/testing/guestbin/swan-prep --x509 Preparing X.509 files kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server]# certutil -D -n road -d sql:/etc/ipsec.d kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server]# certutil -D -n east -d sql:/etc/ipsec.d kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server]# cp road-ikev2-oe.conf /etc/ipsec.d/ikev2-oe.conf kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server]# cp policies/* /etc/ipsec.d/policies/ kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server]# echo "192.1.3.128/27" >> /etc/ipsec.d/policies/private-or-clear kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server]# ipsec start Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Redirecting to: namespaces direct start via ipsec pluto kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server]# /testing/pluto/bin/wait-until-pluto-started kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server]# ipsec whack --impair suppress-retransmits kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server]# # ensure for tests acquires expire before our failureshunt=2m kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server]# echo 30 > /proc/sys/net/core/xfrm_acq_expires kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server]# # give OE policies time to load kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server]# sleep 5 kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server]# ip -s xfrm monitor > /tmp/xfrm-monitor.out & [1] 3572 kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server]# echo "initdone" initdone kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server]# # one packet, which gets eaten by XFRM, so east does not initiate kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server]# ping -n -c 1 -I 192.1.3.209 192.1.3.130 PING 192.1.3.130 (192.1.3.130) from 192.1.3.209 : 56(84) bytes of data. --- 192.1.3.130 ping statistics --- 1 packets transmitted, 0 received, 100% packet loss, time 0ms [1]+ Terminated ip -s xfrm monitor > /tmp/xfrm-monitor.out kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server 1]# >>>>>>>>>>cutnonzeroexit>>>>>>>>>> exit status 1 roadrun.sh 'ping -n -c 1 -I 192.1.3.209 192.1.3.130' <<<<<<<<<>>>>>>>>>cutnonzeroexit>>>>>>>>>> exit status 1 roadrun.sh '# wait on OE IKE negotiation' <<<<<<<<<>>>>>>>>>cutnonzeroexit>>>>>>>>>> exit status 1 roadrun.sh '# ping should succeed through tunnel' <<<<<<<<<>>>>>>>>>cutnonzeroexit>>>>>>>>>> exit status 1 roadrun.sh 'ping -n -c 2 -I 192.1.3.209 192.1.3.130' <<<<<<<<<>>>>>>>>>cutnonzeroexit>>>>>>>>>> exit status 33 roadrun.sh 'ipsec whack --trafficstatus' <<<<<<<<<>>>>>>>>>cutnonzeroexit>>>>>>>>>> exit status 33 roadrun.sh 'ipsec whack --shuntstatus' <<<<<<<<< /dev/null 2> /dev/null kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server]# cp /tmp/xfrm-monitor.out OUTPUT/road.xfrm-monitor.txt kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server]# echo done done kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server]# # A tunnel should have established with non-zero byte counters kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server]# ip addr show scope global 2: ip_vti0@NONE: mtu 1480 qdisc noop state DOWN group default qlen 1000 link/ipip 0.0.0.0 brd 0.0.0.0 7889: eth0@if7890: mtu 1500 qdisc noqueue state UP group default qlen 1000 Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. link/ether 52:c4:2c:41:57:10 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 192.1.3.209/24 scope global eth0 valid_lft forever preferred_lft forever kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server]# # jacob two two for east? kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server]# ipsec whack --trafficstatus whack: is Pluto running? connect() for "/run/pluto/pluto.ctl" failed (111 Connection refused) kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server 33]# >>>>>>>>>>cutnonzeroexit>>>>>>>>>> exit status 33 final.sh 'ipsec whack --trafficstatus' <<<<<<<<<>>>>>>>>>cutnonzeroexit>>>>>>>>>> exit status 33 final.sh 'ipsec whack --trafficstatus' <<<<<<<<<>>>>>>>>>cutnonzeroexit>>>>>>>>>> exit status 1 final.sh 'grep IKEv2_AUTH_ /tmp/pluto.log' <<<<<<<<<>>>>>>>>>cutnonzeroexit>>>>>>>>>> exit status 33 final.sh 'ipsec auto --status' <<<<<<<<<>>>>>>>>>cutnonzeroexit>>>>>>>>>> exit status 33 final.sh 'ipsec stop' <<<<<<<<<>>>>>>>>>cutnonzeroexit>>>>>>>>>> exit status 33 final.sh '#check the ip extra ip address/sourceip address is removed' <<<<<<<<< mtu 1480 qdisc noop state DOWN group default qlen 1000 link/ipip 0.0.0.0 brd 0.0.0.0 7889: eth0@if7890: mtu 1500 qdisc noqueue state UP group default qlen 1000 Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. Error: Peer netns reference is invalid. link/ether 52:c4:2c:41:57:10 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 192.1.3.209/24 scope global eth0 valid_lft forever preferred_lft forever kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server]# : ==== tuc ==== kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server]# ../bin/check-for-core.sh kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server]# if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi kroot@swantest:/home/build/libreswan/testing/pluto/certoe-12-nat-server\[root@road certoe-12-nat-server 1]# >>>>>>>>>>cutnonzeroexit>>>>>>>>>> exit status 1 final.sh 'if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi' <<<<<<<<<