embedaddon/ipsec-tools/src/setkey/sample-policy02.cf - view

Return to sample-policy02.cf CVS log

Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / ipsec-tools / src / setkey

File: [ELWIX - Embedded LightWeight unIX -] / embedaddon / ipsec-tools / src / setkey / sample-policy02.cf
Revision 1.1.1.1 (vendor branch): download - view: text, annotated - select for diffs - revision graph
Tue Feb 21 22:39:10 2012 UTC (13 years, 4 months ago) by misho
Branches: ipsec-tools, MAIN
CVS tags: v0_8_2p2, v0_8_1p0, v0_8_1, v0_8_0p0, v0_8_0, HEAD

ipsec-tools

    1: #
    2: # this is test configuration for unique policy on loopback.
    3: #
    4: 
    5: spdflush;
    6: # connection to 9999 encrypted, reverse no encrypted.
    7: spdadd ::1 ::1[9999] tcp
    8: 	-P out ipsec
    9: 	esp/transport//unique:2 ;
   10: 
   11: # Session encrypted.  Inbound policy check takes place non-strictly.
   12: spdadd ::1 ::1[9998] tcp
   13: 	-P out ipsec
   14: 	esp/transport//unique:1 ;
   15: spdadd ::1[9998] ::1 tcp
   16: 	-P in ipsec
   17: 	esp/transport//unique:2 ;
   18: spdadd ::1[9998] ::1 tcp
   19: 	-P out ipsec
   20: 	esp/transport//unique:1 ;
   21: 
   22: # Cause new SA to be acquired.
   23: spdadd ::1 ::1[9997] tcp
   24: 	-P out ipsec
   25: 	esp/transport//unique ;
   26: 
   27: # Used proper SA.
   28: spdadd ::1 ::1[9996] tcp
   29: 	-P out ipsec
   30: 	esp/transport//require ;
   31: 
   32: # reqid will be updated by kernel.
   33: spdadd ::1 ::1[9995] tcp
   34: 	-P out ipsec
   35: 	esp/transport//unique:28000 ;
   36: 
   37: flush;
   38: add ::1 ::1 esp 0x1001
   39: 	-u 1
   40: 	-E des-cbc "kamekame";
   41: add ::1 ::1 esp 0x1002
   42: 	-u 2
   43: 	-E des-cbc "hogehoge";

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>