/testing/guestbin/swan-prep
east #
 setenforce 1
east #
 echo ': PSK "ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"' >> /etc/ipsec.secrets
east #
 ipsec start
Redirecting to: [initsystem]
east #
 ../../guestbin/wait-until-pluto-started
east #
 ipsec auto --add ikev1
002 "ikev1": added IKEv1 connection
east #
 ipsec auto --add ikev1-aggr
002 "ikev1-aggr": added IKEv1 connection
east #
 echo "initdone"
initdone
east #
 ipsec stop
Redirecting to: [initsystem]
east #
 grep -E -i "IKE|ipsec-" /var/log/audit/audit.log
type=CRYPTO_IKE_SA msg=audit(XXX): pid=PID uid=0 auid=AUID ses=SES subj=system_u:system_r:unconfined_service_t:s0 msg='op=start direction=responder conn-name="ikev1" connstate=1 ike-version=1 auth=RSA_SIG cipher=aes ksize=256 integ=sha1 prf=sha1 pfs=MODP1536 raddr=192.1.2.45 exe="PATH/libexec/ipsec/pluto" hostname=? addr=192.1.2.23 terminal=? res=success'^]UID="root" AUID="unset"
type=CRYPTO_IPSEC_SA msg=audit(XXX): pid=PID uid=0 auid=AUID ses=SES subj=system_u:system_r:unconfined_service_t:s0 msg='op=start conn-name="ikev1" connstate=2, satype=ipsec-esp samode=tunnel cipher=AES ksize=128 integ=HMAC_SHA1 in-spi=DEC(HEX) out-spi=DEC(HEX) in-spi=DEC(HEX) out-spi=DEC(HEX) raddr=192.1.2.45 exe="PATH/libexec/ipsec/pluto" hostname=? addr=192.1.2.23 terminal=? res=success'^]UID="root" AUID="unset"
type=CRYPTO_IPSEC_SA msg=audit(XXX): pid=PID uid=0 auid=AUID ses=SES subj=system_u:system_r:unconfined_service_t:s0 msg='op=destroy conn-name="ikev1" connstate=2, satype=ipsec-esp samode=tunnel cipher=AES ksize=128 integ=HMAC_SHA1 in-spi=DEC(HEX) out-spi=DEC(HEX) in-spi=DEC(HEX) out-spi=DEC(HEX) raddr=192.1.2.45 exe="PATH/libexec/ipsec/pluto" hostname=? addr=192.1.2.23 terminal=? res=success'^]UID="root" AUID="unset"
type=CRYPTO_IKE_SA msg=audit(XXX): pid=PID uid=0 auid=AUID ses=SES subj=system_u:system_r:unconfined_service_t:s0 msg='op=destroy direction=responder conn-name="ikev1" connstate=1 ike-version=1 auth=RSA_SIG cipher=aes ksize=256 integ=sha1 prf=sha1 pfs=MODP1536 raddr=192.1.2.45 exe="PATH/libexec/ipsec/pluto" hostname=? addr=192.1.2.23 terminal=? res=success'^]UID="root" AUID="unset"
type=CRYPTO_IKE_SA msg=audit(XXX): pid=PID uid=0 auid=AUID ses=SES subj=system_u:system_r:unconfined_service_t:s0 msg='op=start direction=responder conn-name="ikev1-aggr" connstate=3 ike-version=1 auth=RSA_SIG cipher=aes ksize=256 integ=sha1 prf=sha1 pfs=MODP1536 raddr=192.1.2.45 exe="PATH/libexec/ipsec/pluto" hostname=? addr=192.1.2.23 terminal=? res=success'^]UID="root" AUID="unset"
type=CRYPTO_IPSEC_SA msg=audit(XXX): pid=PID uid=0 auid=AUID ses=SES subj=system_u:system_r:unconfined_service_t:s0 msg='op=start conn-name="ikev1" connstate=4, satype=ipsec-esp samode=tunnel cipher=AES ksize=128 integ=HMAC_SHA1 in-spi=DEC(HEX) out-spi=DEC(HEX) in-spi=DEC(HEX) out-spi=DEC(HEX) raddr=192.1.2.45 exe="PATH/libexec/ipsec/pluto" hostname=? addr=192.1.2.23 terminal=? res=success'^]UID="root" AUID="unset"
type=CRYPTO_IPSEC_SA msg=audit(XXX): pid=PID uid=0 auid=AUID ses=SES subj=system_u:system_r:unconfined_service_t:s0 msg='op=destroy conn-name="ikev1" connstate=4, satype=ipsec-esp samode=tunnel cipher=AES ksize=128 integ=HMAC_SHA1 in-spi=DEC(HEX) out-spi=DEC(HEX) in-spi=DEC(HEX) out-spi=DEC(HEX) raddr=192.1.2.45 exe="PATH/libexec/ipsec/pluto" hostname=? addr=192.1.2.23 terminal=? res=success'^]UID="root" AUID="unset"
type=CRYPTO_IKE_SA msg=audit(XXX): pid=PID uid=0 auid=AUID ses=SES subj=system_u:system_r:unconfined_service_t:s0 msg='op=destroy direction=responder conn-name="ikev1-aggr" connstate=3 ike-version=1 auth=RSA_SIG cipher=aes ksize=256 integ=sha1 prf=sha1 pfs=MODP1536 raddr=192.1.2.45 exe="PATH/libexec/ipsec/pluto" hostname=? addr=192.1.2.23 terminal=? res=success'^]UID="root" AUID="unset"
east #
 
