/testing/guestbin/swan-prep --userland strongswan
east #
 ../../pluto/bin/strongswan-start.sh
east #
 echo "initdone"
initdone
east #
 ip xfrm state
src 192.1.2.23 dst 192.1.33.222
	proto esp spi 0xSPISPIXX reqid REQID mode tunnel
	enc cbc(aes) 0xKEY
src 192.1.33.222 dst 192.1.2.23
	proto esp spi 0xSPISPIXX reqid REQID mode tunnel
	enc cbc(aes) 0xKEY
east #
 ip xfrm pol
src 192.0.2.0/24 dst 192.0.3.2/32 
	dir out priority 371327 ptype main 
	tmpl src 192.1.2.23 dst 192.1.33.222
		proto esp spi 0xSPISPI reqid 1 mode tunnel
src 192.0.3.2/32 dst 192.0.2.0/24 
	dir fwd priority 371327 ptype main 
	tmpl src 192.1.33.222 dst 192.1.2.23
src 192.0.3.2/32 dst 192.0.2.0/24 
	dir in priority 371327 ptype main 
	tmpl src 192.1.33.222 dst 192.1.2.23
src 192.0.2.0/24 dst 192.0.3.1/32 
	dir out priority 371327 ptype main 
	tmpl src 192.1.2.23 dst 192.1.33.222
		proto esp spi 0xSPISPI reqid 1 mode tunnel
src 192.0.3.1/32 dst 192.0.2.0/24 
	dir fwd priority 371327 ptype main 
	tmpl src 192.1.33.222 dst 192.1.2.23
src 192.0.3.1/32 dst 192.0.2.0/24 
	dir in priority 371327 ptype main 
	tmpl src 192.1.33.222 dst 192.1.2.23
east #
 if [ -f /var/run/pluto/pluto.pid ]; then ipsec whack --trafficstatus ; fi
east #
 if [ -f /var/run/charon.pid ]; then strongswan status ; fi
Security Associations (1 up, 0 connecting):
roadnet-eastnet-ikev2[2]: ESTABLISHED XXX second ago, 192.1.2.23[east]...192.1.33.222[road]
roadnet-eastnet-ikev2{1}:  INSTALLED, TUNNEL, reqid 1, ESP SPIs: SPISPI_i SPISPI_o
roadnet-eastnet-ikev2{1}:   192.0.2.0/24 === 192.0.3.1/32 192.0.3.2/32
east #
 sleep 7
east #
east #
 ../bin/check-for-core.sh
east #
 if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi

