/testing/guestbin/swan-prep  --x509
Preparing X.509 files
east #
 certutil -D -n road -d sql:/etc/ipsec.d
east #
 cp east-ikev2-oe.conf /etc/ipsec.d/ikev2-oe.conf
east #
 cp policies/* /etc/ipsec.d/policies/
east #
 echo "192.1.3.0/24"  >> /etc/ipsec.d/policies/private-or-clear
east #
 ipsec start
Redirecting to: systemctl start ipsec.service
east #
 /testing/pluto/bin/wait-until-pluto-started
east #
 ipsec whack --impair retransmits
east #
 # give OE policies time to load
east #
 sleep 5
east #
 ipsec status | grep "our auth" | grep private
000 "clear-or-private":   our auth:rsasig, their auth:rsasig
000 "private":   our auth:rsasig, their auth:rsasig
000 "private-or-clear":   our auth:rsasig, their auth:rsasig
000 "private-or-clear#192.1.3.0/24":   our auth:rsasig, their auth:rsasig
000 "private-or-clear-all":   our auth:rsasig, their auth:rsasig
east #
 echo "initdone"
initdone
east #
 # Authentication should be AUTH_NULL
east #
 hostname | grep nic > /dev/null || grep Authenticated /tmp/pluto.log
"private-or-clear#192.1.3.0/24"[1] ...192.1.3.209 #1: Authenticated using authby=null
east #
east #
 ../bin/check-for-core.sh
east #
 if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi

