[Swan-dev] several tests fail because output of ipsec-look.sh isn't sannitized completely

Andrew Cagney andrew.cagney at gmail.com
Tue Jun 12 17:36:36 UTC 2018 

'ipsec-look.sh isn't sannitized completely' ah, should be fixed
On Tue, 12 Jun 2018 at 12:20, D. Hugh Redelmeier <hugh at mimosa.com> wrote:
>
> (I'm testing the tree from almost 24 hours ago.  This might have already
> been fixed.)
>
> Here's an example:
>
> --- MASTER/testing/pluto/klips-ikev2-algo-sha2-07/east.console.txt
> +++ OUTPUT/testing/pluto/klips-ikev2-algo-sha2-07/east.console.txt
> @@ -48,12 +48,14 @@
>  east #
>   ../../pluto/bin/ipsec-look.sh
>  east NOW
> -192.0.2.0/24       -> 192.0.1.0/24       => tun0xIPIP at 192.1.2.45 esp0xESPSPI at 192.1.2.45
> -ipsec0->eth1 mtu=16260(9999)->1500
> -tun0xTUN#@192.1.2.45 IPIP: dir=out src=192.1.2.23 jiffies=0123456789  natencap=none natsport=0 natdport=0   refhim=0
> -esp0xSPISPI at 192.1.2.45 ESP_AES_HMAC_SHA2_512: dir=out src=192.1.2.23 iv_bits=128bits iv=0xIVISFORRANDOM000IVISFORRANDOM000 ooowin=32  alen=512 aklen=512 eklen=128 jiffies=0123456789  natencap=none natsport=0 natdport=0   refhim=0
> -esp0xSPISPI at 192.1.2.23 ESP_AES_HMAC_SHA2_512: dir=in  src=192.1.2.45 iv_bits=128bits iv=0xIVISFORRANDOM000IVISFORRANDOM000 ooowin=32   alen=512 aklen=512 eklen=128 jiffies=0123456789  natencap=none natsport=0 natdport=0   refhim=0
> -tun0xTUN#@192.1.2.23 IPIP: dir=in  src=192.1.2.45 policy=192.0.1.0/24->192.0.2.0/24 flags=0x8<> jiffies=0123456789  natencap=none natsport=0 natdport=0   refhim=0
> +192.0.2.0/24       -> 192.0.1.0/24       => tun0x1000 at 192.1.2.45 esp0xbf8e27c8 at 192.1.2.45  (2)
> +ipsec0->eth1 mtu=16260(1500)->1500
> +esp0x563d8d9 at 192.1.2.23 ESP_AES_HMAC_SHA2_512: dir=in  src=192.1.2.45 iv_bits=128bits iv=0xbed81e99dcd29af0fa25a443fdf0cd1d ooowin=32 seq=2 bit=0x3 alen=512 aklen=512 eklen=128 jiffies=4294709828 life(c,s,h)=bytes(168,0,0) idle=0 natencap=none natsport=0 natdport=0 refcount=3 ref=4 refhim=0
> +esp0xbf8e27c8 at 192.1.2.45 ESP_AES_HMAC_SHA2_512: dir=out src=192.1.2.23 iv_bits=128bits iv=0x89083535be5bbbcffaeb72d44ca7c025 ooowin=32 seq=2 alen=512 aklen=512 eklen=128 jiffies=4294709828 life(c,s,h)=bytes(168,0,0) idle=0 natencap=none natsport=0 natdport=0 refcount=3 ref=2 refhim=0
> +tun0x1000 at 192.1.2.45 IPIP: dir=out src=192.1.2.23 jiffies=4294709828 life(c,s,h)=bytes(208,0,0) idle=0 natencap=none natsport=0 natdport=0 refcount=3 ref=1 refhim=0
> +tun0x1001 at 192.1.2.23 IPIP: dir=in  src=192.1.2.45 policy=192.0.1.0/24->192.0.2.0/24 flags=0x8<> jiffies=4294709828 life(c,s,h)=bytes(168,0,0) idle=0 natencap=none natsport=0 natdport=0 refcount=3 ref=3 refhim=0
> +IPSEC mangle TABLES
> +NEW_IPSEC_CONN mangle TABLES
>  ROUTING TABLES
>  default via 192.1.2.254 dev eth1
>  192.0.1.0/24 dev ipsec0  scope link
> _______________________________________________
> Swan-dev mailing list
> Swan-dev at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan-dev

More information about the Swan-dev mailing list