Starting UML PATH/start.sh
spawn PATH single
Linux version XXXX
On node 0 totalpages: 8192
Kernel command line:
Calibrating delay loop... XXXX bogomips
Dentry-cache hash table entries: NUMBERS
Inode-cache hash table entries: NUMBERS
Mount-cache hash table entries: NUMBERS
Buffer-cache hash table entries: NUMBERS
Page-cache hash table entries: NUMEBRS
POSIX conformance testing by UNIFIX
Linux NET4.0 for Linux 2.4
Based upon Swansea University Computer Society NET3.039
Initializing RT netlink socket
Starting kswapd
VFS: Diskquotas version dquot_6.4.0 initialized
devfs: VERSION Richard Gooch (rgooch@atnf.csiro.au)
devfs: boot_options Q
pty: 256 Unix98 ptys configured
SLIP: version 0.8.4-NET3.019-NEWTTY (dynamic channels, max=256).
loop: loaded (max 8 devices)
PPP generic driver version VERSION
Universal TUN/TAP device driver VERSION
NET4: Linux TCP/IP 1.0 for NET4.0
IP Protocols: ICMP, UDP, TCP
IP: routing cache hash table of 512 buckets, 4Kbytes
TCP: Hash tables configured (established 2048 bind 2048)
IPv4 over IPv4 tunneling driver
GRE over IPv4 tunneling driver
NET4: Unix domain sockets 1.0/SMP for Linux NET4.0.
Mounted devfs on /dev
INIT: version 2.78 booting
Activating swap...
Calculating module dependancies
done.
Loading modules: LIST

Checking all file systems...
Parallelizing fsck version 1.18 (11-Nov-1999)
Setting kernel variables.
Mounting local filesystems...
/dev/shm on /tmp type tmpfs (rw)
/dev/shm on /var/run type tmpfs (rw)
devpts on /dev/pts type devpts (rw,mode=0622)
none on /usr/share type hostfs (ro)
Enabling packet forwarding: done.
Configuring network interfaces: done.
Cleaning: /tmp /var/lock /var/run.
Initializing random number generator... done.
Recovering nvi editor sessions... done.
Give root password for maintenance
(or type Control-D for normal startup): 
road:~#
 klogd -c 4 -x -f /tmp/klog.log
road:~#
 : this is an non-existant name
road:~#
 hostname nonexist.uml.freeswan.org.
road:~#
 ifconfig eth0 inet 192.1.3.209
road:~#
 route delete -net default 
road:~#
 route add -net default gw 192.1.3.254
road:~#
 netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.1.3.0       0.0.0.0         255.255.255.0   U        40 0          0 eth0
0.0.0.0         192.1.3.254     0.0.0.0         UG       40 0          0 eth0
road:~#
 named
road:~#
 sleep 2
road:~#
 (echo "txt 12334 nonexist.uml.freeswan.org."; echo quit) | ipsec lwdnsq -X
12334 3145915 0 START
12334 3145915 0 RETRY RR of type TXT for nonexist.uml.freeswan.org. was not found
12334 3145915 0 DONE
road:~#
 (echo "key 12334 nonexist.uml.freeswan.org."; echo quit) | ipsec lwdnsq -X
12334 3145915 0 START
12334 3145915 0 RETRY RR of type KEY for nonexist.uml.freeswan.org. was not found
12334 3145915 0 DONE
road:~#
 : script will also put 192.0.2.2 into private food group
road:~#
 TESTNAME=myid-road-05
road:~#
 source /testing/pluto/bin/roadlocal.sh
road:~#
 ipsec setup start
ipsec_setup: Starting Openswan IPsec VERSION
road:~#
 /testing/pluto/oe-road-01/policy-wait.sh
road:~#
 ipsec whack --status | grep 192.0.2.2
000 "private#192.0.2.2/32": 192.1.3.209[%myid]---192.1.3.254...%opportunistic===192.0.2.2/32; prospective erouted; eroute owner: #0
000 "private#192.0.2.2/32":   ike_life: 3600s; ipsec_life: 3600s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3
000 "private#192.0.2.2/32":   policy: RSASIG+ENCRYPT+TUNNEL+PFS+DONTREKEY+OPPORTUNISTIC+failureDROP+lKOD+rKOD; prio: 32,0; interface: eth0; 
000 "private#192.0.2.2/32":   newest ISAKMP SA: #0; newest IPsec SA: #0; 
road:~#
 echo done
done
road:~#
 : turn on debugging
road:~#
 ipsec whack --debug-control --debug-oppo --debug-dns
road:~#
 : check out config
road:~#
 ipsec eroute
0          0.0.0.0/0          -> 0.0.0.0/0          => %trap
0          192.1.3.209/32     -> 0.0.0.0/0          => %trap
0          192.1.3.209/32     -> 192.0.2.2/32       => %trap
0          192.1.3.209/32     -> 192.1.2.129/32     => %pass
0          192.1.3.209/32     -> 192.1.2.130/32     => %pass
0          192.1.3.209/32     -> 192.1.2.254/32     => %pass
road:~#
 : use oppohere/oppothere to see negotiation
road:~#
 ipsec whack --oppohere 192.1.3.209 --oppothere 192.0.2.2
003 can not use our IP (192.1.3.209:TXT) as identity: no TXT RR found for us
003 can not use our hostname (@nonexist.uml.freeswan.org:TXT) as identity: no TXT RR found for us
003 can not use our IP (192.1.3.209:KEY) as identity: no KEY RR found for us
033 Can't Opportunistically initiate for 192.1.3.209 to 192.0.2.2: probing our hostname/KEY ID: RR of type KEY for nonexist.uml.freeswan.org. was not found
road:~#
 : try again with ping
road:~#
 ping -c 2 192.0.2.2
PING 192.0.2.2 (192.0.2.2): 56 data bytes

--- 192.0.2.2 ping statistics ---
2 packets transmitted, 0 packets received, 100% packet loss
road:~#
 if ! ipsec eroute | grep -q drop ; then echo 'MISSING DROP!' ; ipsec eroute ; ipsec auto --status ; else echo 'found expected drop' ; fi
found expected drop
road:~#
 

road:~#
 : check out the myid that I concluded with
road:~#
 ipsec auto --status | grep '%myid ='
000 %myid = (none)
road:~#
road:~#
 halt
INIT: Switching to runlevel: 0
INIT: Sending processes the TERM signal
road:~#
 kill `cat /var/run/klogd.pid`; cat /tmp/klog.log
klogd 1.3-3#33.1, log source = /proc/kmsg started.
road:~#
 halt
road:~#
 INIT: Sending processes the KILL signal
Stopping domain name service: named.
Stopping internet superserver: inetd.
Stopping portmap daemon: portmap.
ipsec_setup: Stopping Openswan IPsec...
IPSEC EVENT: KLIPS device ipsec0 shut down.

Stopping system log daemon: klogd syslogd.
Sending all processes the TERM signal... done.
Sending all processes the KILL signal... done.
Unmounting remote filesystems... done.
Deactivating swap... done.
Unmounting local filesystems... done.
Power down.

