diff options
author | Hans-Joerg Hoexer <hshoexer@cvs.openbsd.org> | 2006-04-13 12:04:35 +0000 |
---|---|---|
committer | Hans-Joerg Hoexer <hshoexer@cvs.openbsd.org> | 2006-04-13 12:04:35 +0000 |
commit | f324f76899bfb6b3ebde89af80786f290b8915b2 (patch) | |
tree | 1b5f4072844508b16fcec98ebac4091f26762a62 | |
parent | 7503970d10c1213afb12d3a029db8e2122bc798e (diff) |
regression tests for "local"
-rw-r--r-- | regress/sbin/ipsecctl/Makefile | 4 | ||||
-rw-r--r-- | regress/sbin/ipsecctl/ike11.in | 2 | ||||
-rw-r--r-- | regress/sbin/ipsecctl/ike11.ok | 40 | ||||
-rw-r--r-- | regress/sbin/ipsecctl/ipsec15.in | 1 | ||||
-rw-r--r-- | regress/sbin/ipsecctl/ipsec15.ok | 2 |
5 files changed, 47 insertions, 2 deletions
diff --git a/regress/sbin/ipsecctl/Makefile b/regress/sbin/ipsecctl/Makefile index 974506cdf4b..f6bcd9aaa4b 100644 --- a/regress/sbin/ipsecctl/Makefile +++ b/regress/sbin/ipsecctl/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.18 2006/04/12 14:07:11 hshoexer Exp $ +# $OpenBSD: Makefile,v 1.19 2006/04/13 12:04:34 hshoexer Exp $ # TARGETS # ipsec: feed ipsecNN.in through ipsecctl and check wether the output matches @@ -11,7 +11,7 @@ IPSECTESTS=1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 TCPMD5TESTS=1 2 3 SATESTS=1 2 3 4 5 6 7 8 9 10 11 12 SAFAIL=1 -IKETESTS=1 2 3 4 5 6 7 8 9 10 +IKETESTS=1 2 3 4 5 6 7 8 9 10 11 SHELL=/bin/sh diff --git a/regress/sbin/ipsecctl/ike11.in b/regress/sbin/ipsecctl/ike11.in new file mode 100644 index 00000000000..c7f1d04ad70 --- /dev/null +++ b/regress/sbin/ipsecctl/ike11.in @@ -0,0 +1,2 @@ +ike from 1.1.1.1 to any local 192.168.3.2 peer 192.168.3.1 +ike from 1.1.1.1 to any peer 192.168.3.1 local 192.168.3.2 diff --git a/regress/sbin/ipsecctl/ike11.ok b/regress/sbin/ipsecctl/ike11.ok new file mode 100644 index 00000000000..9e596e2fd1e --- /dev/null +++ b/regress/sbin/ipsecctl/ike11.ok @@ -0,0 +1,40 @@ +C set [Phase 1]:192.168.3.1=peer-192.168.3.1 force +C set [peer-192.168.3.1]:Phase=1 force +C set [peer-192.168.3.1]:Address=192.168.3.1 force +C set [peer-192.168.3.1:Local-address=192.168.3.2 force +C set [peer-192.168.3.1]:Configuration=mm-192.168.3.1 force +C set [mm-192.168.3.1]:EXCHANGE_TYPE=ID_PROT force +C add [mm-192.168.3.1]:Transforms=AES-SHA-RSA_SIG force +C set [IPsec-1.1.1.1-0.0.0.0/0]:Phase=2 force +C set [IPsec-1.1.1.1-0.0.0.0/0]:ISAKMP-peer=peer-192.168.3.1 force +C set [IPsec-1.1.1.1-0.0.0.0/0]:Configuration=qm-1.1.1.1-0.0.0.0/0 force +C set [IPsec-1.1.1.1-0.0.0.0/0]:Local-ID=lid-1.1.1.1 force +C set [IPsec-1.1.1.1-0.0.0.0/0]:Remote-ID=rid-0.0.0.0/0 force +C set [qm-1.1.1.1-0.0.0.0/0]:EXCHANGE_TYPE=QUICK_MODE force +C set [qm-1.1.1.1-0.0.0.0/0]:Suites=QM-ESP-AES-SHA2-256-PFS-SUITE force +C set [lid-1.1.1.1]:ID-type=IPV4_ADDR force +C set [lid-1.1.1.1]:Address=1.1.1.1 force +C set [rid-0.0.0.0/0]:ID-type=IPV4_ADDR_SUBNET force +C set [rid-0.0.0.0/0]:Network=0.0.0.0 force +C set [rid-0.0.0.0/0]:Netmask=0.0.0.0 force +C add [Phase 2]:Connections=IPsec-1.1.1.1-0.0.0.0/0 +C set [Phase 1]:192.168.3.1=peer-192.168.3.1 force +C set [peer-192.168.3.1]:Phase=1 force +C set [peer-192.168.3.1]:Address=192.168.3.1 force +C set [peer-192.168.3.1:Local-address=192.168.3.2 force +C set [peer-192.168.3.1]:Configuration=mm-192.168.3.1 force +C set [mm-192.168.3.1]:EXCHANGE_TYPE=ID_PROT force +C add [mm-192.168.3.1]:Transforms=AES-SHA-RSA_SIG force +C set [IPsec-1.1.1.1-0.0.0.0/0]:Phase=2 force +C set [IPsec-1.1.1.1-0.0.0.0/0]:ISAKMP-peer=peer-192.168.3.1 force +C set [IPsec-1.1.1.1-0.0.0.0/0]:Configuration=qm-1.1.1.1-0.0.0.0/0 force +C set [IPsec-1.1.1.1-0.0.0.0/0]:Local-ID=lid-1.1.1.1 force +C set [IPsec-1.1.1.1-0.0.0.0/0]:Remote-ID=rid-0.0.0.0/0 force +C set [qm-1.1.1.1-0.0.0.0/0]:EXCHANGE_TYPE=QUICK_MODE force +C set [qm-1.1.1.1-0.0.0.0/0]:Suites=QM-ESP-AES-SHA2-256-PFS-SUITE force +C set [lid-1.1.1.1]:ID-type=IPV4_ADDR force +C set [lid-1.1.1.1]:Address=1.1.1.1 force +C set [rid-0.0.0.0/0]:ID-type=IPV4_ADDR_SUBNET force +C set [rid-0.0.0.0/0]:Network=0.0.0.0 force +C set [rid-0.0.0.0/0]:Netmask=0.0.0.0 force +C add [Phase 2]:Connections=IPsec-1.1.1.1-0.0.0.0/0 diff --git a/regress/sbin/ipsecctl/ipsec15.in b/regress/sbin/ipsecctl/ipsec15.in index 5bb58417ebf..e54659444a9 100644 --- a/regress/sbin/ipsecctl/ipsec15.in +++ b/regress/sbin/ipsecctl/ipsec15.in @@ -1 +1,2 @@ flow esp from 1.1.1.0/24 to 2.2.2.0/24 local 192.168.0.1 peer 192.168.100.1 +flow esp from 1.1.1.0/24 to 2.2.2.0/24 peer 192.168.100.1 local 192.168.0.1 diff --git a/regress/sbin/ipsecctl/ipsec15.ok b/regress/sbin/ipsecctl/ipsec15.ok index d85e31fbb1d..c3b8bf4912a 100644 --- a/regress/sbin/ipsecctl/ipsec15.ok +++ b/regress/sbin/ipsecctl/ipsec15.ok @@ -1,2 +1,4 @@ flow esp out from 1.1.1.0/24 to 2.2.2.0/24 local 192.168.0.1 peer 192.168.100.1 type require flow esp in from 2.2.2.0/24 to 1.1.1.0/24 local 192.168.0.1 peer 192.168.100.1 type use +flow esp out from 1.1.1.0/24 to 2.2.2.0/24 local 192.168.0.1 peer 192.168.100.1 type require +flow esp in from 2.2.2.0/24 to 1.1.1.0/24 local 192.168.0.1 peer 192.168.100.1 type use |