Starting UML PATH/start.sh
spawn PATH single
Linux version XXXX
On node 0 totalpages: 8192
Kernel command line:
Calibrating delay loop... XXXX bogomips
Dentry-cache hash table entries: NUMBERS
Inode-cache hash table entries: NUMBERS
Mount-cache hash table entries: NUMBERS
Buffer-cache hash table entries: NUMBERS
Page-cache hash table entries: NUMEBRS
POSIX conformance testing by UNIFIX
Linux NET4.0 for Linux 2.4
Based upon Swansea University Computer Society NET3.039
Initializing RT netlink socket
Starting kswapd
VFS: Diskquotas version dquot_6.4.0 initialized
devfs: VERSION Richard Gooch (rgooch@atnf.csiro.au)
devfs: boot_options Q
pty: 256 Unix98 ptys configured
SLIP: version 0.8.4-NET3.019-NEWTTY (dynamic channels, max=256).
loop: loaded (max 8 devices)
PPP generic driver version VERSION
Universal TUN/TAP device driver VERSION
NET4: Linux TCP/IP 1.0 for NET4.0
IP Protocols: ICMP, UDP, TCP
IP: routing cache hash table of 512 buckets, 4Kbytes
TCP: Hash tables configured (established 2048 bind 2048)
IPv4 over IPv4 tunneling driver
GRE over IPv4 tunneling driver
NET4: Unix domain sockets 1.0/SMP for Linux NET4.0.
Mounted devfs on /dev
INIT: version 2.78 booting
Activating swap...
Calculating module dependancies
done.
Loading modules: LIST

Checking all file systems...
Parallelizing fsck version 1.18 (11-Nov-1999)
Setting kernel variables.
Mounting local filesystems...
/dev/shm on /tmp type tmpfs (rw)
/dev/shm on /var/run type tmpfs (rw)
devpts on /dev/pts type devpts (rw,mode=0622)
none on /usr/share type hostfs (ro)
Enabling packet forwarding: done.
Configuring network interfaces: done.
Cleaning: /tmp /var/lock /var/run.
Initializing random number generator... done.
Recovering nvi editor sessions... done.
Give root password for maintenance
(or type Control-D for normal startup): 
east:~#
 klogd -c 4 -x -f /tmp/klog.log
east:~#
 ipsec setup start
ipsec_setup: Starting Openswan IPsec VERSION
east:~#
 /testing/pluto/bin/wait-until-policy-loaded
east:~#
 ipsec whack --label "\"SAwest-east\" leftrsasigkey"  --keyid "@west" --pubkeyrsa "0sAQNzGEFs18VKT00sA+4p+GUKn9C55PYuPQca6C+9Qhj0jfMdQnTRTDLeI+lp9TnidHH7fVpq+PkfiF2LHlZtDwMurLlwzbNOghlEYKfQ080WlOTTUAmOLhAzH28MF70q3hzq0m5fCaVZWtxcV+LfHWdxceCkjBUSaTFtR2W12urFCBz+SB3+OM33aeIbfHxmck2yzhJ8xyMods5kF3ek/RZlFvgN8VqBdcFVrZwTh0mXDCGN12HNFixL6FzQ1jQKerKBbjb0m/IPqugvpVPWVIUajUpLMEmi1FAXc1mFZE9x1SFuSr0NzYIu2ZaHfvsAZY5oN+I+R2oC67fUCjgxY+t7"
east:~#
 ipsec whack --label "\"SAwest-east\" rightrsasigkey"  --keyid "@east" --pubkeyrsa "0sAQN3cn11FrBVbZhWGwRnFDAf8O9FHBmBIyIvmvt0kfkI2UGDDq8k+vYgRkwBZDviLd1p3SkL30LzuV0rqG3vBriqaAUUGoCQ0UMgsuX+k01bROLsqGB1QNXYvYiPLsnoDhKd2Gx9MUMHEjwwEZeyskMT5k91jvoAZvdEkg+9h7urbJ+kRQ4e+IHkMUrreDGwGVptV/hYQVCD54RZep6xp5ymaKRCDgMpzWvlzO80fP7JDjSZf9LI/MMu6c+qwXIKnWoNha75IhFyLWniVczxK2RdhmMhLsi0kC0CoOwWDSIEOb+5zbECDjjud+SF5tT8qRCWnSomX8jtbCdZ50WraQlL"
east:~#
 ipsec whack --name SAwest-east --encrypt --tunnel --pfs --rsasig --host "192.1.2.23"  --nexthop "192.1.2.45" --updown "ipsec _updown" --id "@east" --to --host "%any" --nexthop "%direct" --updown "ipsec _updown" --id "@west" --ipseclifetime "28800" --rekeymargin "540" --keyingtries "1"
002 added connection description "SAwest-east"
east:~#
 ipsec auto --status
000 interface ipsec0/eth1 192.1.2.23
000 %myid = (none)
000 debug none
000  
000 algorithm ESP encrypt: id=3, name=ESP_3DES, ivlen=64, keysizemin=168, keysizemax=168
000 algorithm ESP encrypt: id=12, name=ESP_AES, ivlen=128, keysizemin=128, keysizemax=256
000 algorithm ESP auth attr: id=1, name=AUTH_ALGORITHM_HMAC_MD5, keysizemin=128, keysizemax=128
000 algorithm ESP auth attr: id=2, name=AUTH_ALGORITHM_HMAC_SHA1, keysizemin=160, keysizemax=160
000 algorithm ESP auth attr: id=9, name=AUTH_ALGORITHM_ID9, keysizemin=128, keysizemax=128
000  
000 algorithm IKE encrypt: id=7, name=OAKLEY_AES_CBC, blocksize=16, keydeflen=128
000 algorithm IKE encrypt: id=5, name=OAKLEY_3DES_CBC, blocksize=8, keydeflen=192
000 algorithm IKE hash: id=2, name=OAKLEY_SHA, hashsize=20
000 algorithm IKE hash: id=1, name=OAKLEY_MD5, hashsize=16
000 algorithm IKE dh group: id=2, name=OAKLEY_GROUP_MODP1024, bits=1024
000 algorithm IKE dh group: id=5, name=OAKLEY_GROUP_MODP1536, bits=1536
000 algorithm IKE dh group: id=14, name=OAKLEY_GROUP_MODP2048, bits=2048
000 algorithm IKE dh group: id=15, name=OAKLEY_GROUP_MODP3072, bits=3072
000 algorithm IKE dh group: id=16, name=OAKLEY_GROUP_MODP4096, bits=4096
000 algorithm IKE dh group: id=17, name=OAKLEY_GROUP_MODP6144, bits=6144
000 algorithm IKE dh group: id=18, name=OAKLEY_GROUP_MODP8192, bits=8192
000  
000 stats db_ops.c: {curr_cnt, total_cnt, maxsz} :context={0,0,0} trans={0,0,0} attrs={0,0,0} 
000  
000 "packetdefault": 0.0.0.0/0===192.1.2.23[%myid]---192.1.2.254...%opportunistic; prospective erouted; eroute owner: #0
000 "packetdefault":   ike_life: 3600s; ipsec_life: 3600s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3
000 "packetdefault":   policy: RSASIG+ENCRYPT+TUNNEL+PFS+DONTREKEY+OPPORTUNISTIC+failurePASS+lKOD+rKOD; prio: 0,0; interface: eth1; 
000 "packetdefault":   newest ISAKMP SA: #0; newest IPsec SA: #0; 
000 "packetdefault":   IKE algorithms wanted: 5_000-1-5, 5_000-1-2, 5_000-2-5, 5_000-2-2, flags=-strict
000 "packetdefault":   IKE algorithms found:  5_192-1_128-5, 5_192-1_128-2, 5_192-2_160-5, 5_192-2_160-2, 
000 "packetdefault":   ESP algorithms wanted: 3_000-1, 3_000-2, flags=-strict
000 "packetdefault":   ESP algorithms loaded: 3_000-1, 3_000-2, flags=-strict
000 "SAwest-east": 192.1.2.23[@east,S?C]---192.1.2.45...%any[@west,S?C]; unrouted; eroute owner: #0
000 "SAwest-east":   ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 1
000 "SAwest-east":   policy: RSASIG+ENCRYPT+TUNNEL+PFS; prio: 32,32; interface: eth1; 
000 "SAwest-east":   newest ISAKMP SA: #0; newest IPsec SA: #0; 
000  
000  
east:~#
 

east:~#
 ipsec look
east NOW
0.0.0.0/0          -> 0.0.0.0/0          => %trap
ipsec0->eth1 mtu=16260(9999)->1500
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         192.1.2.254     0.0.0.0         UG       99 0          0 eth1
0.0.0.0         192.1.2.254     128.0.0.0       UG       99 0          0 ipsec0
128.0.0.0       192.1.2.254     128.0.0.0       UG       99 0          0 ipsec0
192.0.1.0       192.1.2.45      255.255.255.0   UG       99 0          0 eth1
192.1.2.0       0.0.0.0         255.255.255.0   U        99 0          0 eth1
192.1.2.0       0.0.0.0         255.255.255.0   U        99 0          0 ipsec0
east:~#
 ipsec auto --status
000 interface ipsec0/eth1 192.1.2.23
000 %myid = (none)
000 debug none
000  
000 algorithm ESP encrypt: id=3, name=ESP_3DES, ivlen=64, keysizemin=168, keysizemax=168
000 algorithm ESP encrypt: id=12, name=ESP_AES, ivlen=128, keysizemin=128, keysizemax=256
000 algorithm ESP auth attr: id=1, name=AUTH_ALGORITHM_HMAC_MD5, keysizemin=128, keysizemax=128
000 algorithm ESP auth attr: id=2, name=AUTH_ALGORITHM_HMAC_SHA1, keysizemin=160, keysizemax=160
000 algorithm ESP auth attr: id=9, name=AUTH_ALGORITHM_ID9, keysizemin=128, keysizemax=128
000  
000 algorithm IKE encrypt: id=7, name=OAKLEY_AES_CBC, blocksize=16, keydeflen=128
000 algorithm IKE encrypt: id=5, name=OAKLEY_3DES_CBC, blocksize=8, keydeflen=192
000 algorithm IKE hash: id=2, name=OAKLEY_SHA, hashsize=20
000 algorithm IKE hash: id=1, name=OAKLEY_MD5, hashsize=16
000 algorithm IKE dh group: id=2, name=OAKLEY_GROUP_MODP1024, bits=1024
000 algorithm IKE dh group: id=5, name=OAKLEY_GROUP_MODP1536, bits=1536
000 algorithm IKE dh group: id=14, name=OAKLEY_GROUP_MODP2048, bits=2048
000 algorithm IKE dh group: id=15, name=OAKLEY_GROUP_MODP3072, bits=3072
000 algorithm IKE dh group: id=16, name=OAKLEY_GROUP_MODP4096, bits=4096
000 algorithm IKE dh group: id=17, name=OAKLEY_GROUP_MODP6144, bits=6144
000 algorithm IKE dh group: id=18, name=OAKLEY_GROUP_MODP8192, bits=8192
000  
000 stats db_ops.c: {curr_cnt, total_cnt, maxsz} :context={0,0,0} trans={0,0,0} attrs={0,0,0} 
000  
000 "packetdefault": 0.0.0.0/0===192.1.2.23[%myid]---192.1.2.254...%opportunistic; prospective erouted; eroute owner: #0
000 "packetdefault":   ike_life: 3600s; ipsec_life: 3600s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3
000 "packetdefault":   policy: RSASIG+ENCRYPT+TUNNEL+PFS+DONTREKEY+OPPORTUNISTIC+failurePASS+lKOD+rKOD; prio: 0,0; interface: eth1; 
000 "packetdefault":   newest ISAKMP SA: #0; newest IPsec SA: #0; 
000 "packetdefault":   IKE algorithms wanted: 5_000-1-5, 5_000-1-2, 5_000-2-5, 5_000-2-2, flags=-strict
000 "packetdefault":   IKE algorithms found:  5_192-1_128-5, 5_192-1_128-2, 5_192-2_160-5, 5_192-2_160-2, 
000 "packetdefault":   ESP algorithms wanted: 3_000-1, 3_000-2, flags=-strict
000 "packetdefault":   ESP algorithms loaded: 3_000-1, 3_000-2, flags=-strict
000 "SAwest-east": 192.1.2.23[@east,S?C]---192.1.2.45...%any[@west,S?C]; unrouted; eroute owner: #0
000 "SAwest-east":   ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 1
000 "SAwest-east":   policy: RSASIG+ENCRYPT+TUNNEL+PFS; prio: 32,32; interface: eth1; 
000 "SAwest-east":   newest ISAKMP SA: #0; newest IPsec SA: #0; 
000  
000  
east:~#
 echo end
end
east:~#
 ipsec setup stop
IPSEC EVENT: KLIPS device ipsec0 shut down.
ipsec_setup: Stopping Openswan IPsec...
east:~#
 kill `cat /var/run/klogd.pid`; cat /tmp/klog.log
klogd 1.3-3#33.1, log source = /proc/kmsg started.
east:~#
 halt -p -f
Power down.

