[Swan-dev] setting up tests on a brand new Fedora 23 installation

D. Hugh Redelmeier hugh at mimosa.com
Thu May 12 04:59:44 UTC 2016


The last change I made was to stop SELinux from Enforcing.  This seems
important so I added a bit to the wiki.

Also (I'm not sure when in the sequence of things) I uninstalled my
old test setup using the testing/libvirt/uninstall.sh.  Thanks, Andrew, 
for the suggestion.  For this to work, a couple of definitions needed to 
be added to Makefile.inc.local (yours would be different):
KVM_SOURCEDIR=/home/build/libreswan
KVM_TESTINGDIR=$(KVM_SOURCEDIR)/testing



I've now run my first test!

But it failed.  The difference looks intentional.

--- ./east.console.txt  2016-05-09 13:38:52.478563674 -0400
+++ OUTPUT/east.console.txt     2016-05-12 00:47:59.763114044 -0400
@@ -106,7 +106,8 @@
 000 "westnet-eastnet":   retransmit-interval: 9999ms; retransmit-timeout: 99s;
 000 "westnet-eastnet":   sha2_truncbug:no; initial_contact:no; cisco_unity:no; fake_strongswan:no; send_vendorid:no;
 000 "westnet-eastnet":   policy: RSASIG+ENCRYPT+TUNNEL+PFS+IKEV1_ALLOW+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO;
-000 "westnet-eastnet":   conn_prio: 24,24; interface: eth1; metric: 0; mtu: unset; sa_prio:auto; nflog-group: unset; mark: unset;
+000 "westnet-eastnet":   conn_prio: 24,24; interface: eth1; metric: 0; mtu: unset; sa_prio:auto;
+000 "westnet-eastnet":   nflog-group: unset; mark: unset; vti-iface: unset; vti-routing: no
 000 "westnet-eastnet":   dpd: action:hold; delay:0; timeout:0; nat-t: force_encaps:no; nat_keepalive:yes; ikev1_natt:both
 000 "westnet-eastnet":   newest ISAKMP SA: #0; newest IPsec SA: #0;
 000  


More information about the Swan-dev mailing list