/testing/guestbin/swan-prep
west #
 ipsec start
Redirecting to: [initsystem]
west #
 ../../guestbin/wait-until-pluto-started
west #
 # parser---* connections from west.conf loaded
west #
 ipsec whack --name whack----rsasig      --host 1.2.3.4 --ikefrag-allow --no-esn --pfs --tunnel --rsasig --encrypt --ikev2-allow --ipv4 --to --host 5.6.7.8
"whack----rsasig": added unoriented IKEv2 connection (neither left=1.2.3.4 nor right=5.6.7.8 match an interface)
west #
 ipsec whack --name whack-----ecdsa      --host 1.2.3.4 --ikefrag-allow --no-esn --pfs --tunnel --ecdsa  --encrypt --ikev2-allow --ipv4 --to --host 5.6.7.8
"whack-----ecdsa": added unoriented IKEv2 connection (neither left=1.2.3.4 nor right=5.6.7.8 match an interface)
west #
 ipsec whack --name whack--defaults      --host 1.2.3.4 --ikefrag-allow --no-esn --pfs --tunnel          --encrypt --ikev2-allow --ipv4 --to --host 5.6.7.8
"whack--defaults": added unoriented IKEv2 connection (neither left=1.2.3.4 nor right=5.6.7.8 match an interface)
west #
 ipsec whack --name whack--ikev2-default --host 1.2.3.4 --ikefrag-allow --no-esn --pfs --tunnel          --encrypt               --ipv4 --to --host 5.6.7.8
"whack--ikev2-default": added unoriented IKEv2 connection (neither left=1.2.3.4 nor right=5.6.7.8 match an interface)
west #
 ipsec connectionstatus | grep "policy:" | grep rsasig | grep TUNNEL
"parser---rsasig":   policy: IKEv2+RSASIG+RSASIG_v1_5+ENCRYPT+TUNNEL+PFS+IKE_FRAG_ALLOW+ESN_NO+ESN_YES;
"whack----rsasig":   policy: IKEv2+RSASIG+RSASIG_v1_5+ENCRYPT+TUNNEL+PFS+IKE_FRAG_ALLOW+ESN_NO;
west #
 ipsec connectionstatus | grep "policy:" | grep defaults | grep TUNNEL
"parser-defaults":   policy: IKEv2+RSASIG+ECDSA+RSASIG_v1_5+ENCRYPT+TUNNEL+PFS+IKE_FRAG_ALLOW+ESN_NO+ESN_YES;
"whack--defaults":   policy: IKEv2+RSASIG+ECDSA+RSASIG_v1_5+ENCRYPT+TUNNEL+PFS+IKE_FRAG_ALLOW+ESN_NO;
west #
 ipsec connectionstatus | grep "hash-policy:" | grep rsasig
"parser---rsasig":   v2-auth-hash-policy: SHA2_256+SHA2_384+SHA2_512;
"whack----rsasig":   v2-auth-hash-policy: SHA2_256+SHA2_384+SHA2_512;
west #
 ipsec connectionstatus | grep "hash-policy:" | grep defaults
"parser-defaults":   v2-auth-hash-policy: SHA2_256+SHA2_384+SHA2_512;
"whack--defaults":   v2-auth-hash-policy: SHA2_256+SHA2_384+SHA2_512;
west #
 ipsec connectionstatus | grep "TUNNEL" | grep ikev2-default | sed "s/^.*policy: \(IKEv.\).*$/\1/"
IKEv2
IKEv2
west #
