Sep 21 07:25:30.005831: FIPS Product: YES Sep 21 07:25:30.005880: FIPS Kernel: NO Sep 21 07:25:30.005884: FIPS Mode: NO Sep 21 07:25:30.005886: NSS DB directory: sql:/etc/ipsec.d Sep 21 07:25:30.006061: Initializing NSS Sep 21 07:25:30.006066: Opening NSS database "sql:/etc/ipsec.d" read-only Sep 21 07:25:30.045101: NSS initialized Sep 21 07:25:30.045118: NSS crypto library initialized Sep 21 07:25:30.045121: FIPS HMAC integrity support [enabled] Sep 21 07:25:30.045123: FIPS mode disabled for pluto daemon Sep 21 07:25:30.114129: FIPS HMAC integrity verification self-test FAILED Sep 21 07:25:30.114240: libcap-ng support [enabled] Sep 21 07:25:30.114254: Linux audit support [enabled] Sep 21 07:25:30.114329: Linux audit activated Sep 21 07:25:30.114336: Starting Pluto (Libreswan Version v3.28-827-gc9aa82b8a6-master-s2 XFRM(netkey) esp-hw-offload FORK PTHREAD_SETSCHEDPRIO NSS (IPsec profile) DNSSEC SYSTEMD_WATCHDOG FIPS_CHECK LABELED_IPSEC SECCOMP LIBCAP_NG LINUX_AUDIT XAUTH_PAM NETWORKMANAGER CURL(non-NSS)) pid:8679 Sep 21 07:25:30.114339: core dump dir: /tmp Sep 21 07:25:30.114342: secrets file: /etc/ipsec.secrets Sep 21 07:25:30.114344: leak-detective disabled Sep 21 07:25:30.114346: NSS crypto [enabled] Sep 21 07:25:30.114347: XAUTH PAM support [enabled] Sep 21 07:25:30.114421: | libevent is using pluto's memory allocator Sep 21 07:25:30.114429: Initializing libevent in pthreads mode: headers: 2.1.8-stable (2010800); library: 2.1.8-stable (2010800) Sep 21 07:25:30.114443: | libevent_malloc: new ptr-libevent@0x557d90aa52b0 size 40 Sep 21 07:25:30.114450: | libevent_malloc: new ptr-libevent@0x557d90aa6560 size 40 Sep 21 07:25:30.114454: | libevent_malloc: new ptr-libevent@0x557d90aa6590 size 40 Sep 21 07:25:30.114456: | creating event base Sep 21 07:25:30.114459: | libevent_malloc: new ptr-libevent@0x557d90aa6520 size 56 Sep 21 07:25:30.114463: | libevent_malloc: new ptr-libevent@0x557d90aa65c0 size 664 Sep 21 07:25:30.114475: | libevent_malloc: new ptr-libevent@0x557d90aa6860 size 24 Sep 21 07:25:30.114481: | libevent_malloc: new ptr-libevent@0x557d90a97f50 size 384 Sep 21 07:25:30.114492: | libevent_malloc: new ptr-libevent@0x557d90aa6880 size 16 Sep 21 07:25:30.114495: | libevent_malloc: new ptr-libevent@0x557d90aa68a0 size 40 Sep 21 07:25:30.114497: | libevent_malloc: new ptr-libevent@0x557d90aa68d0 size 48 Sep 21 07:25:30.114505: | libevent_realloc: new ptr-libevent@0x557d90a28370 size 256 Sep 21 07:25:30.114508: | libevent_malloc: new ptr-libevent@0x557d90aa6910 size 16 Sep 21 07:25:30.114514: | libevent_free: release ptr-libevent@0x557d90aa6520 Sep 21 07:25:30.114518: | libevent initialized Sep 21 07:25:30.114522: | libevent_realloc: new ptr-libevent@0x557d90aa6930 size 64 Sep 21 07:25:30.114527: | global periodic timer EVENT_RESET_LOG_RATE_LIMIT enabled with interval of 3600 seconds Sep 21 07:25:30.114543: | init_nat_traversal() initialized with keep_alive=0s Sep 21 07:25:30.114547: NAT-Traversal support [enabled] Sep 21 07:25:30.114550: | global one-shot timer EVENT_NAT_T_KEEPALIVE initialized Sep 21 07:25:30.114556: | global one-shot timer EVENT_FREE_ROOT_CERTS initialized Sep 21 07:25:30.114564: | global periodic timer EVENT_REINIT_SECRET enabled with interval of 3600 seconds Sep 21 07:25:30.114600: | global one-shot timer EVENT_REVIVE_CONNS initialized Sep 21 07:25:30.114604: | global periodic timer EVENT_PENDING_DDNS enabled with interval of 60 seconds Sep 21 07:25:30.114607: | global periodic timer EVENT_PENDING_PHASE2 enabled with interval of 120 seconds Sep 21 07:25:30.114653: Encryption algorithms: Sep 21 07:25:30.114664: AES_CCM_16 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm, aes_ccm_c Sep 21 07:25:30.114668: AES_CCM_12 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_b Sep 21 07:25:30.114672: AES_CCM_8 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_a Sep 21 07:25:30.114675: 3DES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS [*192] 3des Sep 21 07:25:30.114679: CAMELLIA_CTR IKEv1: ESP IKEv2: ESP {256,192,*128} Sep 21 07:25:30.114689: CAMELLIA_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} camellia Sep 21 07:25:30.114693: AES_GCM_16 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm, aes_gcm_c Sep 21 07:25:30.114697: AES_GCM_12 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_b Sep 21 07:25:30.114700: AES_GCM_8 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_a Sep 21 07:25:30.114703: AES_CTR IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aesctr Sep 21 07:25:30.114707: AES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aes Sep 21 07:25:30.114711: SERPENT_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} serpent Sep 21 07:25:30.114714: TWOFISH_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} twofish Sep 21 07:25:30.114718: TWOFISH_SSH IKEv1: IKE IKEv2: IKE ESP {256,192,*128} twofish_cbc_ssh Sep 21 07:25:30.114722: NULL_AUTH_AES_GMAC IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_gmac Sep 21 07:25:30.114725: NULL IKEv1: ESP IKEv2: ESP [] Sep 21 07:25:30.114728: CHACHA20_POLY1305 IKEv1: IKEv2: IKE ESP [*256] chacha20poly1305 Sep 21 07:25:30.114735: Hash algorithms: Sep 21 07:25:30.114738: MD5 IKEv1: IKE IKEv2: Sep 21 07:25:30.114741: SHA1 IKEv1: IKE IKEv2: FIPS sha Sep 21 07:25:30.114744: SHA2_256 IKEv1: IKE IKEv2: FIPS sha2, sha256 Sep 21 07:25:30.114747: SHA2_384 IKEv1: IKE IKEv2: FIPS sha384 Sep 21 07:25:30.114750: SHA2_512 IKEv1: IKE IKEv2: FIPS sha512 Sep 21 07:25:30.114764: PRF algorithms: Sep 21 07:25:30.114953: HMAC_MD5 IKEv1: IKE IKEv2: IKE md5 Sep 21 07:25:30.114964: HMAC_SHA1 IKEv1: IKE IKEv2: IKE FIPS sha, sha1 Sep 21 07:25:30.114969: HMAC_SHA2_256 IKEv1: IKE IKEv2: IKE FIPS sha2, sha256, sha2_256 Sep 21 07:25:30.114973: HMAC_SHA2_384 IKEv1: IKE IKEv2: IKE FIPS sha384, sha2_384 Sep 21 07:25:30.114976: HMAC_SHA2_512 IKEv1: IKE IKEv2: IKE FIPS sha512, sha2_512 Sep 21 07:25:30.114979: AES_XCBC IKEv1: IKEv2: IKE aes128_xcbc Sep 21 07:25:30.115007: Integrity algorithms: Sep 21 07:25:30.115012: HMAC_MD5_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH md5, hmac_md5 Sep 21 07:25:30.115016: HMAC_SHA1_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha, sha1, sha1_96, hmac_sha1 Sep 21 07:25:30.115020: HMAC_SHA2_512_256 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha512, sha2_512, sha2_512_256, hmac_sha2_512 Sep 21 07:25:30.115025: HMAC_SHA2_384_192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha384, sha2_384, sha2_384_192, hmac_sha2_384 Sep 21 07:25:30.115029: HMAC_SHA2_256_128 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha2, sha256, sha2_256, sha2_256_128, hmac_sha2_256 Sep 21 07:25:30.115032: HMAC_SHA2_256_TRUNCBUG IKEv1: ESP AH IKEv2: AH Sep 21 07:25:30.115036: AES_XCBC_96 IKEv1: ESP AH IKEv2: IKE ESP AH aes_xcbc, aes128_xcbc, aes128_xcbc_96 Sep 21 07:25:30.115039: AES_CMAC_96 IKEv1: ESP AH IKEv2: ESP AH FIPS aes_cmac Sep 21 07:25:30.115042: NONE IKEv1: ESP IKEv2: IKE ESP FIPS null Sep 21 07:25:30.115055: DH algorithms: Sep 21 07:25:30.115059: NONE IKEv1: IKEv2: IKE ESP AH FIPS null, dh0 Sep 21 07:25:30.115061: MODP1536 IKEv1: IKE ESP AH IKEv2: IKE ESP AH dh5 Sep 21 07:25:30.115064: MODP2048 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh14 Sep 21 07:25:30.115072: MODP3072 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh15 Sep 21 07:25:30.115075: MODP4096 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh16 Sep 21 07:25:30.115078: MODP6144 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh17 Sep 21 07:25:30.115080: MODP8192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh18 Sep 21 07:25:30.115083: DH19 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_256, ecp256 Sep 21 07:25:30.115086: DH20 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_384, ecp384 Sep 21 07:25:30.115090: DH21 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_521, ecp521 Sep 21 07:25:30.115092: DH31 IKEv1: IKE IKEv2: IKE ESP AH curve25519 Sep 21 07:25:30.115095: testing CAMELLIA_CBC: Sep 21 07:25:30.115097: Camellia: 16 bytes with 128-bit key Sep 21 07:25:30.115226: Camellia: 16 bytes with 128-bit key Sep 21 07:25:30.115254: Camellia: 16 bytes with 256-bit key Sep 21 07:25:30.115285: Camellia: 16 bytes with 256-bit key Sep 21 07:25:30.115315: testing AES_GCM_16: Sep 21 07:25:30.115319: empty string Sep 21 07:25:30.115349: one block Sep 21 07:25:30.115375: two blocks Sep 21 07:25:30.115402: two blocks with associated data Sep 21 07:25:30.115428: testing AES_CTR: Sep 21 07:25:30.115432: Encrypting 16 octets using AES-CTR with 128-bit key Sep 21 07:25:30.115460: Encrypting 32 octets using AES-CTR with 128-bit key Sep 21 07:25:30.115490: Encrypting 36 octets using AES-CTR with 128-bit key Sep 21 07:25:30.115520: Encrypting 16 octets using AES-CTR with 192-bit key Sep 21 07:25:30.115549: Encrypting 32 octets using AES-CTR with 192-bit key Sep 21 07:25:30.115579: Encrypting 36 octets using AES-CTR with 192-bit key Sep 21 07:25:30.115608: Encrypting 16 octets using AES-CTR with 256-bit key Sep 21 07:25:30.115636: Encrypting 32 octets using AES-CTR with 256-bit key Sep 21 07:25:30.115664: Encrypting 36 octets using AES-CTR with 256-bit key Sep 21 07:25:30.115693: testing AES_CBC: Sep 21 07:25:30.115696: Encrypting 16 bytes (1 block) using AES-CBC with 128-bit key Sep 21 07:25:30.115726: Encrypting 32 bytes (2 blocks) using AES-CBC with 128-bit key Sep 21 07:25:30.115758: Encrypting 48 bytes (3 blocks) using AES-CBC with 128-bit key Sep 21 07:25:30.115795: Encrypting 64 bytes (4 blocks) using AES-CBC with 128-bit key Sep 21 07:25:30.115835: testing AES_XCBC: Sep 21 07:25:30.115839: RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input Sep 21 07:25:30.115968: RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input Sep 21 07:25:30.116110: RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input Sep 21 07:25:30.116241: RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input Sep 21 07:25:30.116376: RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input Sep 21 07:25:30.116513: RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input Sep 21 07:25:30.116649: RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input Sep 21 07:25:30.116952: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16) Sep 21 07:25:30.117090: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10) Sep 21 07:25:30.117236: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18) Sep 21 07:25:30.117483: testing HMAC_MD5: Sep 21 07:25:30.117489: RFC 2104: MD5_HMAC test 1 Sep 21 07:25:30.117676: RFC 2104: MD5_HMAC test 2 Sep 21 07:25:30.117845: RFC 2104: MD5_HMAC test 3 Sep 21 07:25:30.118038: 8 CPU cores online Sep 21 07:25:30.118043: starting up 7 crypto helpers Sep 21 07:25:30.118087: started thread for crypto helper 0 Sep 21 07:25:30.118093: | starting up helper thread 0 Sep 21 07:25:30.118109: | status value returned by setting the priority of this thread (crypto helper 0) 22 Sep 21 07:25:30.118113: | crypto helper 0 waiting (nothing to do) Sep 21 07:25:30.118113: started thread for crypto helper 1 Sep 21 07:25:30.118125: | starting up helper thread 1 Sep 21 07:25:30.118131: | status value returned by setting the priority of this thread (crypto helper 1) 22 Sep 21 07:25:30.118134: | crypto helper 1 waiting (nothing to do) Sep 21 07:25:30.118144: started thread for crypto helper 2 Sep 21 07:25:30.118163: started thread for crypto helper 3 Sep 21 07:25:30.118183: started thread for crypto helper 4 Sep 21 07:25:30.118201: started thread for crypto helper 5 Sep 21 07:25:30.118205: | starting up helper thread 5 Sep 21 07:25:30.118213: | status value returned by setting the priority of this thread (crypto helper 5) 22 Sep 21 07:25:30.118215: | crypto helper 5 waiting (nothing to do) Sep 21 07:25:30.118223: started thread for crypto helper 6 Sep 21 07:25:30.118225: | starting up helper thread 6 Sep 21 07:25:30.118227: | checking IKEv1 state table Sep 21 07:25:30.118245: | starting up helper thread 3 Sep 21 07:25:30.118253: | MAIN_R0: category: half-open IKE SA flags: 0: Sep 21 07:25:30.118242: | status value returned by setting the priority of this thread (crypto helper 6) 22 Sep 21 07:25:30.118240: | starting up helper thread 2 Sep 21 07:25:30.118257: | status value returned by setting the priority of this thread (crypto helper 3) 22 Sep 21 07:25:30.118258: | -> MAIN_R1 EVENT_SO_DISCARD Sep 21 07:25:30.118262: | crypto helper 6 waiting (nothing to do) Sep 21 07:25:30.118272: | MAIN_I1: category: half-open IKE SA flags: 0: Sep 21 07:25:30.118279: | crypto helper 3 waiting (nothing to do) Sep 21 07:25:30.118279: | -> MAIN_I2 EVENT_RETRANSMIT Sep 21 07:25:30.118293: | MAIN_R1: category: open IKE SA flags: 200: Sep 21 07:25:30.118296: | -> MAIN_R2 EVENT_RETRANSMIT Sep 21 07:25:30.118299: | -> UNDEFINED EVENT_RETRANSMIT Sep 21 07:25:30.118301: | -> UNDEFINED EVENT_RETRANSMIT Sep 21 07:25:30.118304: | MAIN_I2: category: open IKE SA flags: 0: Sep 21 07:25:30.118306: | -> MAIN_I3 EVENT_RETRANSMIT Sep 21 07:25:30.118309: | -> UNDEFINED EVENT_RETRANSMIT Sep 21 07:25:30.118311: | -> UNDEFINED EVENT_RETRANSMIT Sep 21 07:25:30.118313: | MAIN_R2: category: open IKE SA flags: 0: Sep 21 07:25:30.118316: | -> MAIN_R3 EVENT_SA_REPLACE Sep 21 07:25:30.118318: | -> MAIN_R3 EVENT_SA_REPLACE Sep 21 07:25:30.118320: | -> UNDEFINED EVENT_SA_REPLACE Sep 21 07:25:30.118323: | MAIN_I3: category: open IKE SA flags: 0: Sep 21 07:25:30.118325: | -> MAIN_I4 EVENT_SA_REPLACE Sep 21 07:25:30.118327: | -> MAIN_I4 EVENT_SA_REPLACE Sep 21 07:25:30.118330: | -> UNDEFINED EVENT_SA_REPLACE Sep 21 07:25:30.118333: | MAIN_R3: category: established IKE SA flags: 200: Sep 21 07:25:30.118335: | -> UNDEFINED EVENT_NULL Sep 21 07:25:30.118338: | MAIN_I4: category: established IKE SA flags: 0: Sep 21 07:25:30.118340: | -> UNDEFINED EVENT_NULL Sep 21 07:25:30.118342: | AGGR_R0: category: half-open IKE SA flags: 0: Sep 21 07:25:30.118345: | -> AGGR_R1 EVENT_SO_DISCARD Sep 21 07:25:30.118347: | AGGR_I1: category: half-open IKE SA flags: 0: Sep 21 07:25:30.118349: | -> AGGR_I2 EVENT_SA_REPLACE Sep 21 07:25:30.118351: | -> AGGR_I2 EVENT_SA_REPLACE Sep 21 07:25:30.118354: | AGGR_R1: category: open IKE SA flags: 200: Sep 21 07:25:30.118356: | -> AGGR_R2 EVENT_SA_REPLACE Sep 21 07:25:30.118358: | -> AGGR_R2 EVENT_SA_REPLACE Sep 21 07:25:30.118361: | AGGR_I2: category: established IKE SA flags: 200: Sep 21 07:25:30.118363: | -> UNDEFINED EVENT_NULL Sep 21 07:25:30.118366: | AGGR_R2: category: established IKE SA flags: 0: Sep 21 07:25:30.118368: | -> UNDEFINED EVENT_NULL Sep 21 07:25:30.118370: | QUICK_R0: category: established CHILD SA flags: 0: Sep 21 07:25:30.118372: | -> QUICK_R1 EVENT_RETRANSMIT Sep 21 07:25:30.118375: | QUICK_I1: category: established CHILD SA flags: 0: Sep 21 07:25:30.118377: | -> QUICK_I2 EVENT_SA_REPLACE Sep 21 07:25:30.118379: | QUICK_R1: category: established CHILD SA flags: 0: Sep 21 07:25:30.118381: | -> QUICK_R2 EVENT_SA_REPLACE Sep 21 07:25:30.118384: | QUICK_I2: category: established CHILD SA flags: 200: Sep 21 07:25:30.118389: | -> UNDEFINED EVENT_NULL Sep 21 07:25:30.118392: | QUICK_R2: category: established CHILD SA flags: 0: Sep 21 07:25:30.118394: | -> UNDEFINED EVENT_NULL Sep 21 07:25:30.118396: | INFO: category: informational flags: 0: Sep 21 07:25:30.118399: | -> UNDEFINED EVENT_NULL Sep 21 07:25:30.118401: | INFO_PROTECTED: category: informational flags: 0: Sep 21 07:25:30.118403: | -> UNDEFINED EVENT_NULL Sep 21 07:25:30.118406: | XAUTH_R0: category: established IKE SA flags: 0: Sep 21 07:25:30.118408: | -> XAUTH_R1 EVENT_NULL Sep 21 07:25:30.118410: | XAUTH_R1: category: established IKE SA flags: 0: Sep 21 07:25:30.118412: | -> MAIN_R3 EVENT_SA_REPLACE Sep 21 07:25:30.118415: | MODE_CFG_R0: category: informational flags: 0: Sep 21 07:25:30.118417: | -> MODE_CFG_R1 EVENT_SA_REPLACE Sep 21 07:25:30.118419: | MODE_CFG_R1: category: established IKE SA flags: 0: Sep 21 07:25:30.118422: | -> MODE_CFG_R2 EVENT_SA_REPLACE Sep 21 07:25:30.118424: | MODE_CFG_R2: category: established IKE SA flags: 0: Sep 21 07:25:30.118426: | -> UNDEFINED EVENT_NULL Sep 21 07:25:30.118428: | MODE_CFG_I1: category: established IKE SA flags: 0: Sep 21 07:25:30.118430: | -> MAIN_I4 EVENT_SA_REPLACE Sep 21 07:25:30.118433: | XAUTH_I0: category: established IKE SA flags: 0: Sep 21 07:25:30.118435: | -> XAUTH_I1 EVENT_RETRANSMIT Sep 21 07:25:30.118437: | XAUTH_I1: category: established IKE SA flags: 0: Sep 21 07:25:30.118439: | -> MAIN_I4 EVENT_RETRANSMIT Sep 21 07:25:30.118446: | checking IKEv2 state table Sep 21 07:25:30.118452: | PARENT_I0: category: ignore flags: 0: Sep 21 07:25:30.118455: | -> PARENT_I1 EVENT_RETRANSMIT send-request (initiate IKE_SA_INIT) Sep 21 07:25:30.118458: | PARENT_I1: category: half-open IKE SA flags: 0: Sep 21 07:25:30.118460: | -> PARENT_I1 EVENT_RETAIN send-request (Initiator: process SA_INIT reply notification) Sep 21 07:25:30.118463: | -> PARENT_I2 EVENT_RETRANSMIT send-request (Initiator: process IKE_SA_INIT reply, initiate IKE_AUTH) Sep 21 07:25:30.118465: | PARENT_I2: category: open IKE SA flags: 0: Sep 21 07:25:30.118468: | -> PARENT_I2 EVENT_NULL (Initiator: process INVALID_SYNTAX AUTH notification) Sep 21 07:25:30.118470: | -> PARENT_I2 EVENT_NULL (Initiator: process AUTHENTICATION_FAILED AUTH notification) Sep 21 07:25:30.118472: | -> PARENT_I2 EVENT_NULL (Initiator: process UNSUPPORTED_CRITICAL_PAYLOAD AUTH notification) Sep 21 07:25:30.118475: | -> V2_IPSEC_I EVENT_SA_REPLACE (Initiator: process IKE_AUTH response) Sep 21 07:25:30.118477: | -> PARENT_I2 EVENT_NULL (IKE SA: process IKE_AUTH response containing unknown notification) Sep 21 07:25:30.118480: | PARENT_I3: category: established IKE SA flags: 0: Sep 21 07:25:30.118482: | -> PARENT_I3 EVENT_RETAIN (I3: Informational Request) Sep 21 07:25:30.118485: | -> PARENT_I3 EVENT_RETAIN (I3: Informational Response) Sep 21 07:25:30.118487: | -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Request) Sep 21 07:25:30.118489: | -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Response) Sep 21 07:25:30.118492: | PARENT_R0: category: half-open IKE SA flags: 0: Sep 21 07:25:30.118494: | -> PARENT_R1 EVENT_SO_DISCARD send-request (Respond to IKE_SA_INIT) Sep 21 07:25:30.118497: | PARENT_R1: category: half-open IKE SA flags: 0: Sep 21 07:25:30.118499: | -> PARENT_R1 EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request (no SKEYSEED)) Sep 21 07:25:30.118501: | -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request) Sep 21 07:25:30.118504: | PARENT_R2: category: established IKE SA flags: 0: Sep 21 07:25:30.118506: | -> PARENT_R2 EVENT_RETAIN (R2: process Informational Request) Sep 21 07:25:30.118508: | -> PARENT_R2 EVENT_RETAIN (R2: process Informational Response) Sep 21 07:25:30.118510: | -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Request) Sep 21 07:25:30.118512: | -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Response) Sep 21 07:25:30.118515: | V2_CREATE_I0: category: established IKE SA flags: 0: Sep 21 07:25:30.118519: | -> V2_CREATE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec SA) Sep 21 07:25:30.118522: | V2_CREATE_I: category: established IKE SA flags: 0: Sep 21 07:25:30.118524: | -> V2_IPSEC_I EVENT_SA_REPLACE (Process CREATE_CHILD_SA IPsec SA Response) Sep 21 07:25:30.118527: | V2_REKEY_IKE_I0: category: established IKE SA flags: 0: Sep 21 07:25:30.118529: | -> V2_REKEY_IKE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IKE Rekey) Sep 21 07:25:30.118531: | V2_REKEY_IKE_I: category: established IKE SA flags: 0: Sep 21 07:25:30.118534: | -> PARENT_I3 EVENT_SA_REPLACE (Process CREATE_CHILD_SA IKE Rekey Response) Sep 21 07:25:30.118536: | V2_REKEY_CHILD_I0: category: established IKE SA flags: 0: Sep 21 07:25:30.118538: | -> V2_REKEY_CHILD_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec Rekey SA) Sep 21 07:25:30.118541: | V2_REKEY_CHILD_I: category: established IKE SA flags: 0: Sep 21 07:25:30.118543: | V2_CREATE_R: category: established IKE SA flags: 0: Sep 21 07:25:30.118546: | -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IPsec SA Request) Sep 21 07:25:30.118548: | V2_REKEY_IKE_R: category: established IKE SA flags: 0: Sep 21 07:25:30.118550: | -> PARENT_R2 EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IKE Rekey) Sep 21 07:25:30.118553: | V2_REKEY_CHILD_R: category: established IKE SA flags: 0: Sep 21 07:25:30.118555: | V2_IPSEC_I: category: established CHILD SA flags: 0: Sep 21 07:25:30.118558: | V2_IPSEC_R: category: established CHILD SA flags: 0: Sep 21 07:25:30.118560: | IKESA_DEL: category: established IKE SA flags: 0: Sep 21 07:25:30.118563: | -> IKESA_DEL EVENT_RETAIN (IKE_SA_DEL: process INFORMATIONAL) Sep 21 07:25:30.118566: | CHILDSA_DEL: category: informational flags: 0: Sep 21 07:25:30.118641: Using Linux XFRM/NETKEY IPsec interface code on 5.2.11+ Sep 21 07:25:30.118712: | Hard-wiring algorithms Sep 21 07:25:30.118716: | adding AES_CCM_16 to kernel algorithm db Sep 21 07:25:30.118719: | adding AES_CCM_12 to kernel algorithm db Sep 21 07:25:30.118722: | adding AES_CCM_8 to kernel algorithm db Sep 21 07:25:30.118724: | adding 3DES_CBC to kernel algorithm db Sep 21 07:25:30.118726: | adding CAMELLIA_CBC to kernel algorithm db Sep 21 07:25:30.118729: | adding AES_GCM_16 to kernel algorithm db Sep 21 07:25:30.118731: | adding AES_GCM_12 to kernel algorithm db Sep 21 07:25:30.118733: | adding AES_GCM_8 to kernel algorithm db Sep 21 07:25:30.118735: | adding AES_CTR to kernel algorithm db Sep 21 07:25:30.118737: | adding AES_CBC to kernel algorithm db Sep 21 07:25:30.118739: | adding SERPENT_CBC to kernel algorithm db Sep 21 07:25:30.118741: | adding TWOFISH_CBC to kernel algorithm db Sep 21 07:25:30.118743: | adding NULL_AUTH_AES_GMAC to kernel algorithm db Sep 21 07:25:30.118746: | adding NULL to kernel algorithm db Sep 21 07:25:30.118748: | adding CHACHA20_POLY1305 to kernel algorithm db Sep 21 07:25:30.118750: | adding HMAC_MD5_96 to kernel algorithm db Sep 21 07:25:30.118752: | adding HMAC_SHA1_96 to kernel algorithm db Sep 21 07:25:30.118754: | adding HMAC_SHA2_512_256 to kernel algorithm db Sep 21 07:25:30.118756: | adding HMAC_SHA2_384_192 to kernel algorithm db Sep 21 07:25:30.118759: | adding HMAC_SHA2_256_128 to kernel algorithm db Sep 21 07:25:30.118761: | adding HMAC_SHA2_256_TRUNCBUG to kernel algorithm db Sep 21 07:25:30.118763: | adding AES_XCBC_96 to kernel algorithm db Sep 21 07:25:30.118766: | adding AES_CMAC_96 to kernel algorithm db Sep 21 07:25:30.118768: | adding NONE to kernel algorithm db Sep 21 07:25:30.118800: | net.ipv6.conf.all.disable_ipv6=1 ignore ipv6 holes Sep 21 07:25:30.118812: | global periodic timer EVENT_SHUNT_SCAN enabled with interval of 20 seconds Sep 21 07:25:30.118814: | setup kernel fd callback Sep 21 07:25:30.118817: | add_fd_read_event_handler: new KERNEL_XRM_FD-pe@0x557d90aabfd0 Sep 21 07:25:30.118821: | libevent_malloc: new ptr-libevent@0x557d90ab80f0 size 128 Sep 21 07:25:30.118827: | libevent_malloc: new ptr-libevent@0x557d90aab2b0 size 16 Sep 21 07:25:30.118829: | status value returned by setting the priority of this thread (crypto helper 2) 22 Sep 21 07:25:30.118834: | add_fd_read_event_handler: new KERNEL_ROUTE_FD-pe@0x557d90aabf90 Sep 21 07:25:30.118845: | crypto helper 2 waiting (nothing to do) Sep 21 07:25:30.118856: | starting up helper thread 4 Sep 21 07:25:30.118853: | libevent_malloc: new ptr-libevent@0x557d90ab8180 size 128 Sep 21 07:25:30.118868: | status value returned by setting the priority of this thread (crypto helper 4) 22 Sep 21 07:25:30.118876: | libevent_malloc: new ptr-libevent@0x557d90aab2d0 size 16 Sep 21 07:25:30.118882: | crypto helper 4 waiting (nothing to do) Sep 21 07:25:30.119129: | global one-shot timer EVENT_CHECK_CRLS initialized Sep 21 07:25:30.119140: selinux support is enabled. Sep 21 07:25:30.119235: systemd watchdog not enabled - not sending watchdog keepalives Sep 21 07:25:30.119410: | unbound context created - setting debug level to 5 Sep 21 07:25:30.119442: | /etc/hosts lookups activated Sep 21 07:25:30.119460: | /etc/resolv.conf usage activated Sep 21 07:25:30.119522: | outgoing-port-avoid set 0-65535 Sep 21 07:25:30.119553: | outgoing-port-permit set 32768-60999 Sep 21 07:25:30.119556: | Loading dnssec root key from:/var/lib/unbound/root.key Sep 21 07:25:30.119559: | No additional dnssec trust anchors defined via dnssec-trusted= option Sep 21 07:25:30.119562: | Setting up events, loop start Sep 21 07:25:30.119565: | add_fd_read_event_handler: new PLUTO_CTL_FD-pe@0x557d90aa6520 Sep 21 07:25:30.119568: | libevent_malloc: new ptr-libevent@0x557d90ac26f0 size 128 Sep 21 07:25:30.119572: | libevent_malloc: new ptr-libevent@0x557d90ac2780 size 16 Sep 21 07:25:30.119580: | libevent_realloc: new ptr-libevent@0x557d90a265b0 size 256 Sep 21 07:25:30.119582: | libevent_malloc: new ptr-libevent@0x557d90ac27a0 size 8 Sep 21 07:25:30.119585: | libevent_realloc: new ptr-libevent@0x557d90ab74f0 size 144 Sep 21 07:25:30.119588: | libevent_malloc: new ptr-libevent@0x557d90ac27c0 size 152 Sep 21 07:25:30.119592: | libevent_malloc: new ptr-libevent@0x557d90ac2860 size 16 Sep 21 07:25:30.119596: | signal event handler PLUTO_SIGCHLD installed Sep 21 07:25:30.119599: | libevent_malloc: new ptr-libevent@0x557d90ac2880 size 8 Sep 21 07:25:30.119602: | libevent_malloc: new ptr-libevent@0x557d90ac28a0 size 152 Sep 21 07:25:30.119604: | signal event handler PLUTO_SIGTERM installed Sep 21 07:25:30.119607: | libevent_malloc: new ptr-libevent@0x557d90ac2940 size 8 Sep 21 07:25:30.119610: | libevent_malloc: new ptr-libevent@0x557d90ac2960 size 152 Sep 21 07:25:30.119612: | signal event handler PLUTO_SIGHUP installed Sep 21 07:25:30.119615: | libevent_malloc: new ptr-libevent@0x557d90ac2a00 size 8 Sep 21 07:25:30.119618: | libevent_realloc: release ptr-libevent@0x557d90ab74f0 Sep 21 07:25:30.119621: | libevent_realloc: new ptr-libevent@0x557d90ac2a20 size 256 Sep 21 07:25:30.119623: | libevent_malloc: new ptr-libevent@0x557d90ab74f0 size 152 Sep 21 07:25:30.119626: | signal event handler PLUTO_SIGSYS installed Sep 21 07:25:30.119965: | created addconn helper (pid:8752) using fork+execve Sep 21 07:25:30.119984: | forked child 8752 Sep 21 07:25:30.120025: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) Sep 21 07:25:30.120041: | pluto_sd: executing action action: reloading(4), status 0 Sep 21 07:25:30.120048: listening for IKE messages Sep 21 07:25:30.120092: | Inspecting interface lo Sep 21 07:25:30.120099: | found lo with address 127.0.0.1 Sep 21 07:25:30.120102: | Inspecting interface eth0 Sep 21 07:25:30.120106: | found eth0 with address 192.0.2.254 Sep 21 07:25:30.120108: | Inspecting interface eth0 Sep 21 07:25:30.120112: | found eth0 with address 192.0.22.251 Sep 21 07:25:30.120114: | Inspecting interface eth0 Sep 21 07:25:30.120118: | found eth0 with address 192.0.22.254 Sep 21 07:25:30.120120: | Inspecting interface eth0 Sep 21 07:25:30.120124: | found eth0 with address 192.0.2.251 Sep 21 07:25:30.120131: | Inspecting interface eth1 Sep 21 07:25:30.120135: | found eth1 with address 192.1.2.23 Sep 21 07:25:30.120188: Kernel supports NIC esp-hw-offload Sep 21 07:25:30.120200: adding interface eth1/eth1 (esp-hw-offload not supported by kernel) 192.1.2.23:500 Sep 21 07:25:30.120224: | NAT-Traversal: Trying sockopt style NAT-T Sep 21 07:25:30.120229: | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 Sep 21 07:25:30.120233: adding interface eth1/eth1 192.1.2.23:4500 Sep 21 07:25:30.120259: adding interface eth0/eth0 (esp-hw-offload not supported by kernel) 192.0.2.251:500 Sep 21 07:25:30.120285: | NAT-Traversal: Trying sockopt style NAT-T Sep 21 07:25:30.120290: | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 Sep 21 07:25:30.120294: adding interface eth0/eth0 192.0.2.251:4500 Sep 21 07:25:30.120320: adding interface eth0/eth0 (esp-hw-offload not supported by kernel) 192.0.22.254:500 Sep 21 07:25:30.120343: | NAT-Traversal: Trying sockopt style NAT-T Sep 21 07:25:30.120347: | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 Sep 21 07:25:30.120350: adding interface eth0/eth0 192.0.22.254:4500 Sep 21 07:25:30.120372: adding interface eth0/eth0 (esp-hw-offload not supported by kernel) 192.0.22.251:500 Sep 21 07:25:30.120391: | NAT-Traversal: Trying sockopt style NAT-T Sep 21 07:25:30.120395: | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 Sep 21 07:25:30.120398: adding interface eth0/eth0 192.0.22.251:4500 Sep 21 07:25:30.120419: adding interface eth0/eth0 (esp-hw-offload not supported by kernel) 192.0.2.254:500 Sep 21 07:25:30.120438: | NAT-Traversal: Trying sockopt style NAT-T Sep 21 07:25:30.120442: | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 Sep 21 07:25:30.120445: adding interface eth0/eth0 192.0.2.254:4500 Sep 21 07:25:30.120468: adding interface lo/lo (esp-hw-offload not supported by kernel) 127.0.0.1:500 Sep 21 07:25:30.120487: | NAT-Traversal: Trying sockopt style NAT-T Sep 21 07:25:30.120491: | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 Sep 21 07:25:30.120494: adding interface lo/lo 127.0.0.1:4500 Sep 21 07:25:30.120584: | no interfaces to sort Sep 21 07:25:30.120589: | FOR_EACH_UNORIENTED_CONNECTION_... in check_orientations Sep 21 07:25:30.120602: | add_fd_read_event_handler: new ethX-pe@0x557d90ac3130 Sep 21 07:25:30.120606: | libevent_malloc: new ptr-libevent@0x557d90ac3170 size 128 Sep 21 07:25:30.120610: | libevent_malloc: new ptr-libevent@0x557d90ac3200 size 16 Sep 21 07:25:30.120618: | setup callback for interface lo 127.0.0.1:4500 fd 28 Sep 21 07:25:30.120622: | add_fd_read_event_handler: new ethX-pe@0x557d90ac3220 Sep 21 07:25:30.120624: | libevent_malloc: new ptr-libevent@0x557d90ac3260 size 128 Sep 21 07:25:30.120627: | libevent_malloc: new ptr-libevent@0x557d90ac32f0 size 16 Sep 21 07:25:30.120632: | setup callback for interface lo 127.0.0.1:500 fd 27 Sep 21 07:25:30.120635: | add_fd_read_event_handler: new ethX-pe@0x557d90ac3310 Sep 21 07:25:30.120637: | libevent_malloc: new ptr-libevent@0x557d90ac3350 size 128 Sep 21 07:25:30.120640: | libevent_malloc: new ptr-libevent@0x557d90ac33e0 size 16 Sep 21 07:25:30.120645: | setup callback for interface eth0 192.0.2.254:4500 fd 26 Sep 21 07:25:30.120648: | add_fd_read_event_handler: new ethX-pe@0x557d90ac3400 Sep 21 07:25:30.120650: | libevent_malloc: new ptr-libevent@0x557d90ac3440 size 128 Sep 21 07:25:30.120653: | libevent_malloc: new ptr-libevent@0x557d90ac34d0 size 16 Sep 21 07:25:30.120657: | setup callback for interface eth0 192.0.2.254:500 fd 25 Sep 21 07:25:30.120660: | add_fd_read_event_handler: new ethX-pe@0x557d90ac34f0 Sep 21 07:25:30.120663: | libevent_malloc: new ptr-libevent@0x557d90ac3bb0 size 128 Sep 21 07:25:30.120666: | libevent_malloc: new ptr-libevent@0x557d90ac3c40 size 16 Sep 21 07:25:30.120671: | setup callback for interface eth0 192.0.22.251:4500 fd 24 Sep 21 07:25:30.120674: | add_fd_read_event_handler: new ethX-pe@0x557d90ac3c60 Sep 21 07:25:30.120681: | libevent_malloc: new ptr-libevent@0x557d90ac3ca0 size 128 Sep 21 07:25:30.120684: | libevent_malloc: new ptr-libevent@0x557d90ac3d30 size 16 Sep 21 07:25:30.120689: | setup callback for interface eth0 192.0.22.251:500 fd 23 Sep 21 07:25:30.120692: | add_fd_read_event_handler: new ethX-pe@0x557d90ac3d50 Sep 21 07:25:30.120694: | libevent_malloc: new ptr-libevent@0x557d90ac3d90 size 128 Sep 21 07:25:30.120697: | libevent_malloc: new ptr-libevent@0x557d90ac3e20 size 16 Sep 21 07:25:30.120702: | setup callback for interface eth0 192.0.22.254:4500 fd 22 Sep 21 07:25:30.120705: | add_fd_read_event_handler: new ethX-pe@0x557d90ac3e40 Sep 21 07:25:30.120707: | libevent_malloc: new ptr-libevent@0x557d90ac3e80 size 128 Sep 21 07:25:30.120710: | libevent_malloc: new ptr-libevent@0x557d90ac3f10 size 16 Sep 21 07:25:30.120715: | setup callback for interface eth0 192.0.22.254:500 fd 21 Sep 21 07:25:30.120717: | add_fd_read_event_handler: new ethX-pe@0x557d90ac3f30 Sep 21 07:25:30.120720: | libevent_malloc: new ptr-libevent@0x557d90ac3f70 size 128 Sep 21 07:25:30.120725: | libevent_malloc: new ptr-libevent@0x557d90ac4000 size 16 Sep 21 07:25:30.120730: | setup callback for interface eth0 192.0.2.251:4500 fd 20 Sep 21 07:25:30.120733: | add_fd_read_event_handler: new ethX-pe@0x557d90ac4020 Sep 21 07:25:30.120735: | libevent_malloc: new ptr-libevent@0x557d90ac4060 size 128 Sep 21 07:25:30.120738: | libevent_malloc: new ptr-libevent@0x557d90ac40f0 size 16 Sep 21 07:25:30.120743: | setup callback for interface eth0 192.0.2.251:500 fd 19 Sep 21 07:25:30.120746: | add_fd_read_event_handler: new ethX-pe@0x557d90ac4110 Sep 21 07:25:30.120748: | libevent_malloc: new ptr-libevent@0x557d90ac4150 size 128 Sep 21 07:25:30.120751: | libevent_malloc: new ptr-libevent@0x557d90ac41e0 size 16 Sep 21 07:25:30.120756: | setup callback for interface eth1 192.1.2.23:4500 fd 18 Sep 21 07:25:30.120758: | add_fd_read_event_handler: new ethX-pe@0x557d90ac4200 Sep 21 07:25:30.120761: | libevent_malloc: new ptr-libevent@0x557d90ac4240 size 128 Sep 21 07:25:30.120764: | libevent_malloc: new ptr-libevent@0x557d90ac42d0 size 16 Sep 21 07:25:30.120769: | setup callback for interface eth1 192.1.2.23:500 fd 17 Sep 21 07:25:30.120774: | certs and keys locked by 'free_preshared_secrets' Sep 21 07:25:30.120777: | certs and keys unlocked by 'free_preshared_secrets' Sep 21 07:25:30.120804: loading secrets from "/etc/ipsec.secrets" Sep 21 07:25:30.120825: | saving Modulus Sep 21 07:25:30.120829: | saving PublicExponent Sep 21 07:25:30.120833: | ignoring PrivateExponent Sep 21 07:25:30.120836: | ignoring Prime1 Sep 21 07:25:30.120839: | ignoring Prime2 Sep 21 07:25:30.120842: | ignoring Exponent1 Sep 21 07:25:30.120846: | ignoring Exponent2 Sep 21 07:25:30.120849: | ignoring Coefficient Sep 21 07:25:30.120852: | ignoring CKAIDNSS Sep 21 07:25:30.120894: | computed rsa CKAID 61 55 99 73 d3 ac ef 7d 3a 37 0e 3e 82 ad 92 c1 Sep 21 07:25:30.120898: | computed rsa CKAID 8a 82 25 f1 Sep 21 07:25:30.120903: loaded private key for keyid: PKK_RSA:AQO9bJbr3 Sep 21 07:25:30.120909: | certs and keys locked by 'process_secret' Sep 21 07:25:30.120912: | certs and keys unlocked by 'process_secret' Sep 21 07:25:30.120918: | pluto_sd: executing action action: ready(5), status 0 Sep 21 07:25:30.120927: | close_any(fd@16) (in whack_process() at rcv_whack.c:700) Sep 21 07:25:30.120935: | spent 0.915 milliseconds in whack Sep 21 07:25:30.157100: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) Sep 21 07:25:30.157126: | FOR_EACH_CONNECTION_... in conn_by_name Sep 21 07:25:30.157130: | FOR_EACH_CONNECTION_... in foreach_connection_by_alias Sep 21 07:25:30.157132: | FOR_EACH_CONNECTION_... in conn_by_name Sep 21 07:25:30.157134: | FOR_EACH_CONNECTION_... in foreach_connection_by_alias Sep 21 07:25:30.157138: | FOR_EACH_CONNECTION_... in conn_by_name Sep 21 07:25:30.157146: | Added new connection north-eastnets/0x1 with policy ENCRYPT+TUNNEL+PFS+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO Sep 21 07:25:30.157155: | No AUTH policy was set - defaulting to RSASIG Sep 21 07:25:30.157179: | ike (phase1) algorithm values: AES_CBC_256-HMAC_SHA2_256-MODP2048 Sep 21 07:25:30.157182: | from whack: got --esp=aes128-sha2_512;modp3072 Sep 21 07:25:30.157196: | ESP/AH string values: AES_CBC_128-HMAC_SHA2_512_256-MODP3072 Sep 21 07:25:30.157201: | counting wild cards for @north is 0 Sep 21 07:25:30.157204: | counting wild cards for @east is 0 Sep 21 07:25:30.157213: | connect_to_host_pair: 192.1.2.23:500 192.1.3.33:500 -> hp@(nil): none Sep 21 07:25:30.157217: | new hp@0x557d90a8f740 Sep 21 07:25:30.157221: added connection description "north-eastnets/0x1" Sep 21 07:25:30.157232: | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: RSASIG+ENCRYPT+TUNNEL+PFS+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO Sep 21 07:25:30.157242: | 192.0.2.0/24===192.1.2.23<192.1.2.23>[@east]...192.1.3.33<192.1.3.33>[@north]===192.0.3.0/24 Sep 21 07:25:30.157249: | close_any(fd@16) (in whack_process() at rcv_whack.c:700) Sep 21 07:25:30.157255: | spent 0.164 milliseconds in whack Sep 21 07:25:30.157309: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) Sep 21 07:25:30.157322: add keyid @north Sep 21 07:25:30.157326: | add pubkey 01 03 e5 df 73 b6 3e d5 36 a8 f1 3d 0d d3 02 ab Sep 21 07:25:30.157328: | add pubkey 7f ec 4c 9e 8b 0e 0e d2 cf 0f 59 bf 6d 88 21 86 Sep 21 07:25:30.157330: | add pubkey 93 9e 10 34 af 2d cf b3 7e eb e5 b2 24 b2 a5 b0 Sep 21 07:25:30.157332: | add pubkey 01 03 7d b5 96 ad 66 ee 48 c2 28 d9 9a 76 36 a9 Sep 21 07:25:30.157334: | add pubkey 10 84 b5 09 8f 17 4f 65 ce d8 2f 8e 78 80 8a 87 Sep 21 07:25:30.157337: | add pubkey f4 6b 98 d9 91 94 6b 52 15 5b 9c 47 12 be d8 6f Sep 21 07:25:30.157339: | add pubkey 25 b4 65 38 7e e4 8d c7 f0 58 d3 9f 69 14 cc 3e Sep 21 07:25:30.157341: | add pubkey c8 16 1f af bb 5d 93 2b 33 39 0e 94 55 81 f4 b3 Sep 21 07:25:30.157343: | add pubkey cc 92 58 6e 4a 5a 4e c3 76 ab 04 2e 11 08 06 55 Sep 21 07:25:30.157345: | add pubkey 13 0f 02 6c dd d1 bc c0 b8 8d 65 f5 97 ed fc 18 Sep 21 07:25:30.157347: | add pubkey 39 f9 55 ab fa 0d c5 49 99 7f 1b cf c3 de 99 7d Sep 21 07:25:30.157350: | add pubkey 9e ca 6f 9e 14 d6 5a ff de d6 4f 57 6a 83 ab 51 Sep 21 07:25:30.157352: | add pubkey ba 64 74 e0 22 e9 9a c5 10 71 bb d4 eb a4 99 28 Sep 21 07:25:30.157355: | add pubkey 9c 85 0e 31 ea cc ab ef 98 84 3f 59 c1 75 aa b3 Sep 21 07:25:30.157357: | add pubkey 61 eb 61 8c 58 a5 92 25 84 ad c7 79 f3 87 d0 c7 Sep 21 07:25:30.157359: | add pubkey 83 c2 d6 8a fe 26 9d 2a ff b1 dd 9b 89 21 7c ca Sep 21 07:25:30.157361: | add pubkey f5 38 2d 3f 64 0c 41 9c 34 e9 b2 55 0f 82 1a b3 Sep 21 07:25:30.157363: | add pubkey c7 5e a5 99 Sep 21 07:25:30.157385: | computed rsa CKAID 90 5d fc a1 08 68 74 7c 6f 20 d3 1b 2d 20 4b 8f Sep 21 07:25:30.157388: | computed rsa CKAID 88 aa 7c 5d Sep 21 07:25:30.157394: | keyid: *AQPl33O2P Sep 21 07:25:30.157397: | n e5 df 73 b6 3e d5 36 a8 f1 3d 0d d3 02 ab 7f ec Sep 21 07:25:30.157399: | n 4c 9e 8b 0e 0e d2 cf 0f 59 bf 6d 88 21 86 93 9e Sep 21 07:25:30.157401: | n 10 34 af 2d cf b3 7e eb e5 b2 24 b2 a5 b0 01 03 Sep 21 07:25:30.157403: | n 7d b5 96 ad 66 ee 48 c2 28 d9 9a 76 36 a9 10 84 Sep 21 07:25:30.157405: | n b5 09 8f 17 4f 65 ce d8 2f 8e 78 80 8a 87 f4 6b Sep 21 07:25:30.157407: | n 98 d9 91 94 6b 52 15 5b 9c 47 12 be d8 6f 25 b4 Sep 21 07:25:30.157410: | n 65 38 7e e4 8d c7 f0 58 d3 9f 69 14 cc 3e c8 16 Sep 21 07:25:30.157412: | n 1f af bb 5d 93 2b 33 39 0e 94 55 81 f4 b3 cc 92 Sep 21 07:25:30.157414: | n 58 6e 4a 5a 4e c3 76 ab 04 2e 11 08 06 55 13 0f Sep 21 07:25:30.157416: | n 02 6c dd d1 bc c0 b8 8d 65 f5 97 ed fc 18 39 f9 Sep 21 07:25:30.157418: | n 55 ab fa 0d c5 49 99 7f 1b cf c3 de 99 7d 9e ca Sep 21 07:25:30.157420: | n 6f 9e 14 d6 5a ff de d6 4f 57 6a 83 ab 51 ba 64 Sep 21 07:25:30.157425: | n 74 e0 22 e9 9a c5 10 71 bb d4 eb a4 99 28 9c 85 Sep 21 07:25:30.157427: | n 0e 31 ea cc ab ef 98 84 3f 59 c1 75 aa b3 61 eb Sep 21 07:25:30.157430: | n 61 8c 58 a5 92 25 84 ad c7 79 f3 87 d0 c7 83 c2 Sep 21 07:25:30.157432: | n d6 8a fe 26 9d 2a ff b1 dd 9b 89 21 7c ca f5 38 Sep 21 07:25:30.157434: | n 2d 3f 64 0c 41 9c 34 e9 b2 55 0f 82 1a b3 c7 5e Sep 21 07:25:30.157436: | n a5 99 Sep 21 07:25:30.157438: | e 03 Sep 21 07:25:30.157440: | CKAID 90 5d fc a1 08 68 74 7c 6f 20 d3 1b 2d 20 4b 8f Sep 21 07:25:30.157442: | CKAID 88 aa 7c 5d Sep 21 07:25:30.157448: | close_any(fd@16) (in whack_process() at rcv_whack.c:700) Sep 21 07:25:30.157452: | spent 0.142 milliseconds in whack Sep 21 07:25:30.157489: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) Sep 21 07:25:30.157499: add keyid @east Sep 21 07:25:30.157503: | add pubkey 01 03 bd 6c 96 eb df 78 89 b3 ed 77 0d a1 7f 7b Sep 21 07:25:30.157505: | add pubkey e5 16 c2 c9 e4 7d 92 0a 90 9d 55 43 b4 62 13 03 Sep 21 07:25:30.157507: | add pubkey 85 7a e0 26 7b 54 1f ca 09 93 cf ff 25 c9 02 4c Sep 21 07:25:30.157509: | add pubkey 78 ca 94 e5 3e ac d1 f9 a8 e5 bb 7f cc 20 84 e0 Sep 21 07:25:30.157512: | add pubkey 21 c9 f0 0d c5 44 ba f3 48 64 61 58 f6 0f 63 0d Sep 21 07:25:30.157514: | add pubkey d2 67 1e 59 8b ec f3 50 39 71 fb 39 da 11 64 b6 Sep 21 07:25:30.157516: | add pubkey 62 cd 5f d3 8d 2e c1 50 ed 9c 6e 22 0c 39 a7 ce Sep 21 07:25:30.157518: | add pubkey 62 b5 af 8a 80 0f 2e 4c 05 5c 82 c7 8d 29 02 2e Sep 21 07:25:30.157520: | add pubkey bb 23 5f db f2 9e b5 7d e2 20 70 1a 63 f3 8e 5d Sep 21 07:25:30.157522: | add pubkey ac 47 f0 5c 26 4e b1 d0 42 60 52 4a b0 77 25 ce Sep 21 07:25:30.157525: | add pubkey e0 98 2b 43 f4 c7 59 1a 64 01 83 ea 4e e3 1a 2a Sep 21 07:25:30.157527: | add pubkey 92 b8 55 ab 63 dd 4b 70 47 29 dc e9 b4 60 bf 43 Sep 21 07:25:30.157529: | add pubkey 4d 58 8f 64 73 95 70 ac 35 89 b2 c2 9c d4 62 c0 Sep 21 07:25:30.157531: | add pubkey 5f 56 5f ad 1b e5 dd 49 93 6a f5 23 82 ed d4 e7 Sep 21 07:25:30.157533: | add pubkey d5 f1 55 f2 2d a2 26 a6 36 53 2f 94 fb 99 22 5c Sep 21 07:25:30.157535: | add pubkey 47 cc 6d 80 30 88 96 38 0c f5 f2 ed 37 d0 09 d5 Sep 21 07:25:30.157538: | add pubkey 07 8f 69 ef a9 99 ce 4d 1a 77 9e 39 c4 38 f3 c5 Sep 21 07:25:30.157540: | add pubkey 51 51 48 ef Sep 21 07:25:30.157550: | computed rsa CKAID 61 55 99 73 d3 ac ef 7d 3a 37 0e 3e 82 ad 92 c1 Sep 21 07:25:30.157552: | computed rsa CKAID 8a 82 25 f1 Sep 21 07:25:30.157556: | keyid: *AQO9bJbr3 Sep 21 07:25:30.157558: | n bd 6c 96 eb df 78 89 b3 ed 77 0d a1 7f 7b e5 16 Sep 21 07:25:30.157561: | n c2 c9 e4 7d 92 0a 90 9d 55 43 b4 62 13 03 85 7a Sep 21 07:25:30.157563: | n e0 26 7b 54 1f ca 09 93 cf ff 25 c9 02 4c 78 ca Sep 21 07:25:30.157565: | n 94 e5 3e ac d1 f9 a8 e5 bb 7f cc 20 84 e0 21 c9 Sep 21 07:25:30.157567: | n f0 0d c5 44 ba f3 48 64 61 58 f6 0f 63 0d d2 67 Sep 21 07:25:30.157569: | n 1e 59 8b ec f3 50 39 71 fb 39 da 11 64 b6 62 cd Sep 21 07:25:30.157572: | n 5f d3 8d 2e c1 50 ed 9c 6e 22 0c 39 a7 ce 62 b5 Sep 21 07:25:30.157574: | n af 8a 80 0f 2e 4c 05 5c 82 c7 8d 29 02 2e bb 23 Sep 21 07:25:30.157576: | n 5f db f2 9e b5 7d e2 20 70 1a 63 f3 8e 5d ac 47 Sep 21 07:25:30.157578: | n f0 5c 26 4e b1 d0 42 60 52 4a b0 77 25 ce e0 98 Sep 21 07:25:30.157580: | n 2b 43 f4 c7 59 1a 64 01 83 ea 4e e3 1a 2a 92 b8 Sep 21 07:25:30.157582: | n 55 ab 63 dd 4b 70 47 29 dc e9 b4 60 bf 43 4d 58 Sep 21 07:25:30.157585: | n 8f 64 73 95 70 ac 35 89 b2 c2 9c d4 62 c0 5f 56 Sep 21 07:25:30.157587: | n 5f ad 1b e5 dd 49 93 6a f5 23 82 ed d4 e7 d5 f1 Sep 21 07:25:30.157589: | n 55 f2 2d a2 26 a6 36 53 2f 94 fb 99 22 5c 47 cc Sep 21 07:25:30.157591: | n 6d 80 30 88 96 38 0c f5 f2 ed 37 d0 09 d5 07 8f Sep 21 07:25:30.157593: | n 69 ef a9 99 ce 4d 1a 77 9e 39 c4 38 f3 c5 51 51 Sep 21 07:25:30.157598: | n 48 ef Sep 21 07:25:30.157600: | e 03 Sep 21 07:25:30.157602: | CKAID 61 55 99 73 d3 ac ef 7d 3a 37 0e 3e 82 ad 92 c1 Sep 21 07:25:30.157604: | CKAID 8a 82 25 f1 Sep 21 07:25:30.157610: | close_any(fd@16) (in whack_process() at rcv_whack.c:700) Sep 21 07:25:30.157614: | spent 0.125 milliseconds in whack Sep 21 07:25:30.157649: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) Sep 21 07:25:30.157661: | FOR_EACH_CONNECTION_... in conn_by_name Sep 21 07:25:30.157664: | FOR_EACH_CONNECTION_... in foreach_connection_by_alias Sep 21 07:25:30.157666: | FOR_EACH_CONNECTION_... in conn_by_name Sep 21 07:25:30.157668: | FOR_EACH_CONNECTION_... in foreach_connection_by_alias Sep 21 07:25:30.157671: | FOR_EACH_CONNECTION_... in conn_by_name Sep 21 07:25:30.157676: | Added new connection north-eastnets/0x2 with policy ENCRYPT+TUNNEL+PFS+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO Sep 21 07:25:30.157679: | No AUTH policy was set - defaulting to RSASIG Sep 21 07:25:30.157694: | ike (phase1) algorithm values: AES_CBC_256-HMAC_SHA2_256-MODP2048 Sep 21 07:25:30.157696: | from whack: got --esp=aes128-sha2_512;modp3072 Sep 21 07:25:30.157709: | ESP/AH string values: AES_CBC_128-HMAC_SHA2_512_256-MODP3072 Sep 21 07:25:30.157712: | counting wild cards for @north is 0 Sep 21 07:25:30.157715: | counting wild cards for @east is 0 Sep 21 07:25:30.157722: | find_host_pair: comparing 192.1.2.23:500 to 192.1.3.33:500 but ignoring ports Sep 21 07:25:30.157727: | connect_to_host_pair: 192.1.2.23:500 192.1.3.33:500 -> hp@0x557d90a8f740: north-eastnets/0x1 Sep 21 07:25:30.157729: added connection description "north-eastnets/0x2" Sep 21 07:25:30.157736: | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: RSASIG+ENCRYPT+TUNNEL+PFS+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO Sep 21 07:25:30.157745: | 192.0.22.0/24===192.1.2.23<192.1.2.23>[@east]...192.1.3.33<192.1.3.33>[@north]===192.0.3.0/24 Sep 21 07:25:30.157750: | close_any(fd@16) (in whack_process() at rcv_whack.c:700) Sep 21 07:25:30.157754: | spent 0.104 milliseconds in whack Sep 21 07:25:30.157795: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) Sep 21 07:25:30.157809: add keyid @north Sep 21 07:25:30.157813: | unreference key: 0x557d90a1d8f0 @north cnt 1-- Sep 21 07:25:30.157816: | add pubkey 01 03 e5 df 73 b6 3e d5 36 a8 f1 3d 0d d3 02 ab Sep 21 07:25:30.157818: | add pubkey 7f ec 4c 9e 8b 0e 0e d2 cf 0f 59 bf 6d 88 21 86 Sep 21 07:25:30.157821: | add pubkey 93 9e 10 34 af 2d cf b3 7e eb e5 b2 24 b2 a5 b0 Sep 21 07:25:30.157823: | add pubkey 01 03 7d b5 96 ad 66 ee 48 c2 28 d9 9a 76 36 a9 Sep 21 07:25:30.157825: | add pubkey 10 84 b5 09 8f 17 4f 65 ce d8 2f 8e 78 80 8a 87 Sep 21 07:25:30.157827: | add pubkey f4 6b 98 d9 91 94 6b 52 15 5b 9c 47 12 be d8 6f Sep 21 07:25:30.157829: | add pubkey 25 b4 65 38 7e e4 8d c7 f0 58 d3 9f 69 14 cc 3e Sep 21 07:25:30.157831: | add pubkey c8 16 1f af bb 5d 93 2b 33 39 0e 94 55 81 f4 b3 Sep 21 07:25:30.157833: | add pubkey cc 92 58 6e 4a 5a 4e c3 76 ab 04 2e 11 08 06 55 Sep 21 07:25:30.157836: | add pubkey 13 0f 02 6c dd d1 bc c0 b8 8d 65 f5 97 ed fc 18 Sep 21 07:25:30.157838: | add pubkey 39 f9 55 ab fa 0d c5 49 99 7f 1b cf c3 de 99 7d Sep 21 07:25:30.157840: | add pubkey 9e ca 6f 9e 14 d6 5a ff de d6 4f 57 6a 83 ab 51 Sep 21 07:25:30.157842: | add pubkey ba 64 74 e0 22 e9 9a c5 10 71 bb d4 eb a4 99 28 Sep 21 07:25:30.157844: | add pubkey 9c 85 0e 31 ea cc ab ef 98 84 3f 59 c1 75 aa b3 Sep 21 07:25:30.157846: | add pubkey 61 eb 61 8c 58 a5 92 25 84 ad c7 79 f3 87 d0 c7 Sep 21 07:25:30.157848: | add pubkey 83 c2 d6 8a fe 26 9d 2a ff b1 dd 9b 89 21 7c ca Sep 21 07:25:30.157851: | add pubkey f5 38 2d 3f 64 0c 41 9c 34 e9 b2 55 0f 82 1a b3 Sep 21 07:25:30.157853: | add pubkey c7 5e a5 99 Sep 21 07:25:30.157861: | computed rsa CKAID 90 5d fc a1 08 68 74 7c 6f 20 d3 1b 2d 20 4b 8f Sep 21 07:25:30.157866: | computed rsa CKAID 88 aa 7c 5d Sep 21 07:25:30.157870: | keyid: *AQPl33O2P Sep 21 07:25:30.157873: | n e5 df 73 b6 3e d5 36 a8 f1 3d 0d d3 02 ab 7f ec Sep 21 07:25:30.157875: | n 4c 9e 8b 0e 0e d2 cf 0f 59 bf 6d 88 21 86 93 9e Sep 21 07:25:30.157877: | n 10 34 af 2d cf b3 7e eb e5 b2 24 b2 a5 b0 01 03 Sep 21 07:25:30.157879: | n 7d b5 96 ad 66 ee 48 c2 28 d9 9a 76 36 a9 10 84 Sep 21 07:25:30.157881: | n b5 09 8f 17 4f 65 ce d8 2f 8e 78 80 8a 87 f4 6b Sep 21 07:25:30.157883: | n 98 d9 91 94 6b 52 15 5b 9c 47 12 be d8 6f 25 b4 Sep 21 07:25:30.157885: | n 65 38 7e e4 8d c7 f0 58 d3 9f 69 14 cc 3e c8 16 Sep 21 07:25:30.157888: | n 1f af bb 5d 93 2b 33 39 0e 94 55 81 f4 b3 cc 92 Sep 21 07:25:30.157890: | n 58 6e 4a 5a 4e c3 76 ab 04 2e 11 08 06 55 13 0f Sep 21 07:25:30.157892: | n 02 6c dd d1 bc c0 b8 8d 65 f5 97 ed fc 18 39 f9 Sep 21 07:25:30.157894: | n 55 ab fa 0d c5 49 99 7f 1b cf c3 de 99 7d 9e ca Sep 21 07:25:30.157896: | n 6f 9e 14 d6 5a ff de d6 4f 57 6a 83 ab 51 ba 64 Sep 21 07:25:30.157898: | n 74 e0 22 e9 9a c5 10 71 bb d4 eb a4 99 28 9c 85 Sep 21 07:25:30.157900: | n 0e 31 ea cc ab ef 98 84 3f 59 c1 75 aa b3 61 eb Sep 21 07:25:30.157903: | n 61 8c 58 a5 92 25 84 ad c7 79 f3 87 d0 c7 83 c2 Sep 21 07:25:30.157905: | n d6 8a fe 26 9d 2a ff b1 dd 9b 89 21 7c ca f5 38 Sep 21 07:25:30.157907: | n 2d 3f 64 0c 41 9c 34 e9 b2 55 0f 82 1a b3 c7 5e Sep 21 07:25:30.157909: | n a5 99 Sep 21 07:25:30.157911: | e 03 Sep 21 07:25:30.157913: | CKAID 90 5d fc a1 08 68 74 7c 6f 20 d3 1b 2d 20 4b 8f Sep 21 07:25:30.157915: | CKAID 88 aa 7c 5d Sep 21 07:25:30.157920: | close_any(fd@16) (in whack_process() at rcv_whack.c:700) Sep 21 07:25:30.157924: | spent 0.129 milliseconds in whack Sep 21 07:25:30.157959: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) Sep 21 07:25:30.157969: add keyid @east Sep 21 07:25:30.157973: | unreference key: 0x557d90a266c0 @east cnt 1-- Sep 21 07:25:30.157976: | add pubkey 01 03 bd 6c 96 eb df 78 89 b3 ed 77 0d a1 7f 7b Sep 21 07:25:30.157978: | add pubkey e5 16 c2 c9 e4 7d 92 0a 90 9d 55 43 b4 62 13 03 Sep 21 07:25:30.157981: | add pubkey 85 7a e0 26 7b 54 1f ca 09 93 cf ff 25 c9 02 4c Sep 21 07:25:30.157983: | add pubkey 78 ca 94 e5 3e ac d1 f9 a8 e5 bb 7f cc 20 84 e0 Sep 21 07:25:30.157985: | add pubkey 21 c9 f0 0d c5 44 ba f3 48 64 61 58 f6 0f 63 0d Sep 21 07:25:30.157987: | add pubkey d2 67 1e 59 8b ec f3 50 39 71 fb 39 da 11 64 b6 Sep 21 07:25:30.157989: | add pubkey 62 cd 5f d3 8d 2e c1 50 ed 9c 6e 22 0c 39 a7 ce Sep 21 07:25:30.157992: | add pubkey 62 b5 af 8a 80 0f 2e 4c 05 5c 82 c7 8d 29 02 2e Sep 21 07:25:30.157994: | add pubkey bb 23 5f db f2 9e b5 7d e2 20 70 1a 63 f3 8e 5d Sep 21 07:25:30.157996: | add pubkey ac 47 f0 5c 26 4e b1 d0 42 60 52 4a b0 77 25 ce Sep 21 07:25:30.157998: | add pubkey e0 98 2b 43 f4 c7 59 1a 64 01 83 ea 4e e3 1a 2a Sep 21 07:25:30.158000: | add pubkey 92 b8 55 ab 63 dd 4b 70 47 29 dc e9 b4 60 bf 43 Sep 21 07:25:30.158003: | add pubkey 4d 58 8f 64 73 95 70 ac 35 89 b2 c2 9c d4 62 c0 Sep 21 07:25:30.158005: | add pubkey 5f 56 5f ad 1b e5 dd 49 93 6a f5 23 82 ed d4 e7 Sep 21 07:25:30.158007: | add pubkey d5 f1 55 f2 2d a2 26 a6 36 53 2f 94 fb 99 22 5c Sep 21 07:25:30.158009: | add pubkey 47 cc 6d 80 30 88 96 38 0c f5 f2 ed 37 d0 09 d5 Sep 21 07:25:30.158011: | add pubkey 07 8f 69 ef a9 99 ce 4d 1a 77 9e 39 c4 38 f3 c5 Sep 21 07:25:30.158013: | add pubkey 51 51 48 ef Sep 21 07:25:30.158021: | computed rsa CKAID 61 55 99 73 d3 ac ef 7d 3a 37 0e 3e 82 ad 92 c1 Sep 21 07:25:30.158023: | computed rsa CKAID 8a 82 25 f1 Sep 21 07:25:30.158026: | keyid: *AQO9bJbr3 Sep 21 07:25:30.158029: | n bd 6c 96 eb df 78 89 b3 ed 77 0d a1 7f 7b e5 16 Sep 21 07:25:30.158031: | n c2 c9 e4 7d 92 0a 90 9d 55 43 b4 62 13 03 85 7a Sep 21 07:25:30.158033: | n e0 26 7b 54 1f ca 09 93 cf ff 25 c9 02 4c 78 ca Sep 21 07:25:30.158038: | n 94 e5 3e ac d1 f9 a8 e5 bb 7f cc 20 84 e0 21 c9 Sep 21 07:25:30.158040: | n f0 0d c5 44 ba f3 48 64 61 58 f6 0f 63 0d d2 67 Sep 21 07:25:30.158042: | n 1e 59 8b ec f3 50 39 71 fb 39 da 11 64 b6 62 cd Sep 21 07:25:30.158044: | n 5f d3 8d 2e c1 50 ed 9c 6e 22 0c 39 a7 ce 62 b5 Sep 21 07:25:30.158046: | n af 8a 80 0f 2e 4c 05 5c 82 c7 8d 29 02 2e bb 23 Sep 21 07:25:30.158049: | n 5f db f2 9e b5 7d e2 20 70 1a 63 f3 8e 5d ac 47 Sep 21 07:25:30.158051: | n f0 5c 26 4e b1 d0 42 60 52 4a b0 77 25 ce e0 98 Sep 21 07:25:30.158053: | n 2b 43 f4 c7 59 1a 64 01 83 ea 4e e3 1a 2a 92 b8 Sep 21 07:25:30.158055: | n 55 ab 63 dd 4b 70 47 29 dc e9 b4 60 bf 43 4d 58 Sep 21 07:25:30.158057: | n 8f 64 73 95 70 ac 35 89 b2 c2 9c d4 62 c0 5f 56 Sep 21 07:25:30.158059: | n 5f ad 1b e5 dd 49 93 6a f5 23 82 ed d4 e7 d5 f1 Sep 21 07:25:30.158061: | n 55 f2 2d a2 26 a6 36 53 2f 94 fb 99 22 5c 47 cc Sep 21 07:25:30.158064: | n 6d 80 30 88 96 38 0c f5 f2 ed 37 d0 09 d5 07 8f Sep 21 07:25:30.158066: | n 69 ef a9 99 ce 4d 1a 77 9e 39 c4 38 f3 c5 51 51 Sep 21 07:25:30.158068: | n 48 ef Sep 21 07:25:30.158070: | e 03 Sep 21 07:25:30.158072: | CKAID 61 55 99 73 d3 ac ef 7d 3a 37 0e 3e 82 ad 92 c1 Sep 21 07:25:30.158074: | CKAID 8a 82 25 f1 Sep 21 07:25:30.158079: | close_any(fd@16) (in whack_process() at rcv_whack.c:700) Sep 21 07:25:30.158083: | spent 0.123 milliseconds in whack Sep 21 07:25:30.158116: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) Sep 21 07:25:30.158129: | pluto_sd: executing action action: reloading(4), status 0 Sep 21 07:25:30.158133: listening for IKE messages Sep 21 07:25:30.158166: | Inspecting interface lo Sep 21 07:25:30.158172: | found lo with address 127.0.0.1 Sep 21 07:25:30.158174: | Inspecting interface eth0 Sep 21 07:25:30.158178: | found eth0 with address 192.0.2.254 Sep 21 07:25:30.158180: | Inspecting interface eth0 Sep 21 07:25:30.158184: | found eth0 with address 192.0.22.251 Sep 21 07:25:30.158186: | Inspecting interface eth0 Sep 21 07:25:30.158189: | found eth0 with address 192.0.22.254 Sep 21 07:25:30.158191: | Inspecting interface eth0 Sep 21 07:25:30.158195: | found eth0 with address 192.0.2.251 Sep 21 07:25:30.158197: | Inspecting interface eth1 Sep 21 07:25:30.158200: | found eth1 with address 192.1.2.23 Sep 21 07:25:30.158278: | no interfaces to sort Sep 21 07:25:30.158287: | libevent_free: release ptr-libevent@0x557d90ac3170 Sep 21 07:25:30.158290: | free_event_entry: release EVENT_NULL-pe@0x557d90ac3130 Sep 21 07:25:30.158293: | add_fd_read_event_handler: new ethX-pe@0x557d90ac3130 Sep 21 07:25:30.158296: | libevent_malloc: new ptr-libevent@0x557d90ac3170 size 128 Sep 21 07:25:30.158303: | setup callback for interface lo 127.0.0.1:4500 fd 28 Sep 21 07:25:30.158307: | libevent_free: release ptr-libevent@0x557d90ac3260 Sep 21 07:25:30.158309: | free_event_entry: release EVENT_NULL-pe@0x557d90ac3220 Sep 21 07:25:30.158312: | add_fd_read_event_handler: new ethX-pe@0x557d90ac3220 Sep 21 07:25:30.158314: | libevent_malloc: new ptr-libevent@0x557d90ac3260 size 128 Sep 21 07:25:30.158319: | setup callback for interface lo 127.0.0.1:500 fd 27 Sep 21 07:25:30.158323: | libevent_free: release ptr-libevent@0x557d90ac3350 Sep 21 07:25:30.158325: | free_event_entry: release EVENT_NULL-pe@0x557d90ac3310 Sep 21 07:25:30.158327: | add_fd_read_event_handler: new ethX-pe@0x557d90ac3310 Sep 21 07:25:30.158330: | libevent_malloc: new ptr-libevent@0x557d90ac3350 size 128 Sep 21 07:25:30.158334: | setup callback for interface eth0 192.0.2.254:4500 fd 26 Sep 21 07:25:30.158337: | libevent_free: release ptr-libevent@0x557d90ac3440 Sep 21 07:25:30.158340: | free_event_entry: release EVENT_NULL-pe@0x557d90ac3400 Sep 21 07:25:30.158342: | add_fd_read_event_handler: new ethX-pe@0x557d90ac3400 Sep 21 07:25:30.158344: | libevent_malloc: new ptr-libevent@0x557d90ac3440 size 128 Sep 21 07:25:30.158349: | setup callback for interface eth0 192.0.2.254:500 fd 25 Sep 21 07:25:30.158356: | libevent_free: release ptr-libevent@0x557d90ac3bb0 Sep 21 07:25:30.158358: | free_event_entry: release EVENT_NULL-pe@0x557d90ac34f0 Sep 21 07:25:30.158361: | add_fd_read_event_handler: new ethX-pe@0x557d90ac4f40 Sep 21 07:25:30.158363: | libevent_malloc: new ptr-libevent@0x557d90ac3bb0 size 128 Sep 21 07:25:30.158368: | setup callback for interface eth0 192.0.22.251:4500 fd 24 Sep 21 07:25:30.158372: | libevent_free: release ptr-libevent@0x557d90ac3ca0 Sep 21 07:25:30.158374: | free_event_entry: release EVENT_NULL-pe@0x557d90ac3c60 Sep 21 07:25:30.158376: | add_fd_read_event_handler: new ethX-pe@0x557d90ac3c60 Sep 21 07:25:30.158379: | libevent_malloc: new ptr-libevent@0x557d90ac3ca0 size 128 Sep 21 07:25:30.158383: | setup callback for interface eth0 192.0.22.251:500 fd 23 Sep 21 07:25:30.158386: | libevent_free: release ptr-libevent@0x557d90ac3d90 Sep 21 07:25:30.158389: | free_event_entry: release EVENT_NULL-pe@0x557d90ac3d50 Sep 21 07:25:30.158391: | add_fd_read_event_handler: new ethX-pe@0x557d90ac3d50 Sep 21 07:25:30.158394: | libevent_malloc: new ptr-libevent@0x557d90ac3d90 size 128 Sep 21 07:25:30.158398: | setup callback for interface eth0 192.0.22.254:4500 fd 22 Sep 21 07:25:30.158402: | libevent_free: release ptr-libevent@0x557d90ac3e80 Sep 21 07:25:30.158404: | free_event_entry: release EVENT_NULL-pe@0x557d90ac3e40 Sep 21 07:25:30.158406: | add_fd_read_event_handler: new ethX-pe@0x557d90ac3e40 Sep 21 07:25:30.158409: | libevent_malloc: new ptr-libevent@0x557d90ac3e80 size 128 Sep 21 07:25:30.158413: | setup callback for interface eth0 192.0.22.254:500 fd 21 Sep 21 07:25:30.158416: | libevent_free: release ptr-libevent@0x557d90ac3f70 Sep 21 07:25:30.158419: | free_event_entry: release EVENT_NULL-pe@0x557d90ac3f30 Sep 21 07:25:30.158421: | add_fd_read_event_handler: new ethX-pe@0x557d90ac3f30 Sep 21 07:25:30.158423: | libevent_malloc: new ptr-libevent@0x557d90ac3f70 size 128 Sep 21 07:25:30.158428: | setup callback for interface eth0 192.0.2.251:4500 fd 20 Sep 21 07:25:30.158431: | libevent_free: release ptr-libevent@0x557d90ac4060 Sep 21 07:25:30.158433: | free_event_entry: release EVENT_NULL-pe@0x557d90ac4020 Sep 21 07:25:30.158436: | add_fd_read_event_handler: new ethX-pe@0x557d90ac4020 Sep 21 07:25:30.158438: | libevent_malloc: new ptr-libevent@0x557d90ac4060 size 128 Sep 21 07:25:30.158443: | setup callback for interface eth0 192.0.2.251:500 fd 19 Sep 21 07:25:30.158446: | libevent_free: release ptr-libevent@0x557d90ac4150 Sep 21 07:25:30.158448: | free_event_entry: release EVENT_NULL-pe@0x557d90ac4110 Sep 21 07:25:30.158451: | add_fd_read_event_handler: new ethX-pe@0x557d90ac4110 Sep 21 07:25:30.158453: | libevent_malloc: new ptr-libevent@0x557d90ac4150 size 128 Sep 21 07:25:30.158458: | setup callback for interface eth1 192.1.2.23:4500 fd 18 Sep 21 07:25:30.158461: | libevent_free: release ptr-libevent@0x557d90ac4240 Sep 21 07:25:30.158463: | free_event_entry: release EVENT_NULL-pe@0x557d90ac4200 Sep 21 07:25:30.158465: | add_fd_read_event_handler: new ethX-pe@0x557d90ac4200 Sep 21 07:25:30.158468: | libevent_malloc: new ptr-libevent@0x557d90ac4240 size 128 Sep 21 07:25:30.158472: | setup callback for interface eth1 192.1.2.23:500 fd 17 Sep 21 07:25:30.158475: | certs and keys locked by 'free_preshared_secrets' Sep 21 07:25:30.158477: forgetting secrets Sep 21 07:25:30.158483: | certs and keys unlocked by 'free_preshared_secrets' Sep 21 07:25:30.158496: loading secrets from "/etc/ipsec.secrets" Sep 21 07:25:30.158510: | saving Modulus Sep 21 07:25:30.158513: | saving PublicExponent Sep 21 07:25:30.158517: | ignoring PrivateExponent Sep 21 07:25:30.158519: | ignoring Prime1 Sep 21 07:25:30.158522: | ignoring Prime2 Sep 21 07:25:30.158525: | ignoring Exponent1 Sep 21 07:25:30.158528: | ignoring Exponent2 Sep 21 07:25:30.158531: | ignoring Coefficient Sep 21 07:25:30.158534: | ignoring CKAIDNSS Sep 21 07:25:30.158545: | computed rsa CKAID 61 55 99 73 d3 ac ef 7d 3a 37 0e 3e 82 ad 92 c1 Sep 21 07:25:30.158547: | computed rsa CKAID 8a 82 25 f1 Sep 21 07:25:30.158553: loaded private key for keyid: PKK_RSA:AQO9bJbr3 Sep 21 07:25:30.158557: | certs and keys locked by 'process_secret' Sep 21 07:25:30.158559: | certs and keys unlocked by 'process_secret' Sep 21 07:25:30.158564: | pluto_sd: executing action action: ready(5), status 0 Sep 21 07:25:30.158569: | close_any(fd@16) (in whack_process() at rcv_whack.c:700) Sep 21 07:25:30.158574: | spent 0.457 milliseconds in whack Sep 21 07:25:30.158616: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) Sep 21 07:25:30.158629: | FOR_EACH_CONNECTION_... in conn_by_name Sep 21 07:25:30.158632: initiating all conns with alias='north-eastnets' Sep 21 07:25:30.158636: | FOR_EACH_CONNECTION_... in foreach_connection_by_alias Sep 21 07:25:30.158641: | start processing: connection "north-eastnets/0x2" (in initiate_a_connection() at initiate.c:186) Sep 21 07:25:30.158644: | connection 'north-eastnets/0x2' +POLICY_UP Sep 21 07:25:30.158647: | dup_any(fd@-1) -> fd@-1 (in initiate_a_connection() at initiate.c:342) Sep 21 07:25:30.158649: | FOR_EACH_STATE_... in find_phase1_state Sep 21 07:25:30.158663: | creating state object #1 at 0x557d90ac5b50 Sep 21 07:25:30.158666: | State DB: adding IKEv2 state #1 in UNDEFINED Sep 21 07:25:30.158673: | pstats #1 ikev2.ike started Sep 21 07:25:30.158676: | Message ID: init #1: msgid=0 lastack=4294967295 nextuse=0 lastrecv=4294967295 lastreplied=0 Sep 21 07:25:30.158679: | parent state #1: UNDEFINED(ignore) => PARENT_I0(ignore) Sep 21 07:25:30.158685: | Message ID: init_ike #1; ike: initiator.sent=0->-1 initiator.recv=0->-1 responder.sent=0->-1 responder.recv=0->-1 wip.initiator=0->-1 wip.responder=0->-1 Sep 21 07:25:30.158691: | suspend processing: connection "north-eastnets/0x2" (in ikev2_parent_outI1() at ikev2_parent.c:535) Sep 21 07:25:30.158696: | start processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in ikev2_parent_outI1() at ikev2_parent.c:535) Sep 21 07:25:30.158699: | dup_any(fd@-1) -> fd@-1 (in ikev2_parent_outI1() at ikev2_parent.c:551) Sep 21 07:25:30.158703: | Queuing pending IPsec SA negotiating with 192.1.3.33 "north-eastnets/0x2" IKE SA #1 "north-eastnets/0x2" Sep 21 07:25:30.158706: "north-eastnets/0x2" #1: initiating v2 parent SA Sep 21 07:25:30.158712: | constructing local IKE proposals for north-eastnets/0x2 (IKE SA initiator selecting KE) Sep 21 07:25:30.158716: | converting ike_info AES_CBC_256-HMAC_SHA2_256-MODP2048 to ikev2 ... Sep 21 07:25:30.158722: | ... ikev2_proposal: 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048 Sep 21 07:25:30.158726: "north-eastnets/0x2": constructed local IKE proposals for north-eastnets/0x2 (IKE SA initiator selecting KE): 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048 Sep 21 07:25:30.158733: | adding ikev2_outI1 KE work-order 1 for state #1 Sep 21 07:25:30.158737: | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x557d90ac4fc0 Sep 21 07:25:30.158740: | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #1 Sep 21 07:25:30.158743: | libevent_malloc: new ptr-libevent@0x557d90ac5000 size 128 Sep 21 07:25:30.158754: | #1 spent 0.113 milliseconds in ikev2_parent_outI1() Sep 21 07:25:30.158757: | processing: RESET whack log_fd (was fd@16) (in ikev2_parent_outI1() at ikev2_parent.c:610) Sep 21 07:25:30.158760: | crypto helper 0 resuming Sep 21 07:25:30.158761: | RESET processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in ikev2_parent_outI1() at ikev2_parent.c:610) Sep 21 07:25:30.158773: | crypto helper 0 starting work-order 1 for state #1 Sep 21 07:25:30.158779: | RESET processing: connection "north-eastnets/0x2" (in ikev2_parent_outI1() at ikev2_parent.c:610) Sep 21 07:25:30.158791: | crypto helper 0 doing build KE and nonce (ikev2_outI1 KE); request ID 1 Sep 21 07:25:30.158797: | processing: STOP connection NULL (in initiate_a_connection() at initiate.c:349) Sep 21 07:25:30.158806: | start processing: connection "north-eastnets/0x1" (in initiate_a_connection() at initiate.c:186) Sep 21 07:25:30.158813: | connection 'north-eastnets/0x1' +POLICY_UP Sep 21 07:25:30.158816: | dup_any(fd@-1) -> fd@-1 (in initiate_a_connection() at initiate.c:342) Sep 21 07:25:30.158818: | FOR_EACH_STATE_... in find_phase1_state Sep 21 07:25:30.158823: | Queuing pending IPsec SA negotiating with 192.1.3.33 "north-eastnets/0x1" IKE SA #1 "north-eastnets/0x2" Sep 21 07:25:30.158826: | stop processing: connection "north-eastnets/0x1" (in initiate_a_connection() at initiate.c:349) Sep 21 07:25:30.158833: | close_any(fd@16) (in whack_process() at rcv_whack.c:700) Sep 21 07:25:30.158837: | spent 0.204 milliseconds in whack Sep 21 07:25:30.159383: | processing signal PLUTO_SIGCHLD Sep 21 07:25:30.159398: | waitpid returned pid 8752 (exited with status 0) Sep 21 07:25:30.159401: | reaped addconn helper child (status 0) Sep 21 07:25:30.159405: | waitpid returned ECHILD (no child processes left) Sep 21 07:25:30.159409: | spent 0.0188 milliseconds in signal handler PLUTO_SIGCHLD Sep 21 07:25:30.159818: | crypto helper 0 finished build KE and nonce (ikev2_outI1 KE); request ID 1 time elapsed 0.001026 seconds Sep 21 07:25:30.159831: | (#1) spent 1.03 milliseconds in crypto helper computing work-order 1: ikev2_outI1 KE (pcr) Sep 21 07:25:30.159834: | crypto helper 0 sending results from work-order 1 for state #1 to event queue Sep 21 07:25:30.159837: | scheduling resume sending helper answer for #1 Sep 21 07:25:30.159841: | libevent_malloc: new ptr-libevent@0x7fb91c006900 size 128 Sep 21 07:25:30.159849: | crypto helper 0 waiting (nothing to do) Sep 21 07:25:30.159912: | processing resume sending helper answer for #1 Sep 21 07:25:30.159922: | start processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in resume_handler() at server.c:797) Sep 21 07:25:30.159926: | crypto helper 0 replies to request ID 1 Sep 21 07:25:30.159929: | calling continuation function 0x557d8ea1a630 Sep 21 07:25:30.159931: | ikev2_parent_outI1_continue for #1 Sep 21 07:25:30.159959: | **emit ISAKMP Message: Sep 21 07:25:30.159962: | initiator cookie: Sep 21 07:25:30.159964: | f3 78 7a 5b f5 0a 8c a1 Sep 21 07:25:30.159966: | responder cookie: Sep 21 07:25:30.159968: | 00 00 00 00 00 00 00 00 Sep 21 07:25:30.159971: | next payload type: ISAKMP_NEXT_NONE (0x0) Sep 21 07:25:30.159974: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) Sep 21 07:25:30.159976: | exchange type: ISAKMP_v2_IKE_SA_INIT (0x22) Sep 21 07:25:30.159979: | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8) Sep 21 07:25:30.159981: | Message ID: 0 (0x0) Sep 21 07:25:30.159984: | next payload chain: saving message location 'ISAKMP Message'.'next payload type' Sep 21 07:25:30.159991: | using existing local IKE proposals for connection north-eastnets/0x2 (IKE SA initiator emitting local proposals): 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048 Sep 21 07:25:30.159993: | Emitting ikev2_proposals ... Sep 21 07:25:30.159996: | ***emit IKEv2 Security Association Payload: Sep 21 07:25:30.159999: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Sep 21 07:25:30.160001: | flags: none (0x0) Sep 21 07:25:30.160004: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current IKEv2 Security Association Payload (33:ISAKMP_NEXT_v2SA) Sep 21 07:25:30.160007: | next payload chain: saving location 'IKEv2 Security Association Payload'.'next payload type' in 'reply packet' Sep 21 07:25:30.160010: | ****emit IKEv2 Proposal Substructure Payload: Sep 21 07:25:30.160012: | last proposal: v2_PROPOSAL_LAST (0x0) Sep 21 07:25:30.160014: | prop #: 1 (0x1) Sep 21 07:25:30.160017: | proto ID: IKEv2_SEC_PROTO_IKE (0x1) Sep 21 07:25:30.160019: | spi size: 0 (0x0) Sep 21 07:25:30.160021: | # transforms: 4 (0x4) Sep 21 07:25:30.160024: | last substructure: saving location 'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure Payload'.'last proposal' Sep 21 07:25:30.160026: | *****emit IKEv2 Transform Substructure Payload: Sep 21 07:25:30.160029: | last transform: v2_TRANSFORM_NON_LAST (0x3) Sep 21 07:25:30.160033: | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) Sep 21 07:25:30.160036: | IKEv2 transform ID: AES_CBC (0xc) Sep 21 07:25:30.160039: | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' Sep 21 07:25:30.160041: | ******emit IKEv2 Attribute Substructure Payload: Sep 21 07:25:30.160044: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) Sep 21 07:25:30.160046: | length/value: 256 (0x100) Sep 21 07:25:30.160049: | emitting length of IKEv2 Transform Substructure Payload: 12 Sep 21 07:25:30.160052: | *****emit IKEv2 Transform Substructure Payload: Sep 21 07:25:30.160054: | last transform: v2_TRANSFORM_NON_LAST (0x3) Sep 21 07:25:30.160056: | IKEv2 transform type: TRANS_TYPE_PRF (0x2) Sep 21 07:25:30.160058: | IKEv2 transform ID: PRF_HMAC_SHA2_256 (0x5) Sep 21 07:25:30.160061: | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3) Sep 21 07:25:30.160064: | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' Sep 21 07:25:30.160066: | emitting length of IKEv2 Transform Substructure Payload: 8 Sep 21 07:25:30.160069: | *****emit IKEv2 Transform Substructure Payload: Sep 21 07:25:30.160071: | last transform: v2_TRANSFORM_NON_LAST (0x3) Sep 21 07:25:30.160073: | IKEv2 transform type: TRANS_TYPE_INTEG (0x3) Sep 21 07:25:30.160075: | IKEv2 transform ID: AUTH_HMAC_SHA2_256_128 (0xc) Sep 21 07:25:30.160078: | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3) Sep 21 07:25:30.160081: | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' Sep 21 07:25:30.160083: | emitting length of IKEv2 Transform Substructure Payload: 8 Sep 21 07:25:30.160085: | *****emit IKEv2 Transform Substructure Payload: Sep 21 07:25:30.160088: | last transform: v2_TRANSFORM_LAST (0x0) Sep 21 07:25:30.160090: | IKEv2 transform type: TRANS_TYPE_DH (0x4) Sep 21 07:25:30.160092: | IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe) Sep 21 07:25:30.160095: | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3) Sep 21 07:25:30.160097: | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' Sep 21 07:25:30.160100: | emitting length of IKEv2 Transform Substructure Payload: 8 Sep 21 07:25:30.160102: | emitting length of IKEv2 Proposal Substructure Payload: 44 Sep 21 07:25:30.160105: | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is 0 Sep 21 07:25:30.160107: | emitting length of IKEv2 Security Association Payload: 48 Sep 21 07:25:30.160110: | last substructure: checking 'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure Payload'.'last proposal' is 0 Sep 21 07:25:30.160112: | ***emit IKEv2 Key Exchange Payload: Sep 21 07:25:30.160114: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Sep 21 07:25:30.160117: | flags: none (0x0) Sep 21 07:25:30.160119: | DH group: OAKLEY_GROUP_MODP2048 (0xe) Sep 21 07:25:30.160122: | next payload chain: setting previous 'IKEv2 Security Association Payload'.'next payload type' to current IKEv2 Key Exchange Payload (34:ISAKMP_NEXT_v2KE) Sep 21 07:25:30.160125: | next payload chain: saving location 'IKEv2 Key Exchange Payload'.'next payload type' in 'reply packet' Sep 21 07:25:30.160128: | emitting 256 raw bytes of ikev2 g^x into IKEv2 Key Exchange Payload Sep 21 07:25:30.160130: | ikev2 g^x 52 62 79 11 d8 ff e0 1c 14 6b fc 59 9c 5f 0c 55 Sep 21 07:25:30.160133: | ikev2 g^x f2 11 bb 44 b2 a6 75 96 ae 08 7a 7f dc 27 3b 0e Sep 21 07:25:30.160135: | ikev2 g^x 05 13 4d f2 fe 8b 55 4f c7 44 b0 8f f1 94 7d 4b Sep 21 07:25:30.160138: | ikev2 g^x f6 a1 d6 71 cf 2c cd c7 42 77 7e fd 19 bf 88 27 Sep 21 07:25:30.160141: | ikev2 g^x 3d 6d 1a 46 06 f0 60 1e 70 b2 06 74 36 92 16 a6 Sep 21 07:25:30.160143: | ikev2 g^x 8a f1 2e 73 b0 f7 97 9f 28 33 4a 98 6b 41 5b 69 Sep 21 07:25:30.160145: | ikev2 g^x 08 4e 9b b6 67 24 66 9b bb 9e a9 78 30 c3 8c 7c Sep 21 07:25:30.160147: | ikev2 g^x 73 42 d2 e7 b3 70 f3 ec 08 1f 11 78 d6 e5 62 8a Sep 21 07:25:30.160149: | ikev2 g^x 90 87 0e 77 f9 96 20 87 26 12 b2 96 a6 35 95 02 Sep 21 07:25:30.160151: | ikev2 g^x cd de 79 02 ac a9 1e 93 f0 ce 2c 13 77 b6 9b 8e Sep 21 07:25:30.160154: | ikev2 g^x 7e 85 a6 e2 6a ca e3 75 10 f7 b9 49 f6 77 2a 6b Sep 21 07:25:30.160156: | ikev2 g^x 2c dc ca 81 cc ae 19 b2 5a 5b 89 6f ac 7f 17 d1 Sep 21 07:25:30.160158: | ikev2 g^x 29 1a 1b 6e 9e 2f 7c a2 ae 45 dc 6a ae c5 3d a7 Sep 21 07:25:30.160160: | ikev2 g^x ab 35 a2 4b e6 56 dd 82 43 d9 c0 d7 82 a5 36 14 Sep 21 07:25:30.160162: | ikev2 g^x d1 b3 90 37 80 d7 64 74 55 7d e5 6d 5c 6d ca 31 Sep 21 07:25:30.160164: | ikev2 g^x 2c 77 51 d2 6c 77 e9 29 1d a4 52 96 6b c9 73 d0 Sep 21 07:25:30.160167: | emitting length of IKEv2 Key Exchange Payload: 264 Sep 21 07:25:30.160169: | ***emit IKEv2 Nonce Payload: Sep 21 07:25:30.160171: | next payload type: ISAKMP_NEXT_v2N (0x29) Sep 21 07:25:30.160173: | flags: none (0x0) Sep 21 07:25:30.160176: | next payload chain: ignoring supplied 'IKEv2 Nonce Payload'.'next payload type' value 41:ISAKMP_NEXT_v2N Sep 21 07:25:30.160179: | next payload chain: setting previous 'IKEv2 Key Exchange Payload'.'next payload type' to current IKEv2 Nonce Payload (40:ISAKMP_NEXT_v2Ni) Sep 21 07:25:30.160181: | next payload chain: saving location 'IKEv2 Nonce Payload'.'next payload type' in 'reply packet' Sep 21 07:25:30.160184: | emitting 32 raw bytes of IKEv2 nonce into IKEv2 Nonce Payload Sep 21 07:25:30.160186: | IKEv2 nonce 0d 10 3e 20 f2 88 3b 5a 40 48 c4 5e 68 c4 b9 ac Sep 21 07:25:30.160188: | IKEv2 nonce e6 d2 68 9b 4b 08 f3 06 e7 26 aa 40 9f 78 c0 56 Sep 21 07:25:30.160191: | emitting length of IKEv2 Nonce Payload: 36 Sep 21 07:25:30.160193: | Adding a v2N Payload Sep 21 07:25:30.160195: | ***emit IKEv2 Notify Payload: Sep 21 07:25:30.160197: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Sep 21 07:25:30.160200: | flags: none (0x0) Sep 21 07:25:30.160202: | Protocol ID: PROTO_v2_RESERVED (0x0) Sep 21 07:25:30.160204: | SPI size: 0 (0x0) Sep 21 07:25:30.160207: | Notify Message Type: v2N_IKEV2_FRAGMENTATION_SUPPORTED (0x402e) Sep 21 07:25:30.160210: | next payload chain: setting previous 'IKEv2 Nonce Payload'.'next payload type' to current IKEv2 Notify Payload (41:ISAKMP_NEXT_v2N) Sep 21 07:25:30.160212: | next payload chain: saving location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet' Sep 21 07:25:30.160215: | emitting length of IKEv2 Notify Payload: 8 Sep 21 07:25:30.160218: | NAT-Traversal support [enabled] add v2N payloads. Sep 21 07:25:30.160220: | natd_hash: rcookie is zero Sep 21 07:25:30.160230: | natd_hash: hasher=0x557d8eaf07a0(20) Sep 21 07:25:30.160233: | natd_hash: icookie= f3 78 7a 5b f5 0a 8c a1 Sep 21 07:25:30.160235: | natd_hash: rcookie= 00 00 00 00 00 00 00 00 Sep 21 07:25:30.160237: | natd_hash: ip= c0 01 02 17 Sep 21 07:25:30.160239: | natd_hash: port= 01 f4 Sep 21 07:25:30.160242: | natd_hash: hash= 6a a5 e3 dd 39 a3 2f ad a0 1a 6c c3 95 87 88 8e Sep 21 07:25:30.160244: | natd_hash: hash= 4d b2 17 f7 Sep 21 07:25:30.160246: | Adding a v2N Payload Sep 21 07:25:30.160248: | ***emit IKEv2 Notify Payload: Sep 21 07:25:30.160250: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Sep 21 07:25:30.160253: | flags: none (0x0) Sep 21 07:25:30.160255: | Protocol ID: PROTO_v2_RESERVED (0x0) Sep 21 07:25:30.160257: | SPI size: 0 (0x0) Sep 21 07:25:30.160259: | Notify Message Type: v2N_NAT_DETECTION_SOURCE_IP (0x4004) Sep 21 07:25:30.160262: | next payload chain: setting previous 'IKEv2 Notify Payload'.'next payload type' to current IKEv2 Notify Payload (41:ISAKMP_NEXT_v2N) Sep 21 07:25:30.160266: | next payload chain: saving location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet' Sep 21 07:25:30.160269: | emitting 20 raw bytes of Notify data into IKEv2 Notify Payload Sep 21 07:25:30.160271: | Notify data 6a a5 e3 dd 39 a3 2f ad a0 1a 6c c3 95 87 88 8e Sep 21 07:25:30.160273: | Notify data 4d b2 17 f7 Sep 21 07:25:30.160276: | emitting length of IKEv2 Notify Payload: 28 Sep 21 07:25:30.160278: | natd_hash: rcookie is zero Sep 21 07:25:30.160283: | natd_hash: hasher=0x557d8eaf07a0(20) Sep 21 07:25:30.160286: | natd_hash: icookie= f3 78 7a 5b f5 0a 8c a1 Sep 21 07:25:30.160288: | natd_hash: rcookie= 00 00 00 00 00 00 00 00 Sep 21 07:25:30.160290: | natd_hash: ip= c0 01 03 21 Sep 21 07:25:30.160292: | natd_hash: port= 01 f4 Sep 21 07:25:30.160294: | natd_hash: hash= 1b fe d0 11 9c f9 3e 4d 20 ab 8a 74 1c 09 af 7e Sep 21 07:25:30.160296: | natd_hash: hash= 17 3b 7a 34 Sep 21 07:25:30.160298: | Adding a v2N Payload Sep 21 07:25:30.160300: | ***emit IKEv2 Notify Payload: Sep 21 07:25:30.160302: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Sep 21 07:25:30.160305: | flags: none (0x0) Sep 21 07:25:30.160307: | Protocol ID: PROTO_v2_RESERVED (0x0) Sep 21 07:25:30.160309: | SPI size: 0 (0x0) Sep 21 07:25:30.160311: | Notify Message Type: v2N_NAT_DETECTION_DESTINATION_IP (0x4005) Sep 21 07:25:30.160314: | next payload chain: setting previous 'IKEv2 Notify Payload'.'next payload type' to current IKEv2 Notify Payload (41:ISAKMP_NEXT_v2N) Sep 21 07:25:30.160317: | next payload chain: saving location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet' Sep 21 07:25:30.160319: | emitting 20 raw bytes of Notify data into IKEv2 Notify Payload Sep 21 07:25:30.160322: | Notify data 1b fe d0 11 9c f9 3e 4d 20 ab 8a 74 1c 09 af 7e Sep 21 07:25:30.160324: | Notify data 17 3b 7a 34 Sep 21 07:25:30.160326: | emitting length of IKEv2 Notify Payload: 28 Sep 21 07:25:30.160328: | emitting length of ISAKMP Message: 440 Sep 21 07:25:30.160335: | stop processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in ikev2_parent_outI1_common() at ikev2_parent.c:817) Sep 21 07:25:30.160344: | start processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in complete_v2_state_transition() at ikev2.c:3376) Sep 21 07:25:30.160348: | #1 complete_v2_state_transition() PARENT_I0->PARENT_I1 with status STF_OK Sep 21 07:25:30.160350: | IKEv2: transition from state STATE_PARENT_I0 to state STATE_PARENT_I1 Sep 21 07:25:30.160353: | parent state #1: PARENT_I0(ignore) => PARENT_I1(half-open IKE SA) Sep 21 07:25:30.160356: | Message ID: updating counters for #1 to 4294967295 after switching state Sep 21 07:25:30.160359: | Message ID: IKE #1 skipping update_recv as MD is fake Sep 21 07:25:30.160364: | Message ID: sent #1 request 0; ike: initiator.sent=-1->0 initiator.recv=-1 responder.sent=-1 responder.recv=-1 wip.initiator=-1->0 wip.responder=-1 Sep 21 07:25:30.160367: "north-eastnets/0x2" #1: STATE_PARENT_I1: sent v2I1, expected v2R1 Sep 21 07:25:30.160371: | sending V2 reply packet to 192.1.3.33:500 (from 192.1.2.23:500) Sep 21 07:25:30.160380: | sending 440 bytes for STATE_PARENT_I0 through eth1 from 192.1.2.23:500 to 192.1.3.33:500 (using #1) Sep 21 07:25:30.160382: | f3 78 7a 5b f5 0a 8c a1 00 00 00 00 00 00 00 00 Sep 21 07:25:30.160385: | 21 20 22 08 00 00 00 00 00 00 01 b8 22 00 00 30 Sep 21 07:25:30.160387: | 00 00 00 2c 01 01 00 04 03 00 00 0c 01 00 00 0c Sep 21 07:25:30.160389: | 80 0e 01 00 03 00 00 08 02 00 00 05 03 00 00 08 Sep 21 07:25:30.160391: | 03 00 00 0c 00 00 00 08 04 00 00 0e 28 00 01 08 Sep 21 07:25:30.160393: | 00 0e 00 00 52 62 79 11 d8 ff e0 1c 14 6b fc 59 Sep 21 07:25:30.160395: | 9c 5f 0c 55 f2 11 bb 44 b2 a6 75 96 ae 08 7a 7f Sep 21 07:25:30.160397: | dc 27 3b 0e 05 13 4d f2 fe 8b 55 4f c7 44 b0 8f Sep 21 07:25:30.160400: | f1 94 7d 4b f6 a1 d6 71 cf 2c cd c7 42 77 7e fd Sep 21 07:25:30.160402: | 19 bf 88 27 3d 6d 1a 46 06 f0 60 1e 70 b2 06 74 Sep 21 07:25:30.160405: | 36 92 16 a6 8a f1 2e 73 b0 f7 97 9f 28 33 4a 98 Sep 21 07:25:30.160407: | 6b 41 5b 69 08 4e 9b b6 67 24 66 9b bb 9e a9 78 Sep 21 07:25:30.160410: | 30 c3 8c 7c 73 42 d2 e7 b3 70 f3 ec 08 1f 11 78 Sep 21 07:25:30.160412: | d6 e5 62 8a 90 87 0e 77 f9 96 20 87 26 12 b2 96 Sep 21 07:25:30.160414: | a6 35 95 02 cd de 79 02 ac a9 1e 93 f0 ce 2c 13 Sep 21 07:25:30.160416: | 77 b6 9b 8e 7e 85 a6 e2 6a ca e3 75 10 f7 b9 49 Sep 21 07:25:30.160418: | f6 77 2a 6b 2c dc ca 81 cc ae 19 b2 5a 5b 89 6f Sep 21 07:25:30.160420: | ac 7f 17 d1 29 1a 1b 6e 9e 2f 7c a2 ae 45 dc 6a Sep 21 07:25:30.160422: | ae c5 3d a7 ab 35 a2 4b e6 56 dd 82 43 d9 c0 d7 Sep 21 07:25:30.160424: | 82 a5 36 14 d1 b3 90 37 80 d7 64 74 55 7d e5 6d Sep 21 07:25:30.160427: | 5c 6d ca 31 2c 77 51 d2 6c 77 e9 29 1d a4 52 96 Sep 21 07:25:30.160429: | 6b c9 73 d0 29 00 00 24 0d 10 3e 20 f2 88 3b 5a Sep 21 07:25:30.160431: | 40 48 c4 5e 68 c4 b9 ac e6 d2 68 9b 4b 08 f3 06 Sep 21 07:25:30.160433: | e7 26 aa 40 9f 78 c0 56 29 00 00 08 00 00 40 2e Sep 21 07:25:30.160435: | 29 00 00 1c 00 00 40 04 6a a5 e3 dd 39 a3 2f ad Sep 21 07:25:30.160437: | a0 1a 6c c3 95 87 88 8e 4d b2 17 f7 00 00 00 1c Sep 21 07:25:30.160439: | 00 00 40 05 1b fe d0 11 9c f9 3e 4d 20 ab 8a 74 Sep 21 07:25:30.160441: | 1c 09 af 7e 17 3b 7a 34 Sep 21 07:25:30.160522: | state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted Sep 21 07:25:30.160527: | libevent_free: release ptr-libevent@0x557d90ac5000 Sep 21 07:25:30.160529: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x557d90ac4fc0 Sep 21 07:25:30.160532: | success_v2_state_transition scheduling EVENT_RETRANSMIT of c->r_interval=50ms Sep 21 07:25:30.160536: | event_schedule: new EVENT_RETRANSMIT-pe@0x557d90ac4fc0 Sep 21 07:25:30.160539: | inserting event EVENT_RETRANSMIT, timeout in 0.05 seconds for #1 Sep 21 07:25:30.160542: | libevent_malloc: new ptr-libevent@0x557d90ac5000 size 128 Sep 21 07:25:30.160547: | #1 STATE_PARENT_I1: retransmits: first event in 0.05 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 49376.5288 Sep 21 07:25:30.160550: | resume sending helper answer for #1 suppresed complete_v2_state_transition() and stole MD Sep 21 07:25:30.160555: | #1 spent 0.575 milliseconds in resume sending helper answer Sep 21 07:25:30.160560: | stop processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in resume_handler() at server.c:833) Sep 21 07:25:30.160563: | libevent_free: release ptr-libevent@0x7fb91c006900 Sep 21 07:25:30.177780: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721) Sep 21 07:25:30.178023: | FOR_EACH_CONNECTION_... in show_connections_status Sep 21 07:25:30.178029: | FOR_EACH_CONNECTION_... in show_connections_status Sep 21 07:25:30.178152: | FOR_EACH_STATE_... in show_states_status (sort_states) Sep 21 07:25:30.178156: | FOR_EACH_STATE_... in sort_states Sep 21 07:25:30.178177: | close_any(fd@16) (in whack_process() at rcv_whack.c:700) Sep 21 07:25:30.178186: | spent 0.41 milliseconds in whack Sep 21 07:25:30.211280: | timer_event_cb: processing event@0x557d90ac4fc0 Sep 21 07:25:30.211295: | handling event EVENT_RETRANSMIT for parent state #1 Sep 21 07:25:30.211302: | start processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in timer_event_cb() at timer.c:250) Sep 21 07:25:30.211304: | IKEv2 retransmit event Sep 21 07:25:30.211308: | [RE]START processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in retransmit_v2_msg() at retry.c:144) Sep 21 07:25:30.211311: | handling event EVENT_RETRANSMIT for 192.1.3.33 "north-eastnets/0x2" #1 attempt 2 of 0 Sep 21 07:25:30.211314: | and parent for 192.1.3.33 "north-eastnets/0x2" #1 keying attempt 1 of 0; retransmit 1 Sep 21 07:25:30.211319: | retransmits: current time 49376.579581; retransmit count 0 exceeds limit? NO; deltatime 0.05 exceeds limit? NO; monotime 0.050781 exceeds limit? NO Sep 21 07:25:30.211322: | event_schedule: new EVENT_RETRANSMIT-pe@0x7fb91c002b20 Sep 21 07:25:30.211327: | inserting event EVENT_RETRANSMIT, timeout in 0.05 seconds for #1 Sep 21 07:25:30.211330: | libevent_malloc: new ptr-libevent@0x7fb91c006900 size 128 Sep 21 07:25:30.211334: "north-eastnets/0x2" #1: STATE_PARENT_I1: retransmission; will wait 0.05 seconds for response Sep 21 07:25:30.211339: | sending 440 bytes for EVENT_RETRANSMIT through eth1 from 192.1.2.23:500 to 192.1.3.33:500 (using #1) Sep 21 07:25:30.211341: | f3 78 7a 5b f5 0a 8c a1 00 00 00 00 00 00 00 00 Sep 21 07:25:30.211342: | 21 20 22 08 00 00 00 00 00 00 01 b8 22 00 00 30 Sep 21 07:25:30.211344: | 00 00 00 2c 01 01 00 04 03 00 00 0c 01 00 00 0c Sep 21 07:25:30.211345: | 80 0e 01 00 03 00 00 08 02 00 00 05 03 00 00 08 Sep 21 07:25:30.211347: | 03 00 00 0c 00 00 00 08 04 00 00 0e 28 00 01 08 Sep 21 07:25:30.211348: | 00 0e 00 00 52 62 79 11 d8 ff e0 1c 14 6b fc 59 Sep 21 07:25:30.211350: | 9c 5f 0c 55 f2 11 bb 44 b2 a6 75 96 ae 08 7a 7f Sep 21 07:25:30.211351: | dc 27 3b 0e 05 13 4d f2 fe 8b 55 4f c7 44 b0 8f Sep 21 07:25:30.211353: | f1 94 7d 4b f6 a1 d6 71 cf 2c cd c7 42 77 7e fd Sep 21 07:25:30.211354: | 19 bf 88 27 3d 6d 1a 46 06 f0 60 1e 70 b2 06 74 Sep 21 07:25:30.211356: | 36 92 16 a6 8a f1 2e 73 b0 f7 97 9f 28 33 4a 98 Sep 21 07:25:30.211357: | 6b 41 5b 69 08 4e 9b b6 67 24 66 9b bb 9e a9 78 Sep 21 07:25:30.211359: | 30 c3 8c 7c 73 42 d2 e7 b3 70 f3 ec 08 1f 11 78 Sep 21 07:25:30.211360: | d6 e5 62 8a 90 87 0e 77 f9 96 20 87 26 12 b2 96 Sep 21 07:25:30.211362: | a6 35 95 02 cd de 79 02 ac a9 1e 93 f0 ce 2c 13 Sep 21 07:25:30.211363: | 77 b6 9b 8e 7e 85 a6 e2 6a ca e3 75 10 f7 b9 49 Sep 21 07:25:30.211365: | f6 77 2a 6b 2c dc ca 81 cc ae 19 b2 5a 5b 89 6f Sep 21 07:25:30.211367: | ac 7f 17 d1 29 1a 1b 6e 9e 2f 7c a2 ae 45 dc 6a Sep 21 07:25:30.211368: | ae c5 3d a7 ab 35 a2 4b e6 56 dd 82 43 d9 c0 d7 Sep 21 07:25:30.211370: | 82 a5 36 14 d1 b3 90 37 80 d7 64 74 55 7d e5 6d Sep 21 07:25:30.211371: | 5c 6d ca 31 2c 77 51 d2 6c 77 e9 29 1d a4 52 96 Sep 21 07:25:30.211373: | 6b c9 73 d0 29 00 00 24 0d 10 3e 20 f2 88 3b 5a Sep 21 07:25:30.211374: | 40 48 c4 5e 68 c4 b9 ac e6 d2 68 9b 4b 08 f3 06 Sep 21 07:25:30.211376: | e7 26 aa 40 9f 78 c0 56 29 00 00 08 00 00 40 2e Sep 21 07:25:30.211377: | 29 00 00 1c 00 00 40 04 6a a5 e3 dd 39 a3 2f ad Sep 21 07:25:30.211379: | a0 1a 6c c3 95 87 88 8e 4d b2 17 f7 00 00 00 1c Sep 21 07:25:30.211380: | 00 00 40 05 1b fe d0 11 9c f9 3e 4d 20 ab 8a 74 Sep 21 07:25:30.211382: | 1c 09 af 7e 17 3b 7a 34 Sep 21 07:25:30.211422: | libevent_free: release ptr-libevent@0x557d90ac5000 Sep 21 07:25:30.211425: | free_event_entry: release EVENT_RETRANSMIT-pe@0x557d90ac4fc0 Sep 21 07:25:30.211430: | #1 spent 0.129 milliseconds in timer_event_cb() EVENT_RETRANSMIT Sep 21 07:25:30.211434: | stop processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in timer_event_cb() at timer.c:557) Sep 21 07:25:30.262569: | timer_event_cb: processing event@0x7fb91c002b20 Sep 21 07:25:30.262584: | handling event EVENT_RETRANSMIT for parent state #1 Sep 21 07:25:30.262591: | start processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in timer_event_cb() at timer.c:250) Sep 21 07:25:30.262594: | IKEv2 retransmit event Sep 21 07:25:30.262597: | [RE]START processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in retransmit_v2_msg() at retry.c:144) Sep 21 07:25:30.262600: | handling event EVENT_RETRANSMIT for 192.1.3.33 "north-eastnets/0x2" #1 attempt 2 of 0 Sep 21 07:25:30.262602: | and parent for 192.1.3.33 "north-eastnets/0x2" #1 keying attempt 1 of 0; retransmit 2 Sep 21 07:25:30.262607: | retransmits: current time 49376.630869; retransmit count 1 exceeds limit? NO; deltatime 0.1 exceeds limit? NO; monotime 0.102069 exceeds limit? NO Sep 21 07:25:30.262609: | event_schedule: new EVENT_RETRANSMIT-pe@0x557d90ac4fc0 Sep 21 07:25:30.262612: | inserting event EVENT_RETRANSMIT, timeout in 0.1 seconds for #1 Sep 21 07:25:30.262618: | libevent_malloc: new ptr-libevent@0x557d90ac5000 size 128 Sep 21 07:25:30.262621: "north-eastnets/0x2" #1: STATE_PARENT_I1: retransmission; will wait 0.1 seconds for response Sep 21 07:25:30.262626: | sending 440 bytes for EVENT_RETRANSMIT through eth1 from 192.1.2.23:500 to 192.1.3.33:500 (using #1) Sep 21 07:25:30.262627: | f3 78 7a 5b f5 0a 8c a1 00 00 00 00 00 00 00 00 Sep 21 07:25:30.262629: | 21 20 22 08 00 00 00 00 00 00 01 b8 22 00 00 30 Sep 21 07:25:30.262630: | 00 00 00 2c 01 01 00 04 03 00 00 0c 01 00 00 0c Sep 21 07:25:30.262632: | 80 0e 01 00 03 00 00 08 02 00 00 05 03 00 00 08 Sep 21 07:25:30.262633: | 03 00 00 0c 00 00 00 08 04 00 00 0e 28 00 01 08 Sep 21 07:25:30.262635: | 00 0e 00 00 52 62 79 11 d8 ff e0 1c 14 6b fc 59 Sep 21 07:25:30.262637: | 9c 5f 0c 55 f2 11 bb 44 b2 a6 75 96 ae 08 7a 7f Sep 21 07:25:30.262639: | dc 27 3b 0e 05 13 4d f2 fe 8b 55 4f c7 44 b0 8f Sep 21 07:25:30.262642: | f1 94 7d 4b f6 a1 d6 71 cf 2c cd c7 42 77 7e fd Sep 21 07:25:30.262644: | 19 bf 88 27 3d 6d 1a 46 06 f0 60 1e 70 b2 06 74 Sep 21 07:25:30.262646: | 36 92 16 a6 8a f1 2e 73 b0 f7 97 9f 28 33 4a 98 Sep 21 07:25:30.262648: | 6b 41 5b 69 08 4e 9b b6 67 24 66 9b bb 9e a9 78 Sep 21 07:25:30.262650: | 30 c3 8c 7c 73 42 d2 e7 b3 70 f3 ec 08 1f 11 78 Sep 21 07:25:30.262653: | d6 e5 62 8a 90 87 0e 77 f9 96 20 87 26 12 b2 96 Sep 21 07:25:30.262655: | a6 35 95 02 cd de 79 02 ac a9 1e 93 f0 ce 2c 13 Sep 21 07:25:30.262657: | 77 b6 9b 8e 7e 85 a6 e2 6a ca e3 75 10 f7 b9 49 Sep 21 07:25:30.262659: | f6 77 2a 6b 2c dc ca 81 cc ae 19 b2 5a 5b 89 6f Sep 21 07:25:30.262666: | ac 7f 17 d1 29 1a 1b 6e 9e 2f 7c a2 ae 45 dc 6a Sep 21 07:25:30.262668: | ae c5 3d a7 ab 35 a2 4b e6 56 dd 82 43 d9 c0 d7 Sep 21 07:25:30.262670: | 82 a5 36 14 d1 b3 90 37 80 d7 64 74 55 7d e5 6d Sep 21 07:25:30.262672: | 5c 6d ca 31 2c 77 51 d2 6c 77 e9 29 1d a4 52 96 Sep 21 07:25:30.262675: | 6b c9 73 d0 29 00 00 24 0d 10 3e 20 f2 88 3b 5a Sep 21 07:25:30.262677: | 40 48 c4 5e 68 c4 b9 ac e6 d2 68 9b 4b 08 f3 06 Sep 21 07:25:30.262679: | e7 26 aa 40 9f 78 c0 56 29 00 00 08 00 00 40 2e Sep 21 07:25:30.262681: | 29 00 00 1c 00 00 40 04 6a a5 e3 dd 39 a3 2f ad Sep 21 07:25:30.262683: | a0 1a 6c c3 95 87 88 8e 4d b2 17 f7 00 00 00 1c Sep 21 07:25:30.262686: | 00 00 40 05 1b fe d0 11 9c f9 3e 4d 20 ab 8a 74 Sep 21 07:25:30.262688: | 1c 09 af 7e 17 3b 7a 34 Sep 21 07:25:30.262736: | libevent_free: release ptr-libevent@0x7fb91c006900 Sep 21 07:25:30.262741: | free_event_entry: release EVENT_RETRANSMIT-pe@0x7fb91c002b20 Sep 21 07:25:30.262748: | #1 spent 0.153 milliseconds in timer_event_cb() EVENT_RETRANSMIT Sep 21 07:25:30.262753: | stop processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in timer_event_cb() at timer.c:557) Sep 21 07:25:30.362836: | timer_event_cb: processing event@0x557d90ac4fc0 Sep 21 07:25:30.362849: | handling event EVENT_RETRANSMIT for parent state #1 Sep 21 07:25:30.362855: | start processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in timer_event_cb() at timer.c:250) Sep 21 07:25:30.362857: | IKEv2 retransmit event Sep 21 07:25:30.362860: | [RE]START processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in retransmit_v2_msg() at retry.c:144) Sep 21 07:25:30.362863: | handling event EVENT_RETRANSMIT for 192.1.3.33 "north-eastnets/0x2" #1 attempt 2 of 0 Sep 21 07:25:30.362866: | and parent for 192.1.3.33 "north-eastnets/0x2" #1 keying attempt 1 of 0; retransmit 3 Sep 21 07:25:30.362871: | retransmits: current time 49376.731133; retransmit count 2 exceeds limit? NO; deltatime 0.2 exceeds limit? NO; monotime 0.202333 exceeds limit? NO Sep 21 07:25:30.362873: | event_schedule: new EVENT_RETRANSMIT-pe@0x7fb91c002b20 Sep 21 07:25:30.362876: | inserting event EVENT_RETRANSMIT, timeout in 0.2 seconds for #1 Sep 21 07:25:30.362878: | libevent_malloc: new ptr-libevent@0x7fb91c006900 size 128 Sep 21 07:25:30.362882: "north-eastnets/0x2" #1: STATE_PARENT_I1: retransmission; will wait 0.2 seconds for response Sep 21 07:25:30.362889: | sending 440 bytes for EVENT_RETRANSMIT through eth1 from 192.1.2.23:500 to 192.1.3.33:500 (using #1) Sep 21 07:25:30.362891: | f3 78 7a 5b f5 0a 8c a1 00 00 00 00 00 00 00 00 Sep 21 07:25:30.362893: | 21 20 22 08 00 00 00 00 00 00 01 b8 22 00 00 30 Sep 21 07:25:30.362894: | 00 00 00 2c 01 01 00 04 03 00 00 0c 01 00 00 0c Sep 21 07:25:30.362896: | 80 0e 01 00 03 00 00 08 02 00 00 05 03 00 00 08 Sep 21 07:25:30.362897: | 03 00 00 0c 00 00 00 08 04 00 00 0e 28 00 01 08 Sep 21 07:25:30.362898: | 00 0e 00 00 52 62 79 11 d8 ff e0 1c 14 6b fc 59 Sep 21 07:25:30.362900: | 9c 5f 0c 55 f2 11 bb 44 b2 a6 75 96 ae 08 7a 7f Sep 21 07:25:30.362901: | dc 27 3b 0e 05 13 4d f2 fe 8b 55 4f c7 44 b0 8f Sep 21 07:25:30.362903: | f1 94 7d 4b f6 a1 d6 71 cf 2c cd c7 42 77 7e fd Sep 21 07:25:30.362904: | 19 bf 88 27 3d 6d 1a 46 06 f0 60 1e 70 b2 06 74 Sep 21 07:25:30.362906: | 36 92 16 a6 8a f1 2e 73 b0 f7 97 9f 28 33 4a 98 Sep 21 07:25:30.362907: | 6b 41 5b 69 08 4e 9b b6 67 24 66 9b bb 9e a9 78 Sep 21 07:25:30.362908: | 30 c3 8c 7c 73 42 d2 e7 b3 70 f3 ec 08 1f 11 78 Sep 21 07:25:30.362910: | d6 e5 62 8a 90 87 0e 77 f9 96 20 87 26 12 b2 96 Sep 21 07:25:30.362911: | a6 35 95 02 cd de 79 02 ac a9 1e 93 f0 ce 2c 13 Sep 21 07:25:30.362913: | 77 b6 9b 8e 7e 85 a6 e2 6a ca e3 75 10 f7 b9 49 Sep 21 07:25:30.362914: | f6 77 2a 6b 2c dc ca 81 cc ae 19 b2 5a 5b 89 6f Sep 21 07:25:30.362916: | ac 7f 17 d1 29 1a 1b 6e 9e 2f 7c a2 ae 45 dc 6a Sep 21 07:25:30.362917: | ae c5 3d a7 ab 35 a2 4b e6 56 dd 82 43 d9 c0 d7 Sep 21 07:25:30.362918: | 82 a5 36 14 d1 b3 90 37 80 d7 64 74 55 7d e5 6d Sep 21 07:25:30.362920: | 5c 6d ca 31 2c 77 51 d2 6c 77 e9 29 1d a4 52 96 Sep 21 07:25:30.362921: | 6b c9 73 d0 29 00 00 24 0d 10 3e 20 f2 88 3b 5a Sep 21 07:25:30.362923: | 40 48 c4 5e 68 c4 b9 ac e6 d2 68 9b 4b 08 f3 06 Sep 21 07:25:30.362924: | e7 26 aa 40 9f 78 c0 56 29 00 00 08 00 00 40 2e Sep 21 07:25:30.362925: | 29 00 00 1c 00 00 40 04 6a a5 e3 dd 39 a3 2f ad Sep 21 07:25:30.362927: | a0 1a 6c c3 95 87 88 8e 4d b2 17 f7 00 00 00 1c Sep 21 07:25:30.362928: | 00 00 40 05 1b fe d0 11 9c f9 3e 4d 20 ab 8a 74 Sep 21 07:25:30.362930: | 1c 09 af 7e 17 3b 7a 34 Sep 21 07:25:30.362967: | libevent_free: release ptr-libevent@0x557d90ac5000 Sep 21 07:25:30.362970: | free_event_entry: release EVENT_RETRANSMIT-pe@0x557d90ac4fc0 Sep 21 07:25:30.362976: | #1 spent 0.121 milliseconds in timer_event_cb() EVENT_RETRANSMIT Sep 21 07:25:30.362979: | stop processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in timer_event_cb() at timer.c:557) Sep 21 07:25:30.564262: | timer_event_cb: processing event@0x7fb91c002b20 Sep 21 07:25:30.564281: | handling event EVENT_RETRANSMIT for parent state #1 Sep 21 07:25:30.564290: | start processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in timer_event_cb() at timer.c:250) Sep 21 07:25:30.564294: | IKEv2 retransmit event Sep 21 07:25:30.564300: | [RE]START processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in retransmit_v2_msg() at retry.c:144) Sep 21 07:25:30.564306: | handling event EVENT_RETRANSMIT for 192.1.3.33 "north-eastnets/0x2" #1 attempt 2 of 0 Sep 21 07:25:30.564311: | and parent for 192.1.3.33 "north-eastnets/0x2" #1 keying attempt 1 of 0; retransmit 4 Sep 21 07:25:30.564318: | retransmits: current time 49376.932578; retransmit count 3 exceeds limit? NO; deltatime 0.4 exceeds limit? NO; monotime 0.403778 exceeds limit? NO Sep 21 07:25:30.564323: | event_schedule: new EVENT_RETRANSMIT-pe@0x557d90ac4fc0 Sep 21 07:25:30.564327: | inserting event EVENT_RETRANSMIT, timeout in 0.4 seconds for #1 Sep 21 07:25:30.564331: | libevent_malloc: new ptr-libevent@0x557d90ac5000 size 128 Sep 21 07:25:30.564336: "north-eastnets/0x2" #1: STATE_PARENT_I1: retransmission; will wait 0.4 seconds for response Sep 21 07:25:30.564343: | sending 440 bytes for EVENT_RETRANSMIT through eth1 from 192.1.2.23:500 to 192.1.3.33:500 (using #1) Sep 21 07:25:30.564351: | f3 78 7a 5b f5 0a 8c a1 00 00 00 00 00 00 00 00 Sep 21 07:25:30.564354: | 21 20 22 08 00 00 00 00 00 00 01 b8 22 00 00 30 Sep 21 07:25:30.564357: | 00 00 00 2c 01 01 00 04 03 00 00 0c 01 00 00 0c Sep 21 07:25:30.564360: | 80 0e 01 00 03 00 00 08 02 00 00 05 03 00 00 08 Sep 21 07:25:30.564363: | 03 00 00 0c 00 00 00 08 04 00 00 0e 28 00 01 08 Sep 21 07:25:30.564365: | 00 0e 00 00 52 62 79 11 d8 ff e0 1c 14 6b fc 59 Sep 21 07:25:30.564368: | 9c 5f 0c 55 f2 11 bb 44 b2 a6 75 96 ae 08 7a 7f Sep 21 07:25:30.564371: | dc 27 3b 0e 05 13 4d f2 fe 8b 55 4f c7 44 b0 8f Sep 21 07:25:30.564374: | f1 94 7d 4b f6 a1 d6 71 cf 2c cd c7 42 77 7e fd Sep 21 07:25:30.564376: | 19 bf 88 27 3d 6d 1a 46 06 f0 60 1e 70 b2 06 74 Sep 21 07:25:30.564379: | 36 92 16 a6 8a f1 2e 73 b0 f7 97 9f 28 33 4a 98 Sep 21 07:25:30.564382: | 6b 41 5b 69 08 4e 9b b6 67 24 66 9b bb 9e a9 78 Sep 21 07:25:30.564385: | 30 c3 8c 7c 73 42 d2 e7 b3 70 f3 ec 08 1f 11 78 Sep 21 07:25:30.564387: | d6 e5 62 8a 90 87 0e 77 f9 96 20 87 26 12 b2 96 Sep 21 07:25:30.564390: | a6 35 95 02 cd de 79 02 ac a9 1e 93 f0 ce 2c 13 Sep 21 07:25:30.564393: | 77 b6 9b 8e 7e 85 a6 e2 6a ca e3 75 10 f7 b9 49 Sep 21 07:25:30.564396: | f6 77 2a 6b 2c dc ca 81 cc ae 19 b2 5a 5b 89 6f Sep 21 07:25:30.564398: | ac 7f 17 d1 29 1a 1b 6e 9e 2f 7c a2 ae 45 dc 6a Sep 21 07:25:30.564401: | ae c5 3d a7 ab 35 a2 4b e6 56 dd 82 43 d9 c0 d7 Sep 21 07:25:30.564404: | 82 a5 36 14 d1 b3 90 37 80 d7 64 74 55 7d e5 6d Sep 21 07:25:30.564407: | 5c 6d ca 31 2c 77 51 d2 6c 77 e9 29 1d a4 52 96 Sep 21 07:25:30.564409: | 6b c9 73 d0 29 00 00 24 0d 10 3e 20 f2 88 3b 5a Sep 21 07:25:30.564412: | 40 48 c4 5e 68 c4 b9 ac e6 d2 68 9b 4b 08 f3 06 Sep 21 07:25:30.564415: | e7 26 aa 40 9f 78 c0 56 29 00 00 08 00 00 40 2e Sep 21 07:25:30.564418: | 29 00 00 1c 00 00 40 04 6a a5 e3 dd 39 a3 2f ad Sep 21 07:25:30.564421: | a0 1a 6c c3 95 87 88 8e 4d b2 17 f7 00 00 00 1c Sep 21 07:25:30.564423: | 00 00 40 05 1b fe d0 11 9c f9 3e 4d 20 ab 8a 74 Sep 21 07:25:30.564426: | 1c 09 af 7e 17 3b 7a 34 Sep 21 07:25:30.564474: | libevent_free: release ptr-libevent@0x7fb91c006900 Sep 21 07:25:30.564479: | free_event_entry: release EVENT_RETRANSMIT-pe@0x7fb91c002b20 Sep 21 07:25:30.564488: | #1 spent 0.202 milliseconds in timer_event_cb() EVENT_RETRANSMIT Sep 21 07:25:30.564494: | stop processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in timer_event_cb() at timer.c:557) Sep 21 07:25:30.964803: | timer_event_cb: processing event@0x557d90ac4fc0 Sep 21 07:25:30.964819: | handling event EVENT_RETRANSMIT for parent state #1 Sep 21 07:25:30.964827: | start processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in timer_event_cb() at timer.c:250) Sep 21 07:25:30.964831: | IKEv2 retransmit event Sep 21 07:25:30.964836: | [RE]START processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in retransmit_v2_msg() at retry.c:144) Sep 21 07:25:30.964840: | handling event EVENT_RETRANSMIT for 192.1.3.33 "north-eastnets/0x2" #1 attempt 2 of 0 Sep 21 07:25:30.964844: | and parent for 192.1.3.33 "north-eastnets/0x2" #1 keying attempt 1 of 0; retransmit 5 Sep 21 07:25:30.964851: | retransmits: current time 49377.333112; retransmit count 4 exceeds limit? NO; deltatime 0.8 exceeds limit? NO; monotime 0.804312 exceeds limit? NO Sep 21 07:25:30.964854: | event_schedule: new EVENT_RETRANSMIT-pe@0x7fb91c002b20 Sep 21 07:25:30.964858: | inserting event EVENT_RETRANSMIT, timeout in 0.8 seconds for #1 Sep 21 07:25:30.964862: | libevent_malloc: new ptr-libevent@0x7fb91c006900 size 128 Sep 21 07:25:30.964866: "north-eastnets/0x2" #1: STATE_PARENT_I1: retransmission; will wait 0.8 seconds for response Sep 21 07:25:30.964873: | sending 440 bytes for EVENT_RETRANSMIT through eth1 from 192.1.2.23:500 to 192.1.3.33:500 (using #1) Sep 21 07:25:30.964876: | f3 78 7a 5b f5 0a 8c a1 00 00 00 00 00 00 00 00 Sep 21 07:25:30.964882: | 21 20 22 08 00 00 00 00 00 00 01 b8 22 00 00 30 Sep 21 07:25:30.964884: | 00 00 00 2c 01 01 00 04 03 00 00 0c 01 00 00 0c Sep 21 07:25:30.964886: | 80 0e 01 00 03 00 00 08 02 00 00 05 03 00 00 08 Sep 21 07:25:30.964888: | 03 00 00 0c 00 00 00 08 04 00 00 0e 28 00 01 08 Sep 21 07:25:30.964890: | 00 0e 00 00 52 62 79 11 d8 ff e0 1c 14 6b fc 59 Sep 21 07:25:30.964892: | 9c 5f 0c 55 f2 11 bb 44 b2 a6 75 96 ae 08 7a 7f Sep 21 07:25:30.964894: | dc 27 3b 0e 05 13 4d f2 fe 8b 55 4f c7 44 b0 8f Sep 21 07:25:30.964897: | f1 94 7d 4b f6 a1 d6 71 cf 2c cd c7 42 77 7e fd Sep 21 07:25:30.964899: | 19 bf 88 27 3d 6d 1a 46 06 f0 60 1e 70 b2 06 74 Sep 21 07:25:30.964901: | 36 92 16 a6 8a f1 2e 73 b0 f7 97 9f 28 33 4a 98 Sep 21 07:25:30.964903: | 6b 41 5b 69 08 4e 9b b6 67 24 66 9b bb 9e a9 78 Sep 21 07:25:30.964905: | 30 c3 8c 7c 73 42 d2 e7 b3 70 f3 ec 08 1f 11 78 Sep 21 07:25:30.964908: | d6 e5 62 8a 90 87 0e 77 f9 96 20 87 26 12 b2 96 Sep 21 07:25:30.964910: | a6 35 95 02 cd de 79 02 ac a9 1e 93 f0 ce 2c 13 Sep 21 07:25:30.964912: | 77 b6 9b 8e 7e 85 a6 e2 6a ca e3 75 10 f7 b9 49 Sep 21 07:25:30.964914: | f6 77 2a 6b 2c dc ca 81 cc ae 19 b2 5a 5b 89 6f Sep 21 07:25:30.964916: | ac 7f 17 d1 29 1a 1b 6e 9e 2f 7c a2 ae 45 dc 6a Sep 21 07:25:30.964919: | ae c5 3d a7 ab 35 a2 4b e6 56 dd 82 43 d9 c0 d7 Sep 21 07:25:30.964921: | 82 a5 36 14 d1 b3 90 37 80 d7 64 74 55 7d e5 6d Sep 21 07:25:30.964923: | 5c 6d ca 31 2c 77 51 d2 6c 77 e9 29 1d a4 52 96 Sep 21 07:25:30.964925: | 6b c9 73 d0 29 00 00 24 0d 10 3e 20 f2 88 3b 5a Sep 21 07:25:30.964928: | 40 48 c4 5e 68 c4 b9 ac e6 d2 68 9b 4b 08 f3 06 Sep 21 07:25:30.964930: | e7 26 aa 40 9f 78 c0 56 29 00 00 08 00 00 40 2e Sep 21 07:25:30.964932: | 29 00 00 1c 00 00 40 04 6a a5 e3 dd 39 a3 2f ad Sep 21 07:25:30.964935: | a0 1a 6c c3 95 87 88 8e 4d b2 17 f7 00 00 00 1c Sep 21 07:25:30.964938: | 00 00 40 05 1b fe d0 11 9c f9 3e 4d 20 ab 8a 74 Sep 21 07:25:30.964940: | 1c 09 af 7e 17 3b 7a 34 Sep 21 07:25:30.964989: | libevent_free: release ptr-libevent@0x557d90ac5000 Sep 21 07:25:30.964994: | free_event_entry: release EVENT_RETRANSMIT-pe@0x557d90ac4fc0 Sep 21 07:25:30.965002: | #1 spent 0.173 milliseconds in timer_event_cb() EVENT_RETRANSMIT Sep 21 07:25:30.965007: | stop processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in timer_event_cb() at timer.c:557) Sep 21 07:25:31.765808: | timer_event_cb: processing event@0x7fb91c002b20 Sep 21 07:25:31.765825: | handling event EVENT_RETRANSMIT for parent state #1 Sep 21 07:25:31.765832: | start processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in timer_event_cb() at timer.c:250) Sep 21 07:25:31.765835: | IKEv2 retransmit event Sep 21 07:25:31.765838: | [RE]START processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in retransmit_v2_msg() at retry.c:144) Sep 21 07:25:31.765841: | handling event EVENT_RETRANSMIT for 192.1.3.33 "north-eastnets/0x2" #1 attempt 2 of 0 Sep 21 07:25:31.765843: | and parent for 192.1.3.33 "north-eastnets/0x2" #1 keying attempt 1 of 0; retransmit 6 Sep 21 07:25:31.765848: | retransmits: current time 49378.134111; retransmit count 5 exceeds limit? NO; deltatime 1.6 exceeds limit? NO; monotime 1.605311 exceeds limit? NO Sep 21 07:25:31.765851: | event_schedule: new EVENT_RETRANSMIT-pe@0x557d90ac4fc0 Sep 21 07:25:31.765855: | inserting event EVENT_RETRANSMIT, timeout in 1.6 seconds for #1 Sep 21 07:25:31.765858: | libevent_malloc: new ptr-libevent@0x557d90ac5000 size 128 Sep 21 07:25:31.765864: "north-eastnets/0x2" #1: STATE_PARENT_I1: retransmission; will wait 1.6 seconds for response Sep 21 07:25:31.765871: | sending 440 bytes for EVENT_RETRANSMIT through eth1 from 192.1.2.23:500 to 192.1.3.33:500 (using #1) Sep 21 07:25:31.765874: | f3 78 7a 5b f5 0a 8c a1 00 00 00 00 00 00 00 00 Sep 21 07:25:31.765877: | 21 20 22 08 00 00 00 00 00 00 01 b8 22 00 00 30 Sep 21 07:25:31.765880: | 00 00 00 2c 01 01 00 04 03 00 00 0c 01 00 00 0c Sep 21 07:25:31.765886: | 80 0e 01 00 03 00 00 08 02 00 00 05 03 00 00 08 Sep 21 07:25:31.765888: | 03 00 00 0c 00 00 00 08 04 00 00 0e 28 00 01 08 Sep 21 07:25:31.765891: | 00 0e 00 00 52 62 79 11 d8 ff e0 1c 14 6b fc 59 Sep 21 07:25:31.765893: | 9c 5f 0c 55 f2 11 bb 44 b2 a6 75 96 ae 08 7a 7f Sep 21 07:25:31.765895: | dc 27 3b 0e 05 13 4d f2 fe 8b 55 4f c7 44 b0 8f Sep 21 07:25:31.765898: | f1 94 7d 4b f6 a1 d6 71 cf 2c cd c7 42 77 7e fd Sep 21 07:25:31.765900: | 19 bf 88 27 3d 6d 1a 46 06 f0 60 1e 70 b2 06 74 Sep 21 07:25:31.765902: | 36 92 16 a6 8a f1 2e 73 b0 f7 97 9f 28 33 4a 98 Sep 21 07:25:31.765905: | 6b 41 5b 69 08 4e 9b b6 67 24 66 9b bb 9e a9 78 Sep 21 07:25:31.765907: | 30 c3 8c 7c 73 42 d2 e7 b3 70 f3 ec 08 1f 11 78 Sep 21 07:25:31.765909: | d6 e5 62 8a 90 87 0e 77 f9 96 20 87 26 12 b2 96 Sep 21 07:25:31.765911: | a6 35 95 02 cd de 79 02 ac a9 1e 93 f0 ce 2c 13 Sep 21 07:25:31.765913: | 77 b6 9b 8e 7e 85 a6 e2 6a ca e3 75 10 f7 b9 49 Sep 21 07:25:31.765916: | f6 77 2a 6b 2c dc ca 81 cc ae 19 b2 5a 5b 89 6f Sep 21 07:25:31.765918: | ac 7f 17 d1 29 1a 1b 6e 9e 2f 7c a2 ae 45 dc 6a Sep 21 07:25:31.765920: | ae c5 3d a7 ab 35 a2 4b e6 56 dd 82 43 d9 c0 d7 Sep 21 07:25:31.765922: | 82 a5 36 14 d1 b3 90 37 80 d7 64 74 55 7d e5 6d Sep 21 07:25:31.765924: | 5c 6d ca 31 2c 77 51 d2 6c 77 e9 29 1d a4 52 96 Sep 21 07:25:31.765927: | 6b c9 73 d0 29 00 00 24 0d 10 3e 20 f2 88 3b 5a Sep 21 07:25:31.765929: | 40 48 c4 5e 68 c4 b9 ac e6 d2 68 9b 4b 08 f3 06 Sep 21 07:25:31.765931: | e7 26 aa 40 9f 78 c0 56 29 00 00 08 00 00 40 2e Sep 21 07:25:31.765933: | 29 00 00 1c 00 00 40 04 6a a5 e3 dd 39 a3 2f ad Sep 21 07:25:31.765936: | a0 1a 6c c3 95 87 88 8e 4d b2 17 f7 00 00 00 1c Sep 21 07:25:31.765938: | 00 00 40 05 1b fe d0 11 9c f9 3e 4d 20 ab 8a 74 Sep 21 07:25:31.765940: | 1c 09 af 7e 17 3b 7a 34 Sep 21 07:25:31.765993: | libevent_free: release ptr-libevent@0x7fb91c006900 Sep 21 07:25:31.765997: | free_event_entry: release EVENT_RETRANSMIT-pe@0x7fb91c002b20 Sep 21 07:25:31.766005: | #1 spent 0.169 milliseconds in timer_event_cb() EVENT_RETRANSMIT Sep 21 07:25:31.766010: | stop processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in timer_event_cb() at timer.c:557) Sep 21 07:25:33.366839: | timer_event_cb: processing event@0x557d90ac4fc0 Sep 21 07:25:33.366868: | handling event EVENT_RETRANSMIT for parent state #1 Sep 21 07:25:33.366874: | start processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in timer_event_cb() at timer.c:250) Sep 21 07:25:33.366877: | IKEv2 retransmit event Sep 21 07:25:33.366880: | [RE]START processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in retransmit_v2_msg() at retry.c:144) Sep 21 07:25:33.366883: | handling event EVENT_RETRANSMIT for 192.1.3.33 "north-eastnets/0x2" #1 attempt 2 of 0 Sep 21 07:25:33.366885: | and parent for 192.1.3.33 "north-eastnets/0x2" #1 keying attempt 1 of 0; retransmit 7 Sep 21 07:25:33.366890: | retransmits: current time 49379.735153; retransmit count 6 exceeds limit? NO; deltatime 3.2 exceeds limit? NO; monotime 3.206353 exceeds limit? NO Sep 21 07:25:33.366893: | event_schedule: new EVENT_RETRANSMIT-pe@0x7fb91c002b20 Sep 21 07:25:33.366895: | inserting event EVENT_RETRANSMIT, timeout in 3.2 seconds for #1 Sep 21 07:25:33.366898: | libevent_malloc: new ptr-libevent@0x7fb91c006900 size 128 Sep 21 07:25:33.366901: "north-eastnets/0x2" #1: STATE_PARENT_I1: retransmission; will wait 3.2 seconds for response Sep 21 07:25:33.366905: | sending 440 bytes for EVENT_RETRANSMIT through eth1 from 192.1.2.23:500 to 192.1.3.33:500 (using #1) Sep 21 07:25:33.366907: | f3 78 7a 5b f5 0a 8c a1 00 00 00 00 00 00 00 00 Sep 21 07:25:33.366909: | 21 20 22 08 00 00 00 00 00 00 01 b8 22 00 00 30 Sep 21 07:25:33.366910: | 00 00 00 2c 01 01 00 04 03 00 00 0c 01 00 00 0c Sep 21 07:25:33.366911: | 80 0e 01 00 03 00 00 08 02 00 00 05 03 00 00 08 Sep 21 07:25:33.366916: | 03 00 00 0c 00 00 00 08 04 00 00 0e 28 00 01 08 Sep 21 07:25:33.366918: | 00 0e 00 00 52 62 79 11 d8 ff e0 1c 14 6b fc 59 Sep 21 07:25:33.366919: | 9c 5f 0c 55 f2 11 bb 44 b2 a6 75 96 ae 08 7a 7f Sep 21 07:25:33.366921: | dc 27 3b 0e 05 13 4d f2 fe 8b 55 4f c7 44 b0 8f Sep 21 07:25:33.366922: | f1 94 7d 4b f6 a1 d6 71 cf 2c cd c7 42 77 7e fd Sep 21 07:25:33.366924: | 19 bf 88 27 3d 6d 1a 46 06 f0 60 1e 70 b2 06 74 Sep 21 07:25:33.366925: | 36 92 16 a6 8a f1 2e 73 b0 f7 97 9f 28 33 4a 98 Sep 21 07:25:33.366926: | 6b 41 5b 69 08 4e 9b b6 67 24 66 9b bb 9e a9 78 Sep 21 07:25:33.366928: | 30 c3 8c 7c 73 42 d2 e7 b3 70 f3 ec 08 1f 11 78 Sep 21 07:25:33.366929: | d6 e5 62 8a 90 87 0e 77 f9 96 20 87 26 12 b2 96 Sep 21 07:25:33.366931: | a6 35 95 02 cd de 79 02 ac a9 1e 93 f0 ce 2c 13 Sep 21 07:25:33.366932: | 77 b6 9b 8e 7e 85 a6 e2 6a ca e3 75 10 f7 b9 49 Sep 21 07:25:33.366933: | f6 77 2a 6b 2c dc ca 81 cc ae 19 b2 5a 5b 89 6f Sep 21 07:25:33.366935: | ac 7f 17 d1 29 1a 1b 6e 9e 2f 7c a2 ae 45 dc 6a Sep 21 07:25:33.366936: | ae c5 3d a7 ab 35 a2 4b e6 56 dd 82 43 d9 c0 d7 Sep 21 07:25:33.366938: | 82 a5 36 14 d1 b3 90 37 80 d7 64 74 55 7d e5 6d Sep 21 07:25:33.366939: | 5c 6d ca 31 2c 77 51 d2 6c 77 e9 29 1d a4 52 96 Sep 21 07:25:33.366940: | 6b c9 73 d0 29 00 00 24 0d 10 3e 20 f2 88 3b 5a Sep 21 07:25:33.366942: | 40 48 c4 5e 68 c4 b9 ac e6 d2 68 9b 4b 08 f3 06 Sep 21 07:25:33.366943: | e7 26 aa 40 9f 78 c0 56 29 00 00 08 00 00 40 2e Sep 21 07:25:33.366945: | 29 00 00 1c 00 00 40 04 6a a5 e3 dd 39 a3 2f ad Sep 21 07:25:33.366946: | a0 1a 6c c3 95 87 88 8e 4d b2 17 f7 00 00 00 1c Sep 21 07:25:33.366947: | 00 00 40 05 1b fe d0 11 9c f9 3e 4d 20 ab 8a 74 Sep 21 07:25:33.366949: | 1c 09 af 7e 17 3b 7a 34 Sep 21 07:25:33.366984: | libevent_free: release ptr-libevent@0x557d90ac5000 Sep 21 07:25:33.366986: | free_event_entry: release EVENT_RETRANSMIT-pe@0x557d90ac4fc0 Sep 21 07:25:33.366993: | #1 spent 0.136 milliseconds in timer_event_cb() EVENT_RETRANSMIT Sep 21 07:25:33.366996: | stop processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in timer_event_cb() at timer.c:557) Sep 21 07:25:36.587800: | timer_event_cb: processing event@0x7fb91c002b20 Sep 21 07:25:36.587820: | handling event EVENT_RETRANSMIT for parent state #1 Sep 21 07:25:36.587829: | start processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in timer_event_cb() at timer.c:250) Sep 21 07:25:36.587832: | IKEv2 retransmit event Sep 21 07:25:36.587837: | [RE]START processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in retransmit_v2_msg() at retry.c:144) Sep 21 07:25:36.587842: | handling event EVENT_RETRANSMIT for 192.1.3.33 "north-eastnets/0x2" #1 attempt 2 of 0 Sep 21 07:25:36.587846: | and parent for 192.1.3.33 "north-eastnets/0x2" #1 keying attempt 1 of 0; retransmit 8 Sep 21 07:25:36.587853: | retransmits: current time 49382.956114; retransmit count 7 exceeds limit? NO; deltatime 6.4 exceeds limit? NO; monotime 6.427314 exceeds limit? NO Sep 21 07:25:36.587857: | event_schedule: new EVENT_RETRANSMIT-pe@0x557d90ac4fc0 Sep 21 07:25:36.587861: | inserting event EVENT_RETRANSMIT, timeout in 6.4 seconds for #1 Sep 21 07:25:36.587864: | libevent_malloc: new ptr-libevent@0x557d90ac5000 size 128 Sep 21 07:25:36.587869: "north-eastnets/0x2" #1: STATE_PARENT_I1: retransmission; will wait 6.4 seconds for response Sep 21 07:25:36.587875: | sending 440 bytes for EVENT_RETRANSMIT through eth1 from 192.1.2.23:500 to 192.1.3.33:500 (using #1) Sep 21 07:25:36.587878: | f3 78 7a 5b f5 0a 8c a1 00 00 00 00 00 00 00 00 Sep 21 07:25:36.587880: | 21 20 22 08 00 00 00 00 00 00 01 b8 22 00 00 30 Sep 21 07:25:36.587883: | 00 00 00 2c 01 01 00 04 03 00 00 0c 01 00 00 0c Sep 21 07:25:36.587885: | 80 0e 01 00 03 00 00 08 02 00 00 05 03 00 00 08 Sep 21 07:25:36.587887: | 03 00 00 0c 00 00 00 08 04 00 00 0e 28 00 01 08 Sep 21 07:25:36.587889: | 00 0e 00 00 52 62 79 11 d8 ff e0 1c 14 6b fc 59 Sep 21 07:25:36.587896: | 9c 5f 0c 55 f2 11 bb 44 b2 a6 75 96 ae 08 7a 7f Sep 21 07:25:36.587898: | dc 27 3b 0e 05 13 4d f2 fe 8b 55 4f c7 44 b0 8f Sep 21 07:25:36.587901: | f1 94 7d 4b f6 a1 d6 71 cf 2c cd c7 42 77 7e fd Sep 21 07:25:36.587903: | 19 bf 88 27 3d 6d 1a 46 06 f0 60 1e 70 b2 06 74 Sep 21 07:25:36.587905: | 36 92 16 a6 8a f1 2e 73 b0 f7 97 9f 28 33 4a 98 Sep 21 07:25:36.587907: | 6b 41 5b 69 08 4e 9b b6 67 24 66 9b bb 9e a9 78 Sep 21 07:25:36.587910: | 30 c3 8c 7c 73 42 d2 e7 b3 70 f3 ec 08 1f 11 78 Sep 21 07:25:36.587912: | d6 e5 62 8a 90 87 0e 77 f9 96 20 87 26 12 b2 96 Sep 21 07:25:36.587914: | a6 35 95 02 cd de 79 02 ac a9 1e 93 f0 ce 2c 13 Sep 21 07:25:36.587916: | 77 b6 9b 8e 7e 85 a6 e2 6a ca e3 75 10 f7 b9 49 Sep 21 07:25:36.587919: | f6 77 2a 6b 2c dc ca 81 cc ae 19 b2 5a 5b 89 6f Sep 21 07:25:36.587921: | ac 7f 17 d1 29 1a 1b 6e 9e 2f 7c a2 ae 45 dc 6a Sep 21 07:25:36.587923: | ae c5 3d a7 ab 35 a2 4b e6 56 dd 82 43 d9 c0 d7 Sep 21 07:25:36.587925: | 82 a5 36 14 d1 b3 90 37 80 d7 64 74 55 7d e5 6d Sep 21 07:25:36.587928: | 5c 6d ca 31 2c 77 51 d2 6c 77 e9 29 1d a4 52 96 Sep 21 07:25:36.587930: | 6b c9 73 d0 29 00 00 24 0d 10 3e 20 f2 88 3b 5a Sep 21 07:25:36.587932: | 40 48 c4 5e 68 c4 b9 ac e6 d2 68 9b 4b 08 f3 06 Sep 21 07:25:36.587935: | e7 26 aa 40 9f 78 c0 56 29 00 00 08 00 00 40 2e Sep 21 07:25:36.587937: | 29 00 00 1c 00 00 40 04 6a a5 e3 dd 39 a3 2f ad Sep 21 07:25:36.587939: | a0 1a 6c c3 95 87 88 8e 4d b2 17 f7 00 00 00 1c Sep 21 07:25:36.587941: | 00 00 40 05 1b fe d0 11 9c f9 3e 4d 20 ab 8a 74 Sep 21 07:25:36.587944: | 1c 09 af 7e 17 3b 7a 34 Sep 21 07:25:36.587983: | libevent_free: release ptr-libevent@0x7fb91c006900 Sep 21 07:25:36.587987: | free_event_entry: release EVENT_RETRANSMIT-pe@0x7fb91c002b20 Sep 21 07:25:36.587996: | #1 spent 0.176 milliseconds in timer_event_cb() EVENT_RETRANSMIT Sep 21 07:25:36.588001: | stop processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in timer_event_cb() at timer.c:557) Sep 21 07:25:42.993822: | timer_event_cb: processing event@0x557d90ac4fc0 Sep 21 07:25:42.993838: | handling event EVENT_RETRANSMIT for parent state #1 Sep 21 07:25:42.993847: | start processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in timer_event_cb() at timer.c:250) Sep 21 07:25:42.993851: | IKEv2 retransmit event Sep 21 07:25:42.993855: | [RE]START processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in retransmit_v2_msg() at retry.c:144) Sep 21 07:25:42.993860: | handling event EVENT_RETRANSMIT for 192.1.3.33 "north-eastnets/0x2" #1 attempt 2 of 0 Sep 21 07:25:42.993864: | and parent for 192.1.3.33 "north-eastnets/0x2" #1 keying attempt 1 of 0; retransmit 9 Sep 21 07:25:42.993871: | retransmits: current time 49389.362132; retransmit count 8 exceeds limit? NO; deltatime 12.8 exceeds limit? NO; monotime 12.833332 exceeds limit? NO Sep 21 07:25:42.993874: | event_schedule: new EVENT_RETRANSMIT-pe@0x7fb91c002b20 Sep 21 07:25:42.993878: | inserting event EVENT_RETRANSMIT, timeout in 12.8 seconds for #1 Sep 21 07:25:42.993882: | libevent_malloc: new ptr-libevent@0x7fb91c006900 size 128 Sep 21 07:25:42.993887: "north-eastnets/0x2" #1: STATE_PARENT_I1: retransmission; will wait 12.8 seconds for response Sep 21 07:25:42.993893: | sending 440 bytes for EVENT_RETRANSMIT through eth1 from 192.1.2.23:500 to 192.1.3.33:500 (using #1) Sep 21 07:25:42.993896: | f3 78 7a 5b f5 0a 8c a1 00 00 00 00 00 00 00 00 Sep 21 07:25:42.993898: | 21 20 22 08 00 00 00 00 00 00 01 b8 22 00 00 30 Sep 21 07:25:42.993900: | 00 00 00 2c 01 01 00 04 03 00 00 0c 01 00 00 0c Sep 21 07:25:42.993902: | 80 0e 01 00 03 00 00 08 02 00 00 05 03 00 00 08 Sep 21 07:25:42.993904: | 03 00 00 0c 00 00 00 08 04 00 00 0e 28 00 01 08 Sep 21 07:25:42.993906: | 00 0e 00 00 52 62 79 11 d8 ff e0 1c 14 6b fc 59 Sep 21 07:25:42.993908: | 9c 5f 0c 55 f2 11 bb 44 b2 a6 75 96 ae 08 7a 7f Sep 21 07:25:42.993914: | dc 27 3b 0e 05 13 4d f2 fe 8b 55 4f c7 44 b0 8f Sep 21 07:25:42.993916: | f1 94 7d 4b f6 a1 d6 71 cf 2c cd c7 42 77 7e fd Sep 21 07:25:42.993918: | 19 bf 88 27 3d 6d 1a 46 06 f0 60 1e 70 b2 06 74 Sep 21 07:25:42.993920: | 36 92 16 a6 8a f1 2e 73 b0 f7 97 9f 28 33 4a 98 Sep 21 07:25:42.993922: | 6b 41 5b 69 08 4e 9b b6 67 24 66 9b bb 9e a9 78 Sep 21 07:25:42.993924: | 30 c3 8c 7c 73 42 d2 e7 b3 70 f3 ec 08 1f 11 78 Sep 21 07:25:42.993926: | d6 e5 62 8a 90 87 0e 77 f9 96 20 87 26 12 b2 96 Sep 21 07:25:42.993928: | a6 35 95 02 cd de 79 02 ac a9 1e 93 f0 ce 2c 13 Sep 21 07:25:42.993930: | 77 b6 9b 8e 7e 85 a6 e2 6a ca e3 75 10 f7 b9 49 Sep 21 07:25:42.993932: | f6 77 2a 6b 2c dc ca 81 cc ae 19 b2 5a 5b 89 6f Sep 21 07:25:42.993934: | ac 7f 17 d1 29 1a 1b 6e 9e 2f 7c a2 ae 45 dc 6a Sep 21 07:25:42.993936: | ae c5 3d a7 ab 35 a2 4b e6 56 dd 82 43 d9 c0 d7 Sep 21 07:25:42.993937: | 82 a5 36 14 d1 b3 90 37 80 d7 64 74 55 7d e5 6d Sep 21 07:25:42.993939: | 5c 6d ca 31 2c 77 51 d2 6c 77 e9 29 1d a4 52 96 Sep 21 07:25:42.993941: | 6b c9 73 d0 29 00 00 24 0d 10 3e 20 f2 88 3b 5a Sep 21 07:25:42.993943: | 40 48 c4 5e 68 c4 b9 ac e6 d2 68 9b 4b 08 f3 06 Sep 21 07:25:42.993944: | e7 26 aa 40 9f 78 c0 56 29 00 00 08 00 00 40 2e Sep 21 07:25:42.993946: | 29 00 00 1c 00 00 40 04 6a a5 e3 dd 39 a3 2f ad Sep 21 07:25:42.993948: | a0 1a 6c c3 95 87 88 8e 4d b2 17 f7 00 00 00 1c Sep 21 07:25:42.993950: | 00 00 40 05 1b fe d0 11 9c f9 3e 4d 20 ab 8a 74 Sep 21 07:25:42.993951: | 1c 09 af 7e 17 3b 7a 34 Sep 21 07:25:42.994004: | libevent_free: release ptr-libevent@0x557d90ac5000 Sep 21 07:25:42.994008: | free_event_entry: release EVENT_RETRANSMIT-pe@0x557d90ac4fc0 Sep 21 07:25:42.994015: | #1 spent 0.169 milliseconds in timer_event_cb() EVENT_RETRANSMIT Sep 21 07:25:42.994020: | stop processing: state #1 connection "north-eastnets/0x2" from 192.1.3.33:500 (in timer_event_cb() at timer.c:557) Sep 21 07:25:50.126822: | processing global timer EVENT_SHUNT_SCAN Sep 21 07:25:50.126836: | expiring aged bare shunts from shunt table Sep 21 07:25:50.126841: | spent 0.00413 milliseconds in global timer EVENT_SHUNT_SCAN