/testing/guestbin/swan-prep  --x509
Preparing X.509 files
east #
 certutil -D -n road -d sql:/etc/ipsec.d
east #
 certutil -D -n east -d sql:/etc/ipsec.d
east #
 cp east-ikev2-oe.conf /etc/ipsec.d/ikev2-oe.conf
east #
 cp policies/* /etc/ipsec.d/policies/
east #
 echo "192.1.3.0/24"  >> /etc/ipsec.d/policies/private-or-clear
east #
 ipsec start
Redirecting to: systemctl start ipsec.service
east #
 /testing/pluto/bin/wait-until-pluto-started
east #
 ipsec whack --debug-all --impair-retransmits
east #
 # give OE policies time to load
east #
 sleep 5
east #
 echo "initdone"
initdone
east #
 # A tunnel should have established with non-zero byte counters
east #
 ipsec whack --trafficstatus
006 #2: "private-or-clear#192.1.3.0/24"[1] ...192.1.3.209, type=ESP, add_time=1234567890, inBytes=168, outBytes=168, id='C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=road.testing.libreswan.org, E=testing@libreswan.org'
east #
 grep "negotiated connection" /tmp/pluto.log
"private-or-clear#192.1.3.0/24"[1] ...192.1.3.209 #2: negotiated connection [192.1.2.23,192.1.2.23:0-65535 0] -> [192.1.3.209,192.1.3.209:0-65535 0]
east #
 # you should see both RSA and NULL
east #
 grep IKEv2_AUTH_ OUTPUT/*pluto.log
OUTPUT/east.pluto.log:|    auth method: IKEv2_AUTH_RSA (0x1)
OUTPUT/east.pluto.log:|    auth method: IKEv2_AUTH_NULL (0xd)
OUTPUT/road.pluto.log:|    auth method: IKEv2_AUTH_RSA (0x1)
OUTPUT/road.pluto.log:|    auth method: IKEv2_AUTH_NULL (0xd)
east #
east #
 if [ -n "`ls /tmp/core* 2>/dev/null`" ]; then echo CORE FOUND; mv /tmp/core* OUTPUT/; fi
east #
 if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi

