/testing/guestbin/swan-prep
east #
 setenforce 1
east #
 echo ': PSK "ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"' >> /etc/ipsec.secrets
east #
 ipsec start
Redirecting to: [initsystem]
east #
 /testing/pluto/bin/wait-until-pluto-started
east #
 ipsec auto --add ikev1
002 added IKEv1 connection "ikev1"
east #
 ipsec auto --add ikev1-aggr
002 added IKEv1 connection "ikev1-aggr"
east #
 ipsec auto --add ikev2
002 added IKEv2 connection "ikev2"
east #
 echo "initdone"
initdone
east #
 ipsec stop
Redirecting to: [initsystem]
east #
 grep -E -i "IKE|ipsec-" /var/log/audit/audit.log
type=CRYPTO_IKE_SA msg=audit(XXX): pid=PID uid=0 auid=AUID ses=SES subj=system_u:system_r:unconfined_service_t:s0 msg='op=start direction=responder conn-name="ikev1" connstate=1 ike-version=1 auth=RSA_SIG cipher=none ksize=0 integ=none prf=none pfs=none raddr=192.1.2.45 exe="PATH/libexec/ipsec/pluto" hostname=? addr=192.1.2.23 terminal=? res=failed'^]UID="root" AUID="unset"
type=CRYPTO_IKE_SA msg=audit(XXX): pid=PID uid=0 auid=AUID ses=SES subj=system_u:system_r:unconfined_service_t:s0 msg='op=start direction=responder conn-name="ikev1" connstate=2 ike-version=1 auth=RSA_SIG cipher=none ksize=0 integ=none prf=none pfs=none raddr=192.1.2.45 exe="PATH/libexec/ipsec/pluto" hostname=? addr=192.1.2.23 terminal=? res=failed'^]UID="root" AUID="unset"
type=CRYPTO_IKE_SA msg=audit(XXX): pid=PID uid=0 auid=AUID ses=SES subj=system_u:system_r:unconfined_service_t:s0 msg='op=start direction=responder conn-name="ikev1-aggr" connstate=3 ike-version=1 auth=RSA_SIG cipher=aes ksize=256 integ=sha1 prf=sha1 pfs=MODP1536 raddr=192.1.2.45 exe="PATH/libexec/ipsec/pluto" hostname=? addr=192.1.2.23 terminal=? res=failed'^]UID="root" AUID="unset"
type=CRYPTO_IKE_SA msg=audit(XXX): pid=PID uid=0 auid=AUID ses=SES subj=system_u:system_r:unconfined_service_t:s0 msg='op=start direction=responder conn-name="ikev2" connstate=5 ike-version=2.0 auth=RSA_SIG cipher=aes_gcm_16 ksize=256 integ=none prf=sha512 pfs=MODP2048 raddr=192.1.2.45 exe="PATH/libexec/ipsec/pluto" hostname=? addr=192.1.2.23 terminal=? res=failed'^]UID="root" AUID="unset"
type=CRYPTO_IKE_SA msg=audit(XXX): pid=PID uid=0 auid=AUID ses=SES subj=system_u:system_r:unconfined_service_t:s0 msg='op=start direction=responder conn-name="ikev1-aggr" connstate=4 ike-version=1 auth=RSA_SIG cipher=aes ksize=256 integ=sha1 prf=sha1 pfs=MODP1536 raddr=192.1.2.45 exe="PATH/libexec/ipsec/pluto" hostname=? addr=192.1.2.23 terminal=? res=failed'^]UID="root" AUID="unset"
type=CRYPTO_IKE_SA msg=audit(XXX): pid=PID uid=0 auid=AUID ses=SES subj=system_u:system_r:unconfined_service_t:s0 msg='op=start direction=responder conn-name="ikev1" connstate=2 ike-version=1 auth=RSA_SIG cipher=none ksize=0 integ=none prf=none pfs=none raddr=192.1.2.45 exe="PATH/libexec/ipsec/pluto" hostname=? addr=192.1.2.23 terminal=? res=failed'^]UID="root" AUID="unset"
type=CRYPTO_IKE_SA msg=audit(XXX): pid=PID uid=0 auid=AUID ses=SES subj=system_u:system_r:unconfined_service_t:s0 msg='op=start direction=responder conn-name="ikev1" connstate=1 ike-version=1 auth=RSA_SIG cipher=none ksize=0 integ=none prf=none pfs=none raddr=192.1.2.45 exe="PATH/libexec/ipsec/pluto" hostname=? addr=192.1.2.23 terminal=? res=failed'^]UID="root" AUID="unset"
east #
 ../bin/check-for-core.sh
east #
 if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi
east #
 
