east:~#
 route delete -net 192.0.1.0 netmask 255.255.255.0
east:~#
 route delete -net default
east:~#
 route add -net default gw 192.1.2.45
east:~#
 arp -an
east:~#
 ipsec setup start
ipsec_setup: Starting Libreswan IPsec VERSION
east:~#
 /testing/pluto/bin/wait-until-pluto-started
east:~#
 ipsec auto --add block
east:~#
 ipsec whack --listen
002 listening for IKE messages
002 forgetting secrets
002 loading secrets from "/etc/ipsec.secrets"
002 loaded private key for keyid: PPK_RSA:ADEADBEEF
002 loaded private key for keyid: PPK_RSA:ADEADBEEF
002 loading group "/etc/ipsec.d/policies/block"
east:~#
 ipsec auto --route block
east:~#
 echo end
end
east:~#
 ping -c 1 -n 192.1.2.45
PING 192.1.2.45 (192.1.2.45): 56 data bytes
64 bytes from 192.1.2.45: icmp_seq=0 ttl=257 time=999 ms

--- 192.1.2.45 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 3.1/4.5/9.26 ms
east:~#
 ping -c 8 -n 192.0.1.3
PING 192.0.1.3 (192.0.1.3): 56 data bytes

--- 192.0.1.3 ping statistics ---
8 packets transmitted, 0 packets received, 100% packet loss
east:~#
 ping -c 1 -n 192.1.2.45
PING 192.1.2.45 (192.1.2.45): 56 data bytes
64 bytes from 192.1.2.45: icmp_seq=0 ttl=257 time=999 ms

--- 192.1.2.45 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 3.1/4.5/9.26 ms
east:~#
 ipsec look
east NOW
0.0.0.0/0          -> 0.0.0.0/0          => %trap
192.1.2.23/32      -> 192.0.1.0/24       => %reject
ipsec0->eth1 mtu=16260(9999)->1500
ROUTING TABLE
192.1.2.0/24 dev eth1  proto kernel  scope link  src 192.1.2.23
192.1.2.0/24 dev ipsec0  proto kernel  scope link  src 192.1.2.23
192.0.1.0/24 dev ipsec0  scope link 
0.0.0.0/1 via 192.1.2.45 dev ipsec0
128.0.0.0/1 via 192.1.2.45 dev ipsec0
default via 192.1.2.45 dev eth1
east:~#
 echo end
end
east:~#
 

east:~#
 ipsec setup stop
IPSEC EVENT: KLIPS device ipsec0 shut down.
ipsec_setup: Stopping Libreswan IPsec...
east:~#
 kill `cat /var/run/klogd.pid`; cat /tmp/klog.log
klogd 1.3-3#33.1, log source = /proc/kmsg started.
east:~#
 halt -p -f
System halted.


