Annotation of embedaddon/ipsec-tools/src/setkey/sample-policy02.cf, revision 1.1
1.1 ! misho 1: #
! 2: # this is test configuration for unique policy on loopback.
! 3: #
! 4:
! 5: spdflush;
! 6: # connection to 9999 encrypted, reverse no encrypted.
! 7: spdadd ::1 ::1[9999] tcp
! 8: -P out ipsec
! 9: esp/transport//unique:2 ;
! 10:
! 11: # Session encrypted. Inbound policy check takes place non-strictly.
! 12: spdadd ::1 ::1[9998] tcp
! 13: -P out ipsec
! 14: esp/transport//unique:1 ;
! 15: spdadd ::1[9998] ::1 tcp
! 16: -P in ipsec
! 17: esp/transport//unique:2 ;
! 18: spdadd ::1[9998] ::1 tcp
! 19: -P out ipsec
! 20: esp/transport//unique:1 ;
! 21:
! 22: # Cause new SA to be acquired.
! 23: spdadd ::1 ::1[9997] tcp
! 24: -P out ipsec
! 25: esp/transport//unique ;
! 26:
! 27: # Used proper SA.
! 28: spdadd ::1 ::1[9996] tcp
! 29: -P out ipsec
! 30: esp/transport//require ;
! 31:
! 32: # reqid will be updated by kernel.
! 33: spdadd ::1 ::1[9995] tcp
! 34: -P out ipsec
! 35: esp/transport//unique:28000 ;
! 36:
! 37: flush;
! 38: add ::1 ::1 esp 0x1001
! 39: -u 1
! 40: -E des-cbc "kamekame";
! 41: add ::1 ::1 esp 0x1002
! 42: -u 2
! 43: -E des-cbc "hogehoge";
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to sample-policy02.cf CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / ipsec-tools / src / setkey