summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHans-Joerg Hoexer <hshoexer@cvs.openbsd.org>2006-04-13 12:04:35 +0000
committerHans-Joerg Hoexer <hshoexer@cvs.openbsd.org>2006-04-13 12:04:35 +0000
commitf324f76899bfb6b3ebde89af80786f290b8915b2 (patch)
tree1b5f4072844508b16fcec98ebac4091f26762a62
parent7503970d10c1213afb12d3a029db8e2122bc798e (diff)
regression tests for "local"
-rw-r--r--regress/sbin/ipsecctl/Makefile4
-rw-r--r--regress/sbin/ipsecctl/ike11.in2
-rw-r--r--regress/sbin/ipsecctl/ike11.ok40
-rw-r--r--regress/sbin/ipsecctl/ipsec15.in1
-rw-r--r--regress/sbin/ipsecctl/ipsec15.ok2
5 files changed, 47 insertions, 2 deletions
diff --git a/regress/sbin/ipsecctl/Makefile b/regress/sbin/ipsecctl/Makefile
index 974506cdf4b..f6bcd9aaa4b 100644
--- a/regress/sbin/ipsecctl/Makefile
+++ b/regress/sbin/ipsecctl/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.18 2006/04/12 14:07:11 hshoexer Exp $
+# $OpenBSD: Makefile,v 1.19 2006/04/13 12:04:34 hshoexer Exp $
# TARGETS
# ipsec: feed ipsecNN.in through ipsecctl and check wether the output matches
@@ -11,7 +11,7 @@ IPSECTESTS=1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
TCPMD5TESTS=1 2 3
SATESTS=1 2 3 4 5 6 7 8 9 10 11 12
SAFAIL=1
-IKETESTS=1 2 3 4 5 6 7 8 9 10
+IKETESTS=1 2 3 4 5 6 7 8 9 10 11
SHELL=/bin/sh
diff --git a/regress/sbin/ipsecctl/ike11.in b/regress/sbin/ipsecctl/ike11.in
new file mode 100644
index 00000000000..c7f1d04ad70
--- /dev/null
+++ b/regress/sbin/ipsecctl/ike11.in
@@ -0,0 +1,2 @@
+ike from 1.1.1.1 to any local 192.168.3.2 peer 192.168.3.1
+ike from 1.1.1.1 to any peer 192.168.3.1 local 192.168.3.2
diff --git a/regress/sbin/ipsecctl/ike11.ok b/regress/sbin/ipsecctl/ike11.ok
new file mode 100644
index 00000000000..9e596e2fd1e
--- /dev/null
+++ b/regress/sbin/ipsecctl/ike11.ok
@@ -0,0 +1,40 @@
+C set [Phase 1]:192.168.3.1=peer-192.168.3.1 force
+C set [peer-192.168.3.1]:Phase=1 force
+C set [peer-192.168.3.1]:Address=192.168.3.1 force
+C set [peer-192.168.3.1:Local-address=192.168.3.2 force
+C set [peer-192.168.3.1]:Configuration=mm-192.168.3.1 force
+C set [mm-192.168.3.1]:EXCHANGE_TYPE=ID_PROT force
+C add [mm-192.168.3.1]:Transforms=AES-SHA-RSA_SIG force
+C set [IPsec-1.1.1.1-0.0.0.0/0]:Phase=2 force
+C set [IPsec-1.1.1.1-0.0.0.0/0]:ISAKMP-peer=peer-192.168.3.1 force
+C set [IPsec-1.1.1.1-0.0.0.0/0]:Configuration=qm-1.1.1.1-0.0.0.0/0 force
+C set [IPsec-1.1.1.1-0.0.0.0/0]:Local-ID=lid-1.1.1.1 force
+C set [IPsec-1.1.1.1-0.0.0.0/0]:Remote-ID=rid-0.0.0.0/0 force
+C set [qm-1.1.1.1-0.0.0.0/0]:EXCHANGE_TYPE=QUICK_MODE force
+C set [qm-1.1.1.1-0.0.0.0/0]:Suites=QM-ESP-AES-SHA2-256-PFS-SUITE force
+C set [lid-1.1.1.1]:ID-type=IPV4_ADDR force
+C set [lid-1.1.1.1]:Address=1.1.1.1 force
+C set [rid-0.0.0.0/0]:ID-type=IPV4_ADDR_SUBNET force
+C set [rid-0.0.0.0/0]:Network=0.0.0.0 force
+C set [rid-0.0.0.0/0]:Netmask=0.0.0.0 force
+C add [Phase 2]:Connections=IPsec-1.1.1.1-0.0.0.0/0
+C set [Phase 1]:192.168.3.1=peer-192.168.3.1 force
+C set [peer-192.168.3.1]:Phase=1 force
+C set [peer-192.168.3.1]:Address=192.168.3.1 force
+C set [peer-192.168.3.1:Local-address=192.168.3.2 force
+C set [peer-192.168.3.1]:Configuration=mm-192.168.3.1 force
+C set [mm-192.168.3.1]:EXCHANGE_TYPE=ID_PROT force
+C add [mm-192.168.3.1]:Transforms=AES-SHA-RSA_SIG force
+C set [IPsec-1.1.1.1-0.0.0.0/0]:Phase=2 force
+C set [IPsec-1.1.1.1-0.0.0.0/0]:ISAKMP-peer=peer-192.168.3.1 force
+C set [IPsec-1.1.1.1-0.0.0.0/0]:Configuration=qm-1.1.1.1-0.0.0.0/0 force
+C set [IPsec-1.1.1.1-0.0.0.0/0]:Local-ID=lid-1.1.1.1 force
+C set [IPsec-1.1.1.1-0.0.0.0/0]:Remote-ID=rid-0.0.0.0/0 force
+C set [qm-1.1.1.1-0.0.0.0/0]:EXCHANGE_TYPE=QUICK_MODE force
+C set [qm-1.1.1.1-0.0.0.0/0]:Suites=QM-ESP-AES-SHA2-256-PFS-SUITE force
+C set [lid-1.1.1.1]:ID-type=IPV4_ADDR force
+C set [lid-1.1.1.1]:Address=1.1.1.1 force
+C set [rid-0.0.0.0/0]:ID-type=IPV4_ADDR_SUBNET force
+C set [rid-0.0.0.0/0]:Network=0.0.0.0 force
+C set [rid-0.0.0.0/0]:Netmask=0.0.0.0 force
+C add [Phase 2]:Connections=IPsec-1.1.1.1-0.0.0.0/0
diff --git a/regress/sbin/ipsecctl/ipsec15.in b/regress/sbin/ipsecctl/ipsec15.in
index 5bb58417ebf..e54659444a9 100644
--- a/regress/sbin/ipsecctl/ipsec15.in
+++ b/regress/sbin/ipsecctl/ipsec15.in
@@ -1 +1,2 @@
flow esp from 1.1.1.0/24 to 2.2.2.0/24 local 192.168.0.1 peer 192.168.100.1
+flow esp from 1.1.1.0/24 to 2.2.2.0/24 peer 192.168.100.1 local 192.168.0.1
diff --git a/regress/sbin/ipsecctl/ipsec15.ok b/regress/sbin/ipsecctl/ipsec15.ok
index d85e31fbb1d..c3b8bf4912a 100644
--- a/regress/sbin/ipsecctl/ipsec15.ok
+++ b/regress/sbin/ipsecctl/ipsec15.ok
@@ -1,2 +1,4 @@
flow esp out from 1.1.1.0/24 to 2.2.2.0/24 local 192.168.0.1 peer 192.168.100.1 type require
flow esp in from 2.2.2.0/24 to 1.1.1.0/24 local 192.168.0.1 peer 192.168.100.1 type use
+flow esp out from 1.1.1.0/24 to 2.2.2.0/24 local 192.168.0.1 peer 192.168.100.1 type require
+flow esp in from 2.2.2.0/24 to 1.1.1.0/24 local 192.168.0.1 peer 192.168.100.1 type use