1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
|
#!/bin/sh
#
# RCSID $Id: 103,v 1.4 2002/04/24 07:36:14 mcr Exp $
#
net1=192.168.4.0
net2=192.168.1.0
gw1=192.168.2.110
gw2=192.168.2.103
hmask=255.255.255.255
nmask=255.255.255.0
#depmod -a
#modprobe ipsec
#tncfg attach ipsec0 eth1
#ifconfig ipsec0 $gw1
#
# Transport mode
#
#route del $gw2
#route add -host $gw2 dev ipsec0
#
#addrt $gw1 $hmask \
# 192.168.2.100 $hmask \
# 192.168.2.100 135
#setsa 192.168.2.100 135 esp 3des-md5-96 i \
# 1000000000000001 6630663066303133
#setsa $gw1 125 esp 3des-md5-96 i \
# 1000000000000001 6630663066303132
#
# Tunnel mode
#
route del $net2
route add -net $net2 dev ipsec0 gw $gw2
#
# forward path
#
eroute add $net1 $nmask \
$net2 $nmask \
$gw2 203
#echo sleeping after addrt
#sleep 1
#
spi $gw2 203 ip4 \
$gw1 $gw2
spi $gw2 205 esp des-cbc 66306630 6630663066303142
spi $gw2 206 ah hmac-md5 66306630663031326630663066303142
#
spigrp $gw2 203 \
$gw2 205 \
$gw2 206
#
# return path
#
spi $gw1 215 esp des-cbc 66306630 6630663066303143
spi $gw1 216 ah hmac-md5 66306630663031326630663066303143
cat /proc/net/ipsec-spi
echo
cat /proc/net/ipsec-eroute
#
# $Log: 103,v $
# Revision 1.4 2002/04/24 07:36:14 mcr
# Moved from ./klips/test/110/103,v
#
# Revision 1.3 1999/04/06 04:54:34 rgb
# Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes
# patch shell fixes.
#
#
|
