diff options
-rw-r--r-- | regress/sbin/ipsecctl/ike1.in | 1 | ||||
-rw-r--r-- | regress/sbin/ipsecctl/ike1.ok | 15 | ||||
-rw-r--r-- | regress/sbin/ipsecctl/ike2.in | 1 | ||||
-rw-r--r-- | regress/sbin/ipsecctl/ike2.ok | 17 | ||||
-rw-r--r-- | regress/sbin/ipsecctl/ike3.in | 2 | ||||
-rw-r--r-- | regress/sbin/ipsecctl/ike3.ok | 21 | ||||
-rw-r--r-- | regress/sbin/ipsecctl/ike4.in | 2 | ||||
-rw-r--r-- | regress/sbin/ipsecctl/ike4.ok | 23 | ||||
-rw-r--r-- | regress/sbin/ipsecctl/ike5.in | 8 | ||||
-rw-r--r-- | regress/sbin/ipsecctl/ike5.ok | 50 | ||||
-rw-r--r-- | regress/sbin/ipsecctl/ike6.in | 2 | ||||
-rw-r--r-- | regress/sbin/ipsecctl/ike6.ok | 32 | ||||
-rw-r--r-- | regress/sbin/ipsecctl/ike7.in | 2 | ||||
-rw-r--r-- | regress/sbin/ipsecctl/ike7.ok | 30 |
14 files changed, 206 insertions, 0 deletions
diff --git a/regress/sbin/ipsecctl/ike1.in b/regress/sbin/ipsecctl/ike1.in new file mode 100644 index 00000000000..c627e0e9f7d --- /dev/null +++ b/regress/sbin/ipsecctl/ike1.in @@ -0,0 +1 @@ +ike from 131.188.33.51 to 131.188.33.29 diff --git a/regress/sbin/ipsecctl/ike1.ok b/regress/sbin/ipsecctl/ike1.ok new file mode 100644 index 00000000000..428815b3f94 --- /dev/null +++ b/regress/sbin/ipsecctl/ike1.ok @@ -0,0 +1,15 @@ +C set [peer-131.188.33.29]:Phase=1 force +C set [peer-131.188.33.29]:Address=131.188.33.29 force +C set [IPsec-131.188.33.51-131.188.33.29]:Phase=2 force +C set [IPsec-131.188.33.51-131.188.33.29]:ISAKMP-peer=peer-131.188.33.29 force +C set [IPsec-131.188.33.51-131.188.33.29]:Configuration=qm-131.188.33.51-131.188.33.29 force +C set [IPsec-131.188.33.51-131.188.33.29]:Local-ID=lid-131.188.33.51 force +C set [IPsec-131.188.33.51-131.188.33.29]:Remote-ID=rid-131.188.33.29 force +C set [qm-131.188.33.51-131.188.33.29]:EXCHANGE_TYPE=QUICK_MODE force +C set [qm-131.188.33.51-131.188.33.29]:Suites=QM-ESP-AES-SHA2-256-PFS-SUITE force +C set [lid-131.188.33.51]:ID-type=IPV4_ADDR force +C set [lid-131.188.33.51]:Address=131.188.33.51 force +C set [rid-131.188.33.29]:ID-type=IPV4_ADDR force +C set [rid-131.188.33.29]:Address=131.188.33.29 force +t IPsec-131.188.33.51-131.188.33.29 +c IPsec-131.188.33.51-131.188.33.29 diff --git a/regress/sbin/ipsecctl/ike2.in b/regress/sbin/ipsecctl/ike2.in new file mode 100644 index 00000000000..8e67139c336 --- /dev/null +++ b/regress/sbin/ipsecctl/ike2.in @@ -0,0 +1 @@ +ike from 10.1.1.0/24 to 10.1.2.0/24 peer 131.188.33.29 diff --git a/regress/sbin/ipsecctl/ike2.ok b/regress/sbin/ipsecctl/ike2.ok new file mode 100644 index 00000000000..8e7b78b2a3a --- /dev/null +++ b/regress/sbin/ipsecctl/ike2.ok @@ -0,0 +1,17 @@ +C set [peer-131.188.33.29]:Phase=1 force +C set [peer-131.188.33.29]:Address=131.188.33.29 force +C set [IPsec-10.1.1.0/24-10.1.2.0/24]:Phase=2 force +C set [IPsec-10.1.1.0/24-10.1.2.0/24]:ISAKMP-peer=peer-131.188.33.29 force +C set [IPsec-10.1.1.0/24-10.1.2.0/24]:Configuration=qm-10.1.1.0/24-10.1.2.0/24 force +C set [IPsec-10.1.1.0/24-10.1.2.0/24]:Local-ID=lid-10.1.1.0/24 force +C set [IPsec-10.1.1.0/24-10.1.2.0/24]:Remote-ID=rid-10.1.2.0/24 force +C set [qm-10.1.1.0/24-10.1.2.0/24]:EXCHANGE_TYPE=QUICK_MODE force +C set [qm-10.1.1.0/24-10.1.2.0/24]:Suites=QM-ESP-AES-SHA2-256-PFS-SUITE force +C set [lid-10.1.1.0/24]:ID-type=IPV4_ADDR_SUBNET force +C set [lid-10.1.1.0/24]:Network=10.1.1.0 force +C set [lid-10.1.1.0/24]:Netmask=255.255.255.0 force +C set [rid-10.1.2.0/24]:ID-type=IPV4_ADDR_SUBNET force +C set [rid-10.1.2.0/24]:Network=10.1.2.0 force +C set [rid-10.1.2.0/24]:Netmask=255.255.255.0 force +t IPsec-10.1.1.0/24-10.1.2.0/24 +c IPsec-10.1.1.0/24-10.1.2.0/24 diff --git a/regress/sbin/ipsecctl/ike3.in b/regress/sbin/ipsecctl/ike3.in new file mode 100644 index 00000000000..4dec756edfb --- /dev/null +++ b/regress/sbin/ipsecctl/ike3.in @@ -0,0 +1,2 @@ +ike from 131.188.33.51 to 131.188.33.29 \ + srcid sharleena.as10.net dstid faui31o.informatik.uni-erlangen.de diff --git a/regress/sbin/ipsecctl/ike3.ok b/regress/sbin/ipsecctl/ike3.ok new file mode 100644 index 00000000000..934da8754e9 --- /dev/null +++ b/regress/sbin/ipsecctl/ike3.ok @@ -0,0 +1,21 @@ +C set [peer-131.188.33.29]:Phase=1 force +C set [peer-131.188.33.29]:Address=131.188.33.29 force +C set [peer-131.188.33.29]:ID=local-ID force +C set [local-ID]:ID-type=FQDN force +C set [local-ID]:Name=sharleena.as10.net force +C set [peer-131.188.33.29]:Remote-ID=131.188.33.29-ID force +C set [131.188.33.29-ID]:ID-type=FQDN force +C set [131.188.33.29-ID]:Name=faui31o.informatik.uni-erlangen.de force +C set [IPsec-131.188.33.51-131.188.33.29]:Phase=2 force +C set [IPsec-131.188.33.51-131.188.33.29]:ISAKMP-peer=peer-131.188.33.29 force +C set [IPsec-131.188.33.51-131.188.33.29]:Configuration=qm-131.188.33.51-131.188.33.29 force +C set [IPsec-131.188.33.51-131.188.33.29]:Local-ID=lid-131.188.33.51 force +C set [IPsec-131.188.33.51-131.188.33.29]:Remote-ID=rid-131.188.33.29 force +C set [qm-131.188.33.51-131.188.33.29]:EXCHANGE_TYPE=QUICK_MODE force +C set [qm-131.188.33.51-131.188.33.29]:Suites=QM-ESP-AES-SHA2-256-PFS-SUITE force +C set [lid-131.188.33.51]:ID-type=IPV4_ADDR force +C set [lid-131.188.33.51]:Address=131.188.33.51 force +C set [rid-131.188.33.29]:ID-type=IPV4_ADDR force +C set [rid-131.188.33.29]:Address=131.188.33.29 force +t IPsec-131.188.33.51-131.188.33.29 +c IPsec-131.188.33.51-131.188.33.29 diff --git a/regress/sbin/ipsecctl/ike4.in b/regress/sbin/ipsecctl/ike4.in new file mode 100644 index 00000000000..3bd0446aaa7 --- /dev/null +++ b/regress/sbin/ipsecctl/ike4.in @@ -0,0 +1,2 @@ +ike from 10.1.1.0/24 to 10.1.2.0/24 peer 131.188.33.29 \ + srcid sharleena.as10.net dstid faui31o.informatik.uni-erlangen.de diff --git a/regress/sbin/ipsecctl/ike4.ok b/regress/sbin/ipsecctl/ike4.ok new file mode 100644 index 00000000000..b4a9fb8da43 --- /dev/null +++ b/regress/sbin/ipsecctl/ike4.ok @@ -0,0 +1,23 @@ +C set [peer-131.188.33.29]:Phase=1 force +C set [peer-131.188.33.29]:Address=131.188.33.29 force +C set [peer-131.188.33.29]:ID=local-ID force +C set [local-ID]:ID-type=FQDN force +C set [local-ID]:Name=sharleena.as10.net force +C set [peer-131.188.33.29]:Remote-ID=131.188.33.29-ID force +C set [131.188.33.29-ID]:ID-type=FQDN force +C set [131.188.33.29-ID]:Name=faui31o.informatik.uni-erlangen.de force +C set [IPsec-10.1.1.0/24-10.1.2.0/24]:Phase=2 force +C set [IPsec-10.1.1.0/24-10.1.2.0/24]:ISAKMP-peer=peer-131.188.33.29 force +C set [IPsec-10.1.1.0/24-10.1.2.0/24]:Configuration=qm-10.1.1.0/24-10.1.2.0/24 force +C set [IPsec-10.1.1.0/24-10.1.2.0/24]:Local-ID=lid-10.1.1.0/24 force +C set [IPsec-10.1.1.0/24-10.1.2.0/24]:Remote-ID=rid-10.1.2.0/24 force +C set [qm-10.1.1.0/24-10.1.2.0/24]:EXCHANGE_TYPE=QUICK_MODE force +C set [qm-10.1.1.0/24-10.1.2.0/24]:Suites=QM-ESP-AES-SHA2-256-PFS-SUITE force +C set [lid-10.1.1.0/24]:ID-type=IPV4_ADDR_SUBNET force +C set [lid-10.1.1.0/24]:Network=10.1.1.0 force +C set [lid-10.1.1.0/24]:Netmask=255.255.255.0 force +C set [rid-10.1.2.0/24]:ID-type=IPV4_ADDR_SUBNET force +C set [rid-10.1.2.0/24]:Network=10.1.2.0 force +C set [rid-10.1.2.0/24]:Netmask=255.255.255.0 force +t IPsec-10.1.1.0/24-10.1.2.0/24 +c IPsec-10.1.1.0/24-10.1.2.0/24 diff --git a/regress/sbin/ipsecctl/ike5.in b/regress/sbin/ipsecctl/ike5.in new file mode 100644 index 00000000000..b46ddc016a7 --- /dev/null +++ b/regress/sbin/ipsecctl/ike5.in @@ -0,0 +1,8 @@ +ike esp from 10.1.1.0/24 to 10.1.2.0/24 peer 131.188.33.29 \ + main auth sha1 enc 3des \ + quick auth hmac-sha1 enc 3des \ + srcid sharleena.as10.net dstid faui31o.informatik.uni-erlangen.de +ike esp from 131.188.33.51 to 131.188.33.29 \ + main auth sha1 enc aes \ + quick auth hmac-sha2-256 enc aes \ + srcid sharleena.as10.net dstid faui31o.informatik.uni-erlangen.de diff --git a/regress/sbin/ipsecctl/ike5.ok b/regress/sbin/ipsecctl/ike5.ok new file mode 100644 index 00000000000..4eaef03431b --- /dev/null +++ b/regress/sbin/ipsecctl/ike5.ok @@ -0,0 +1,50 @@ +C set [peer-131.188.33.29]:Phase=1 force +C set [peer-131.188.33.29]:Address=131.188.33.29 force +C set [peer-131.188.33.29]:Configuration=mm-131.188.33.29 force +C set [mm-131.188.33.29]:EXCHANGE_TYPE=ID_PROT force +C add [mm-131.188.33.29]:Transforms=3DES-SHA-RSA_SIG +C set [peer-131.188.33.29]:ID=local-ID force +C set [local-ID]:ID-type=FQDN force +C set [local-ID]:Name=sharleena.as10.net force +C set [peer-131.188.33.29]:Remote-ID=131.188.33.29-ID force +C set [131.188.33.29-ID]:ID-type=FQDN force +C set [131.188.33.29-ID]:Name=faui31o.informatik.uni-erlangen.de force +C set [IPsec-10.1.1.0/24-10.1.2.0/24]:Phase=2 force +C set [IPsec-10.1.1.0/24-10.1.2.0/24]:ISAKMP-peer=peer-131.188.33.29 force +C set [IPsec-10.1.1.0/24-10.1.2.0/24]:Configuration=qm-10.1.1.0/24-10.1.2.0/24 force +C set [IPsec-10.1.1.0/24-10.1.2.0/24]:Local-ID=lid-10.1.1.0/24 force +C set [IPsec-10.1.1.0/24-10.1.2.0/24]:Remote-ID=rid-10.1.2.0/24 force +C set [qm-10.1.1.0/24-10.1.2.0/24]:EXCHANGE_TYPE=QUICK_MODE force +C set [qm-10.1.1.0/24-10.1.2.0/24]:Suites=QM-ESP-3DES-SHA-PFS-SUITE force +C set [lid-10.1.1.0/24]:ID-type=IPV4_ADDR_SUBNET force +C set [lid-10.1.1.0/24]:Network=10.1.1.0 force +C set [lid-10.1.1.0/24]:Netmask=255.255.255.0 force +C set [rid-10.1.2.0/24]:ID-type=IPV4_ADDR_SUBNET force +C set [rid-10.1.2.0/24]:Network=10.1.2.0 force +C set [rid-10.1.2.0/24]:Netmask=255.255.255.0 force +t IPsec-10.1.1.0/24-10.1.2.0/24 +c IPsec-10.1.1.0/24-10.1.2.0/24 +C set [peer-131.188.33.29]:Phase=1 force +C set [peer-131.188.33.29]:Address=131.188.33.29 force +C set [peer-131.188.33.29]:Configuration=mm-131.188.33.29 force +C set [mm-131.188.33.29]:EXCHANGE_TYPE=ID_PROT force +C add [mm-131.188.33.29]:Transforms=AES-SHA-RSA_SIG +C set [peer-131.188.33.29]:ID=local-ID force +C set [local-ID]:ID-type=FQDN force +C set [local-ID]:Name=sharleena.as10.net force +C set [peer-131.188.33.29]:Remote-ID=131.188.33.29-ID force +C set [131.188.33.29-ID]:ID-type=FQDN force +C set [131.188.33.29-ID]:Name=faui31o.informatik.uni-erlangen.de force +C set [IPsec-131.188.33.51-131.188.33.29]:Phase=2 force +C set [IPsec-131.188.33.51-131.188.33.29]:ISAKMP-peer=peer-131.188.33.29 force +C set [IPsec-131.188.33.51-131.188.33.29]:Configuration=qm-131.188.33.51-131.188.33.29 force +C set [IPsec-131.188.33.51-131.188.33.29]:Local-ID=lid-131.188.33.51 force +C set [IPsec-131.188.33.51-131.188.33.29]:Remote-ID=rid-131.188.33.29 force +C set [qm-131.188.33.51-131.188.33.29]:EXCHANGE_TYPE=QUICK_MODE force +C set [qm-131.188.33.51-131.188.33.29]:Suites=QM-ESP-AES-SHA2-256-PFS-SUITE force +C set [lid-131.188.33.51]:ID-type=IPV4_ADDR force +C set [lid-131.188.33.51]:Address=131.188.33.51 force +C set [rid-131.188.33.29]:ID-type=IPV4_ADDR force +C set [rid-131.188.33.29]:Address=131.188.33.29 force +t IPsec-131.188.33.51-131.188.33.29 +c IPsec-131.188.33.51-131.188.33.29 diff --git a/regress/sbin/ipsecctl/ike6.in b/regress/sbin/ipsecctl/ike6.in new file mode 100644 index 00000000000..9ae17618490 --- /dev/null +++ b/regress/sbin/ipsecctl/ike6.in @@ -0,0 +1,2 @@ +ike from 10.1.1.0/24 to 10.1.2.0/24 peer 131.188.33.29 +ike from 131.188.33.51 to 131.188.33.29 diff --git a/regress/sbin/ipsecctl/ike6.ok b/regress/sbin/ipsecctl/ike6.ok new file mode 100644 index 00000000000..938fa5334b7 --- /dev/null +++ b/regress/sbin/ipsecctl/ike6.ok @@ -0,0 +1,32 @@ +C set [peer-131.188.33.29]:Phase=1 force +C set [peer-131.188.33.29]:Address=131.188.33.29 force +C set [IPsec-10.1.1.0/24-10.1.2.0/24]:Phase=2 force +C set [IPsec-10.1.1.0/24-10.1.2.0/24]:ISAKMP-peer=peer-131.188.33.29 force +C set [IPsec-10.1.1.0/24-10.1.2.0/24]:Configuration=qm-10.1.1.0/24-10.1.2.0/24 force +C set [IPsec-10.1.1.0/24-10.1.2.0/24]:Local-ID=lid-10.1.1.0/24 force +C set [IPsec-10.1.1.0/24-10.1.2.0/24]:Remote-ID=rid-10.1.2.0/24 force +C set [qm-10.1.1.0/24-10.1.2.0/24]:EXCHANGE_TYPE=QUICK_MODE force +C set [qm-10.1.1.0/24-10.1.2.0/24]:Suites=QM-ESP-AES-SHA2-256-PFS-SUITE force +C set [lid-10.1.1.0/24]:ID-type=IPV4_ADDR_SUBNET force +C set [lid-10.1.1.0/24]:Network=10.1.1.0 force +C set [lid-10.1.1.0/24]:Netmask=255.255.255.0 force +C set [rid-10.1.2.0/24]:ID-type=IPV4_ADDR_SUBNET force +C set [rid-10.1.2.0/24]:Network=10.1.2.0 force +C set [rid-10.1.2.0/24]:Netmask=255.255.255.0 force +t IPsec-10.1.1.0/24-10.1.2.0/24 +c IPsec-10.1.1.0/24-10.1.2.0/24 +C set [peer-131.188.33.29]:Phase=1 force +C set [peer-131.188.33.29]:Address=131.188.33.29 force +C set [IPsec-131.188.33.51-131.188.33.29]:Phase=2 force +C set [IPsec-131.188.33.51-131.188.33.29]:ISAKMP-peer=peer-131.188.33.29 force +C set [IPsec-131.188.33.51-131.188.33.29]:Configuration=qm-131.188.33.51-131.188.33.29 force +C set [IPsec-131.188.33.51-131.188.33.29]:Local-ID=lid-131.188.33.51 force +C set [IPsec-131.188.33.51-131.188.33.29]:Remote-ID=rid-131.188.33.29 force +C set [qm-131.188.33.51-131.188.33.29]:EXCHANGE_TYPE=QUICK_MODE force +C set [qm-131.188.33.51-131.188.33.29]:Suites=QM-ESP-AES-SHA2-256-PFS-SUITE force +C set [lid-131.188.33.51]:ID-type=IPV4_ADDR force +C set [lid-131.188.33.51]:Address=131.188.33.51 force +C set [rid-131.188.33.29]:ID-type=IPV4_ADDR force +C set [rid-131.188.33.29]:Address=131.188.33.29 force +t IPsec-131.188.33.51-131.188.33.29 +c IPsec-131.188.33.51-131.188.33.29 diff --git a/regress/sbin/ipsecctl/ike7.in b/regress/sbin/ipsecctl/ike7.in new file mode 100644 index 00000000000..90197b85e6c --- /dev/null +++ b/regress/sbin/ipsecctl/ike7.in @@ -0,0 +1,2 @@ +ike passive from 10.1.2.0/24 to 10.1.1.0/24 peer 131.188.33.51 +ike passive from 131.188.33.29 to 131.188.33.51 diff --git a/regress/sbin/ipsecctl/ike7.ok b/regress/sbin/ipsecctl/ike7.ok new file mode 100644 index 00000000000..c2c19614781 --- /dev/null +++ b/regress/sbin/ipsecctl/ike7.ok @@ -0,0 +1,30 @@ +C set [peer-131.188.33.51]:Phase=1 force +C set [peer-131.188.33.51]:Address=131.188.33.51 force +C set [IPsec-10.1.2.0/24-10.1.1.0/24]:Phase=2 force +C set [IPsec-10.1.2.0/24-10.1.1.0/24]:ISAKMP-peer=peer-131.188.33.51 force +C set [IPsec-10.1.2.0/24-10.1.1.0/24]:Configuration=qm-10.1.2.0/24-10.1.1.0/24 force +C set [IPsec-10.1.2.0/24-10.1.1.0/24]:Local-ID=lid-10.1.2.0/24 force +C set [IPsec-10.1.2.0/24-10.1.1.0/24]:Remote-ID=rid-10.1.1.0/24 force +C set [qm-10.1.2.0/24-10.1.1.0/24]:EXCHANGE_TYPE=QUICK_MODE force +C set [qm-10.1.2.0/24-10.1.1.0/24]:Suites=QM-ESP-AES-SHA2-256-PFS-SUITE force +C set [lid-10.1.2.0/24]:ID-type=IPV4_ADDR_SUBNET force +C set [lid-10.1.2.0/24]:Network=10.1.2.0 force +C set [lid-10.1.2.0/24]:Netmask=255.255.255.0 force +C set [rid-10.1.1.0/24]:ID-type=IPV4_ADDR_SUBNET force +C set [rid-10.1.1.0/24]:Network=10.1.1.0 force +C set [rid-10.1.1.0/24]:Netmask=255.255.255.0 force +C add [Phase 2]:Passive-Connections=IPsec-10.1.2.0/24-10.1.1.0/24 +C set [peer-131.188.33.51]:Phase=1 force +C set [peer-131.188.33.51]:Address=131.188.33.51 force +C set [IPsec-131.188.33.29-131.188.33.51]:Phase=2 force +C set [IPsec-131.188.33.29-131.188.33.51]:ISAKMP-peer=peer-131.188.33.51 force +C set [IPsec-131.188.33.29-131.188.33.51]:Configuration=qm-131.188.33.29-131.188.33.51 force +C set [IPsec-131.188.33.29-131.188.33.51]:Local-ID=lid-131.188.33.29 force +C set [IPsec-131.188.33.29-131.188.33.51]:Remote-ID=rid-131.188.33.51 force +C set [qm-131.188.33.29-131.188.33.51]:EXCHANGE_TYPE=QUICK_MODE force +C set [qm-131.188.33.29-131.188.33.51]:Suites=QM-ESP-AES-SHA2-256-PFS-SUITE force +C set [lid-131.188.33.29]:ID-type=IPV4_ADDR force +C set [lid-131.188.33.29]:Address=131.188.33.29 force +C set [rid-131.188.33.51]:ID-type=IPV4_ADDR force +C set [rid-131.188.33.51]:Address=131.188.33.51 force +C add [Phase 2]:Passive-Connections=IPsec-131.188.33.29-131.188.33.51 |