blob: 8c5134a84a52c2d2f43acc41f1d12021f15ac147 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
#
# this is test configuration for unique policy on loopback.
#
spdflush;
# connection to 9999 encrypted, reverse no encrypted.
spdadd ::1 ::1[9999] tcp
-P out ipsec
esp/transport//unique:2 ;
# Session encrypted. Inbound policy check takes place non-strictly.
spdadd ::1 ::1[9998] tcp
-P out ipsec
esp/transport//unique:1 ;
spdadd ::1[9998] ::1 tcp
-P in ipsec
esp/transport//unique:2 ;
spdadd ::1[9998] ::1 tcp
-P out ipsec
esp/transport//unique:1 ;
# Cause new SA to be acquired.
spdadd ::1 ::1[9997] tcp
-P out ipsec
esp/transport//unique ;
# Used proper SA.
spdadd ::1 ::1[9996] tcp
-P out ipsec
esp/transport//require ;
# reqid will be updated by kernel.
spdadd ::1 ::1[9995] tcp
-P out ipsec
esp/transport//unique:28000 ;
flush;
add ::1 ::1 esp 0x1001
-u 1
-E des-cbc "kamekame";
add ::1 ::1 esp 0x1002
-u 2
-E des-cbc "hogehoge";
|