diff options
author | Niklas Hallqvist <niklas@cvs.openbsd.org> | 2000-11-23 12:56:26 +0000 |
---|---|---|
committer | Niklas Hallqvist <niklas@cvs.openbsd.org> | 2000-11-23 12:56:26 +0000 |
commit | b4a20c03d3c3cef5bbb260cc931e1b4217d51fe7 (patch) | |
tree | 0b009367443fa370a2c56b6769416c2d1beff68f /sbin/isakmpd/samples | |
parent | 42b2c2b050c7617bac2ebc3684b81226b0aa9d43 (diff) |
samples/singlehost-east.conf: Merge with EOM 1.10
samples/singlehost-west.conf: Merge with EOM 1.10
samples/singlehost-setup.sh: Merge with EOM 1.3
author: niklas
use networks that fits me better
Diffstat (limited to 'sbin/isakmpd/samples')
-rw-r--r-- | sbin/isakmpd/samples/singlehost-east.conf | 21 | ||||
-rw-r--r-- | sbin/isakmpd/samples/singlehost-setup.sh | 30 | ||||
-rw-r--r-- | sbin/isakmpd/samples/singlehost-west.conf | 21 |
3 files changed, 37 insertions, 35 deletions
diff --git a/sbin/isakmpd/samples/singlehost-east.conf b/sbin/isakmpd/samples/singlehost-east.conf index 3551233ea94..f0afc46f047 100644 --- a/sbin/isakmpd/samples/singlehost-east.conf +++ b/sbin/isakmpd/samples/singlehost-east.conf @@ -1,14 +1,15 @@ -# $OpenBSD: singlehost-east.conf,v 1.9 2000/10/09 23:27:30 niklas Exp $ -# $EOM: singlehost-east.conf,v 1.9 2000/10/09 22:08:30 angelos Exp $ +# $OpenBSD: singlehost-east.conf,v 1.10 2000/11/23 12:56:25 niklas Exp $ +# $EOM: singlehost-east.conf,v 1.10 2000/11/23 12:24:43 niklas Exp $ # A configuration sample for the isakmpd ISAKMP/Oakley (aka IKE) daemon. [General] -Listen-on= 10.1.0.2 +Listen-on= 10.1.0.12 Shared-SADB= Defined +Policy-File= policy [Phase 1] -10.1.0.1= ISAKMP-peer-west +10.1.0.11= ISAKMP-peer-west Default= ISAKMP-peer-west-aggressive [Phase 2] @@ -17,16 +18,16 @@ Connections= IPsec-east-west [ISAKMP-peer-west] Phase= 1 Transport= udp -Local-address= 10.1.0.2 -Address= 10.1.0.1 +Local-address= 10.1.0.12 +Address= 10.1.0.11 Configuration= Default-main-mode Authentication= mekmitasdigoat [ISAKMP-peer-west-aggressive] Phase= 1 Transport= udp -Local-address= 10.1.0.2 -Address= 10.1.0.1 +Local-address= 10.1.0.12 +Address= 10.1.0.11 Configuration= Default-aggressive-mode Authentication= mekmitasdigoat @@ -39,12 +40,12 @@ Remote-ID= Net-west [Net-west] ID-type= IPV4_ADDR_SUBNET -Network= 192.168.1.0 +Network= 192.168.11.0 Netmask= 255.255.255.0 [Net-east] ID-type= IPV4_ADDR_SUBNET -Network= 192.168.2.0 +Network= 192.168.12.0 Netmask= 255.255.255.0 [Default-main-mode] diff --git a/sbin/isakmpd/samples/singlehost-setup.sh b/sbin/isakmpd/samples/singlehost-setup.sh index 797727dabf8..378f599902b 100644 --- a/sbin/isakmpd/samples/singlehost-setup.sh +++ b/sbin/isakmpd/samples/singlehost-setup.sh @@ -1,30 +1,30 @@ #!/bin/sh -# $OpenBSD: singlehost-setup.sh,v 1.1 1999/03/31 23:45:53 niklas Exp $ -# $EOM: singlehost-setup.sh,v 1.2 1999/03/31 23:45:16 niklas Exp $ +# $OpenBSD: singlehost-setup.sh,v 1.2 2000/11/23 12:56:25 niklas Exp $ +# $EOM: singlehost-setup.sh,v 1.3 2000/11/23 12:24:43 niklas Exp $ # A script to test single-host VPNs cleanup () { ipf -r -f - <<' EOF' - pass out quick on lo2 proto 50 - pass out quick on lo2 from 192.168.1.0/24 to any - pass out quick on lo3 proto 50 - pass out quick on lo3 from 192.168.2.0/24 to any + pass out quick on lo2 proto 50 all + pass out quick on lo2 from 192.168.11.0/24 to any + pass out quick on lo3 proto 50 all + pass out quick on lo3 from 192.168.12.0/24 to any block out on lo2 block out on lo3 EOF } -ifconfig lo2 192.168.1.1 netmask 0xffffff00 -ifconfig lo3 192.168.2.1 netmask 0xffffff00 -ifconfig lo4 10.1.0.1 netmask 0xffff0000 -ifconfig lo5 10.1.0.2 netmask 0xffff0000 +ifconfig lo2 192.168.11.1 netmask 0xffffff00 +ifconfig lo3 192.168.12.1 netmask 0xffffff00 +ifconfig lo4 10.1.0.11 netmask 0xffff0000 +ifconfig lo5 10.1.0.12 netmask 0xffff0000 ipf -E -f - <<EOF -pass out quick on lo2 proto 50 -pass out quick on lo2 from 192.168.1.0/24 to any -pass out quick on lo3 proto 50 -pass out quick on lo3 from 192.168.2.0/24 to any +pass out quick on lo2 proto 50 all +pass out quick on lo2 from 192.168.11.0/24 to any +pass out quick on lo3 proto 50 all +pass out quick on lo3 from 192.168.12.0/24 to any block out on lo2 block out on lo3 EOF @@ -37,6 +37,6 @@ isakmpd -c singlehost-west.conf -f west.fifo "$@" # Give them some slack... sleep 10 -ping -I 192.168.1.1 -c 30 192.168.2.1 +ping -I 192.168.11.1 -c 30 192.168.12.1 cleanup diff --git a/sbin/isakmpd/samples/singlehost-west.conf b/sbin/isakmpd/samples/singlehost-west.conf index 94e5b720a69..a7b376a419e 100644 --- a/sbin/isakmpd/samples/singlehost-west.conf +++ b/sbin/isakmpd/samples/singlehost-west.conf @@ -1,14 +1,15 @@ -# $OpenBSD: singlehost-west.conf,v 1.9 2000/10/09 23:27:30 niklas Exp $ -# $EOM: singlehost-west.conf,v 1.9 2000/10/09 22:08:30 angelos Exp $ +# $OpenBSD: singlehost-west.conf,v 1.10 2000/11/23 12:56:25 niklas Exp $ +# $EOM: singlehost-west.conf,v 1.10 2000/11/23 12:24:43 niklas Exp $ # A configuration sample for the isakmpd ISAKMP/Oakley (aka IKE) daemon. [General] -Listen-on= 10.1.0.1 +Listen-on= 10.1.0.11 Shared-SADB= Defined +Policy-File= policy [Phase 1] -10.1.0.2= ISAKMP-peer-east +10.1.0.12= ISAKMP-peer-east Default= ISAKMP-peer-east-aggressive [Phase 2] @@ -17,8 +18,8 @@ Connections= IPsec-west-east [ISAKMP-peer-east] Phase= 1 Transport= udp -Local-address= 10.1.0.1 -Address= 10.1.0.2 +Local-address= 10.1.0.11 +Address= 10.1.0.12 Configuration= Default-main-mode Identification= IPV4_ADDR/10.1.0.1 Authentication= mekmitasdigoat @@ -26,8 +27,8 @@ Authentication= mekmitasdigoat [ISAKMP-peer-east-aggressive] Phase= 1 Transport= udp -Local-address= 10.1.0.1 -Address= 10.1.0.2 +Local-address= 10.1.0.11 +Address= 10.1.0.12 Configuration= Default-aggressive-mode Authentication= mekmitasdigoat @@ -40,12 +41,12 @@ Remote-ID= Net-east [Net-west] ID-type= IPV4_ADDR_SUBNET -Network= 192.168.1.0 +Network= 192.168.11.0 Netmask= 255.255.255.0 [Net-east] ID-type= IPV4_ADDR_SUBNET -Network= 192.168.2.0 +Network= 192.168.12.0 Netmask= 255.255.255.0 [Default-main-mode] |