File: test01.sh

package info (click to toggle)
openswan 1%3A2.4.6%2Bdfsg.2-1.1%2Betch2
  • links: PTS
  • area: main
  • in suites: etch
  • size: 25,000 kB
  • ctags: 16,877
  • sloc: ansic: 121,112; sh: 19,782; xml: 9,699; asm: 4,422; perl: 4,087; makefile: 3,367; tcl: 713; exp: 657; yacc: 396; pascal: 328; lex: 289; sed: 265; awk: 124; lisp: 3
file content (32 lines) | stat: -rw-r--r-- 990 bytes parent folder | download | duplicates (6) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
 
#!/bin/sh

ipsec spi --clear
ipsec eroute --clear

enckey=0x4043434545464649494a4a4c4c4f4f515152525454575758
authkey=0x87658765876587658765876587658765
lifetime="--life soft-packets=10"

#ipsec klipsdebug --set pfkey
#ipsec klipsdebug --set verbose

ipsec spi --af inet --edst 192.1.2.45 --spi 0x12345678 --proto esp --src 192.1.2.23 --esp 3des-md5-96 $lifetime --enckey $enckey --authkey $authkey

ipsec spi --af inet --edst 192.1.2.45 --spi 0x12345678 --proto tun --src 192.1.2.23 --dst 192.1.2.45 --ip4

ipsec spigrp inet 192.1.2.45 0x12345678 tun inet 192.1.2.45 0x12345678 esp 

ipsec eroute --add --eraf inet --src 192.0.2.0/24 --dst 192.0.1.0/24 --said tun0x12345678@192.1.2.45

ipsec tncfg --attach --virtual ipsec0 --physical eth1
ifconfig ipsec0 inet 192.1.2.23 netmask 0xffffff00 broadcast 192.1.2.255 up

arp -s 192.1.2.45 10:00:00:64:64:45
arp -s 192.1.2.254 10:00:00:64:64:45

ipsec look

# magic route command
route add -host 192.0.1.1 gw 192.1.2.45 dev ipsec0

ipsec pf_key