File: westrun.sh

package info (click to toggle)
libreswan 5.2-2.2
  • links: PTS, VCS
  • area: main
  • in suites: forky, trixie
  • size: 81,632 kB
  • sloc: ansic: 129,988; sh: 32,018; xml: 20,646; python: 10,303; makefile: 3,022; javascript: 1,506; sed: 574; yacc: 511; perl: 264; awk: 52
file content (34 lines) | stat: -rwxr-xr-x 935 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
 
#!/bin/sh
# we can transmit in the clear
../../guestbin/ping-once.sh --up 192.1.2.23
# bring up the tunnel
ipsec auto --up west-east
../../guestbin/ping-once.sh --up 192.1.2.23
echo "Tunnel should be up"
ipsec whack --trafficstatus
# Let R_U_THERE packets flow
echo "Waiting 15 seconds..."
sleep 15
echo "Setting up block via iptables"
iptables -I INPUT -s 192.1.2.23/32 -d 0/0 -j DROP
iptables -I OUTPUT -d 192.1.2.23/32 -s 0/0 -j DROP
: ==== cut ====
sleep 10
ipsec whack --trafficstatus
sleep 10
ipsec whack --trafficstatus
sleep 10
: ==== tuc ====
# DPD should have triggered now
echo "Tunnel should be down"
ipsec whack --trafficstatus
# Remove the Blockage
echo "Removing block"
iptables -D INPUT -s 192.1.2.23/32 -d 0/0 -j DROP
iptables -D OUTPUT -d 192.1.2.23/32 -s 0/0 -j DROP
sleep 10
../../guestbin/ping-once.sh --up 192.1.2.23
# Tunnel should be back up now
echo "Tunnel should be up"
ipsec whack --trafficstatus
echo done