c3bcb200 size 144
Sep 21 07:19:58.827821: | libevent_malloc: new ptr-libevent@0x5648c3bd6550 size 152
Sep 21 07:19:58.827825: | libevent_malloc: new ptr-libevent@0x5648c3bd65f0 size 16
Sep 21 07:19:58.827829: | signal event handler PLUTO_SIGCHLD installed
Sep 21 07:19:58.827832: | libevent_malloc: new ptr-libevent@0x5648c3bd6610 size 8
Sep 21 07:19:58.827834: | libevent_malloc: new ptr-libevent@0x5648c3bd6630 size 152
Sep 21 07:19:58.827838: | signal event handler PLUTO_SIGTERM installed
Sep 21 07:19:58.827841: | libevent_malloc: new ptr-libevent@0x5648c3bd66d0 size 8
Sep 21 07:19:58.827843: | libevent_malloc: new ptr-libevent@0x5648c3bd66f0 size 152
Sep 21 07:19:58.827846: | signal event handler PLUTO_SIGHUP installed
Sep 21 07:19:58.827849: | libevent_malloc: new ptr-libevent@0x5648c3bd6790 size 8
Sep 21 07:19:58.827851: | libevent_realloc: release ptr-libevent@0x5648c3bcb200
Sep 21 07:19:58.827854: | libevent_realloc: new ptr-libevent@0x5648c3bd67b0 size 256
Sep 21 07:19:58.827856: | libevent_malloc: new ptr-libevent@0x5648c3bcb200 size 152
Sep 21 07:19:58.827859: | signal event handler PLUTO_SIGSYS installed
Sep 21 07:19:58.828255: | created addconn helper (pid:17672) using fork+execve
Sep 21 07:19:58.828268: | forked child 17672
Sep 21 07:19:58.828311: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721)
Sep 21 07:19:58.828328: | pluto_sd: executing action action: reloading(4), status 0
Sep 21 07:19:58.828338: listening for IKE messages
Sep 21 07:19:58.828380: | Inspecting interface lo 
Sep 21 07:19:58.828388: | found lo with address 127.0.0.1
Sep 21 07:19:58.828391: | Inspecting interface eth0 
Sep 21 07:19:58.828395: | found eth0 with address 192.0.1.254
Sep 21 07:19:58.828397: | Inspecting interface eth1 
Sep 21 07:19:58.828401: | found eth1 with address 192.1.2.45
Sep 21 07:19:58.828450: Kernel supports NIC esp-hw-offload
Sep 21 07:19:58.828463: adding interface eth1/eth1 (esp-hw-offload not supported by kernel) 192.1.2.45:500
Sep 21 07:19:58.828490: | NAT-Traversal: Trying sockopt style NAT-T
Sep 21 07:19:58.828495: | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4
Sep 21 07:19:58.828499: adding interface eth1/eth1 192.1.2.45:4500
Sep 21 07:19:58.828528: adding interface eth0/eth0 (esp-hw-offload not supported by kernel) 192.0.1.254:500
Sep 21 07:19:58.828553: | NAT-Traversal: Trying sockopt style NAT-T
Sep 21 07:19:58.828558: | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4
Sep 21 07:19:58.828561: adding interface eth0/eth0 192.0.1.254:4500
Sep 21 07:19:58.828587: adding interface lo/lo (esp-hw-offload not supported by kernel) 127.0.0.1:500
Sep 21 07:19:58.828607: | NAT-Traversal: Trying sockopt style NAT-T
Sep 21 07:19:58.828611: | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4
Sep 21 07:19:58.828614: adding interface lo/lo 127.0.0.1:4500
Sep 21 07:19:58.828670: | no interfaces to sort
Sep 21 07:19:58.828675: | FOR_EACH_UNORIENTED_CONNECTION_... in check_orientations
Sep 21 07:19:58.828684: | add_fd_read_event_handler: new ethX-pe@0x5648c3bd6b20
Sep 21 07:19:58.828688: | libevent_malloc: new ptr-libevent@0x5648c3bd6b60 size 128
Sep 21 07:19:58.828691: | libevent_malloc: new ptr-libevent@0x5648c3bd6bf0 size 16
Sep 21 07:19:58.828698: | setup callback for interface lo 127.0.0.1:4500 fd 22
Sep 21 07:19:58.828701: | add_fd_read_event_handler: new ethX-pe@0x5648c3bd6c10
Sep 21 07:19:58.828703: | libevent_malloc: new ptr-libevent@0x5648c3bd6c50 size 128
Sep 21 07:19:58.828706: | libevent_malloc: new ptr-libevent@0x5648c3bd6ce0 size 16
Sep 21 07:19:58.828715: | setup callback for interface lo 127.0.0.1:500 fd 21
Sep 21 07:19:58.828718: | add_fd_read_event_handler: new ethX-pe@0x5648c3bd6d00
Sep 21 07:19:58.828720: | libevent_malloc: new ptr-libevent@0x5648c3bd6d40 size 128
Sep 21 07:19:58.828723: | libevent_malloc: new ptr-libevent@0x5648c3bd6dd0 size 16
Sep 21 07:19:58.828727: | setup callback for interface eth0 192.0.1.254:4500 fd 20
Sep 21 07:19:58.828730: | add_fd_read_event_handler: new ethX-pe@0x5648c3bd6df0
Sep 21 07:19:58.828732: | libevent_malloc: new ptr-libevent@0x5648c3bd6e30 size 128
Sep 21 07:19:58.828735: | libevent_malloc: new ptr-libevent@0x5648c3bd6ec0 size 16
Sep 21 07:19:58.828739: | setup callback for interface eth0 192.0.1.254:500 fd 19
Sep 21 07:19:58.828742: | add_fd_read_event_handler: new ethX-pe@0x5648c3bd6ee0
Sep 21 07:19:58.828745: | libevent_malloc: new ptr-libevent@0x5648c3bd6f20 size 128
Sep 21 07:19:58.828747: | libevent_malloc: new ptr-libevent@0x5648c3bd6fb0 size 16
Sep 21 07:19:58.828752: | setup callback for interface eth1 192.1.2.45:4500 fd 18
Sep 21 07:19:58.828754: | add_fd_read_event_handler: new ethX-pe@0x5648c3bd6fd0
Sep 21 07:19:58.828756: | libevent_malloc: new ptr-libevent@0x5648c3bd7010 size 128
Sep 21 07:19:58.828759: | libevent_malloc: new ptr-libevent@0x5648c3bd70a0 size 16
Sep 21 07:19:58.828763: | setup callback for interface eth1 192.1.2.45:500 fd 17
Sep 21 07:19:58.828768: | certs and keys locked by 'free_preshared_secrets'
Sep 21 07:19:58.828770: | certs and keys unlocked by 'free_preshared_secrets'
Sep 21 07:19:58.828798: loading secrets from "/etc/ipsec.secrets"
Sep 21 07:19:58.828811: | id type added to secret(0x5648c3bcc060) PKK_PSK: @east
Sep 21 07:19:58.828815: | id type added to secret(0x5648c3bcc060) PKK_PSK: @west
Sep 21 07:19:58.828820: | Processing PSK at line 1: passed
Sep 21 07:19:58.828822: | certs and keys locked by 'process_secret'
Sep 21 07:19:58.828826: | certs and keys unlocked by 'process_secret'
Sep 21 07:19:58.828831: | pluto_sd: executing action action: ready(5), status 0
Sep 21 07:19:58.828838: | close_any(fd@16) (in whack_process() at rcv_whack.c:700)
Sep 21 07:19:58.828845: | spent 0.54 milliseconds in whack
Sep 21 07:19:58.829922: | starting up helper thread 2
Sep 21 07:19:58.829942: | status value returned by setting the priority of this thread (crypto helper 2) 22
Sep 21 07:19:58.829947: | crypto helper 2 waiting (nothing to do)
Sep 21 07:19:58.829957: | starting up helper thread 3
Sep 21 07:19:58.829962: | status value returned by setting the priority of this thread (crypto helper 3) 22
Sep 21 07:19:58.829965: | crypto helper 3 waiting (nothing to do)
Sep 21 07:19:58.830208: | starting up helper thread 0
Sep 21 07:19:58.830218: | status value returned by setting the priority of this thread (crypto helper 0) 22
Sep 21 07:19:58.830220: | crypto helper 0 waiting (nothing to do)
Sep 21 07:19:58.833799: | starting up helper thread 6
Sep 21 07:19:58.833815: | status value returned by setting the priority of this thread (crypto helper 6) 22
Sep 21 07:19:58.833818: | crypto helper 6 waiting (nothing to do)
Sep 21 07:19:58.833828: | starting up helper thread 4
Sep 21 07:19:58.833833: | status value returned by setting the priority of this thread (crypto helper 4) 22
Sep 21 07:19:58.833836: | crypto helper 4 waiting (nothing to do)
Sep 21 07:19:58.843806: | starting up helper thread 5
Sep 21 07:19:58.843828: | status value returned by setting the priority of this thread (crypto helper 5) 22
Sep 21 07:19:58.843831: | crypto helper 5 waiting (nothing to do)
Sep 21 07:19:58.843841: | starting up helper thread 1
Sep 21 07:19:58.843846: | status value returned by setting the priority of this thread (crypto helper 1) 22
Sep 21 07:19:58.843848: | crypto helper 1 waiting (nothing to do)
Sep 21 07:19:58.886765: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721)
Sep 21 07:19:58.886795: | pluto_sd: executing action action: reloading(4), status 0
Sep 21 07:19:58.886802: listening for IKE messages
Sep 21 07:19:58.886836: | Inspecting interface lo 
Sep 21 07:19:58.886849: | found lo with address 127.0.0.1
Sep 21 07:19:58.886852: | Inspecting interface eth0 
Sep 21 07:19:58.886856: | found eth0 with address 192.0.1.254
Sep 21 07:19:58.886859: | Inspecting interface eth1 
Sep 21 07:19:58.886863: | found eth1 with address 192.1.2.45
Sep 21 07:19:58.886931: | no interfaces to sort
Sep 21 07:19:58.886941: | libevent_free: release ptr-libevent@0x5648c3bd6b60
Sep 21 07:19:58.886944: | free_event_entry: release EVENT_NULL-pe@0x5648c3bd6b20
Sep 21 07:19:58.886947: | add_fd_read_event_handler: new ethX-pe@0x5648c3bd6b20
Sep 21 07:19:58.886951: | libevent_malloc: new ptr-libevent@0x5648c3bd6b60 size 128
Sep 21 07:19:58.886958: | setup callback for interface lo 127.0.0.1:4500 fd 22
Sep 21 07:19:58.886962: | libevent_free: release ptr-libevent@0x5648c3bd6c50
Sep 21 07:19:58.886964: | free_event_entry: release EVENT_NULL-pe@0x5648c3bd6c10
Sep 21 07:19:58.886967: | add_fd_read_event_handler: new ethX-pe@0x5648c3bd6c10
Sep 21 07:19:58.886970: | libevent_malloc: new ptr-libevent@0x5648c3bd6c50 size 128
Sep 21 07:19:58.886974: | setup callback for interface lo 127.0.0.1:500 fd 21
Sep 21 07:19:58.886978: | libevent_free: release ptr-libevent@0x5648c3bd6d40
Sep 21 07:19:58.886980: | free_event_entry: release EVENT_NULL-pe@0x5648c3bd6d00
Sep 21 07:19:58.886982: | add_fd_read_event_handler: new ethX-pe@0x5648c3bd6d00
Sep 21 07:19:58.886984: | libevent_malloc: new ptr-libevent@0x5648c3bd6d40 size 128
Sep 21 07:19:58.886989: | setup callback for interface eth0 192.0.1.254:4500 fd 20
Sep 21 07:19:58.886992: | libevent_free: release ptr-libevent@0x5648c3bd6e30
Sep 21 07:19:58.886995: | free_event_entry: release EVENT_NULL-pe@0x5648c3bd6df0
Sep 21 07:19:58.886997: | add_fd_read_event_handler: new ethX-pe@0x5648c3bd6df0
Sep 21 07:19:58.886999: | libevent_malloc: new ptr-libevent@0x5648c3bd6e30 size 128
Sep 21 07:19:58.887003: | setup callback for interface eth0 192.0.1.254:500 fd 19
Sep 21 07:19:58.887006: | libevent_free: release ptr-libevent@0x5648c3bd6f20
Sep 21 07:19:58.887008: | free_event_entry: release EVENT_NULL-pe@0x5648c3bd6ee0
Sep 21 07:19:58.887010: | add_fd_read_event_handler: new ethX-pe@0x5648c3bd6ee0
Sep 21 07:19:58.887012: | libevent_malloc: new ptr-libevent@0x5648c3bd6f20 size 128
Sep 21 07:19:58.887016: | setup callback for interface eth1 192.1.2.45:4500 fd 18
Sep 21 07:19:58.887019: | libevent_free: release ptr-libevent@0x5648c3bd7010
Sep 21 07:19:58.887021: | free_event_entry: release EVENT_NULL-pe@0x5648c3bd6fd0
Sep 21 07:19:58.887023: | add_fd_read_event_handler: new ethX-pe@0x5648c3bd6fd0
Sep 21 07:19:58.887025: | libevent_malloc: new ptr-libevent@0x5648c3bd7010 size 128
Sep 21 07:19:58.887029: | setup callback for interface eth1 192.1.2.45:500 fd 17
Sep 21 07:19:58.887032: | certs and keys locked by 'free_preshared_secrets'
Sep 21 07:19:58.887033: forgetting secrets
Sep 21 07:19:58.887038: | certs and keys unlocked by 'free_preshared_secrets'
Sep 21 07:19:58.887052: loading secrets from "/etc/ipsec.secrets"
Sep 21 07:19:58.887058: | id type added to secret(0x5648c3bcc060) PKK_PSK: @east
Sep 21 07:19:58.887062: | id type added to secret(0x5648c3bcc060) PKK_PSK: @west
Sep 21 07:19:58.887065: | Processing PSK at line 1: passed
Sep 21 07:19:58.887068: | certs and keys locked by 'process_secret'
Sep 21 07:19:58.887070: | certs and keys unlocked by 'process_secret'
Sep 21 07:19:58.887075: | pluto_sd: executing action action: ready(5), status 0
Sep 21 07:19:58.887080: | close_any(fd@16) (in whack_process() at rcv_whack.c:700)
Sep 21 07:19:58.887087: | spent 0.32 milliseconds in whack
Sep 21 07:19:58.888001: | processing signal PLUTO_SIGCHLD
Sep 21 07:19:58.888015: | waitpid returned pid 17672 (exited with status 0)
Sep 21 07:19:58.888019: | reaped addconn helper child (status 0)
Sep 21 07:19:58.888023: | waitpid returned ECHILD (no child processes left)
Sep 21 07:19:58.888028: | spent 0.0159 milliseconds in signal handler PLUTO_SIGCHLD
Sep 21 07:19:58.943753: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721)
Sep 21 07:19:58.943802: | FOR_EACH_CONNECTION_... in conn_by_name
Sep 21 07:19:58.943809: | FOR_EACH_CONNECTION_... in foreach_connection_by_alias
Sep 21 07:19:58.943812: | FOR_EACH_CONNECTION_... in conn_by_name
Sep 21 07:19:58.943814: | FOR_EACH_CONNECTION_... in foreach_connection_by_alias
Sep 21 07:19:58.943818: | FOR_EACH_CONNECTION_... in conn_by_name
Sep 21 07:19:58.943826: | Added new connection westnet-eastnet-ipv4-psk-ikev2 with policy PSK+ENCRYPT+TUNNEL+PFS+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO
Sep 21 07:19:58.943882: | ike (phase1) algorithm values: AES_GCM_16_256-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31, AES_GCM_16_128-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31, AES_CBC_256-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31, AES_CBC_128-HMAC_SHA2_512+HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31
Sep 21 07:19:58.943886: | from whack: got --esp=
Sep 21 07:19:58.943924: | ESP/AH string values: AES_GCM_16_256-NONE, AES_GCM_16_128-NONE, AES_CBC_256-HMAC_SHA2_512_256+HMAC_SHA2_256_128, AES_CBC_128-HMAC_SHA2_512_256+HMAC_SHA2_256_128
Sep 21 07:19:58.943930: | counting wild cards for @west is 0
Sep 21 07:19:58.943934: | counting wild cards for @east is 0
Sep 21 07:19:58.943945: | connect_to_host_pair: 192.1.2.45:500 192.1.2.23:500 -> hp@(nil): none
Sep 21 07:19:58.943950: | new hp@0x5648c3ba33a0
Sep 21 07:19:58.943955: added connection description "westnet-eastnet-ipv4-psk-ikev2"
Sep 21 07:19:58.943965: | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO
Sep 21 07:19:58.943976: | 192.0.1.0/24===192.1.2.45<192.1.2.45>[@west]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24
Sep 21 07:19:58.943983: | close_any(fd@16) (in whack_process() at rcv_whack.c:700)
Sep 21 07:19:58.943990: | spent 0.23 milliseconds in whack