/testing/guestbin/swan-prep
east #
 ipsec start
Redirecting to: systemctl start ipsec.service
east #
 /testing/pluto/bin/wait-until-pluto-started
east #
 ipsec whack --impair replay-forward
east #
 ipsec auto --add westnet-eastnet
002 added connection description "westnet-eastnet"
east #
 echo "initdone"
initdone
east #
 ../../pluto/bin/ipsec-look.sh
east NOW
XFRM state:
XFRM policy:
src 192.0.2.0/24 dst 192.0.1.0/24
	dir out priority 1042407 ptype main
	tmpl src 0.0.0.0 dst 0.0.0.0
		proto esp reqid REQID mode transport
XFRM done
IPSEC mangle TABLES
NEW_IPSEC_CONN mangle TABLES
ROUTING TABLES
default via 192.1.2.254 dev eth1
192.0.1.0/24 via 192.1.2.45 dev eth1
192.0.2.0/24 dev eth0 proto kernel scope link src 192.0.2.254
192.1.2.0/24 dev eth1 proto kernel scope link src 192.1.2.23
192.9.2.0/24 dev eth2 proto kernel scope link src 192.9.2.23
NSS_CERTIFICATES
Certificate Nickname                                         Trust Attributes
                                                             SSL,S/MIME,JAR/XPI
east #
 sed -n -e '/IMPAIR: start processing replay forward/,/IMPAIR: stop processing replay forward/ { /^[^|]/ p }' /tmp/pluto.log | grep -v 'message arrived'
IMPAIR: start processing replay forward: packet 1 of 1 (828 bytes)
packet from 192.1.2.45:500: IMPAIR: processing a fake (cloned) message
"westnet-eastnet" #1: proposal 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512;DH=MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519[first-match] 2:IKE:ENCR=AES_GCM_C_128;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519 3:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519 4:IKE:ENCR=AES_CBC_128;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519
IMPAIR: stop processing replay forward: packet 1 of 1
IMPAIR: start processing replay forward: packet 1 of 2 (828 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
"westnet-eastnet" #1: received duplicate IKE_SA_INIT message request (Message ID 0); retransmitting response
IMPAIR: stop processing replay forward: packet 1 of 2
IMPAIR: start processing replay forward: packet 2 of 2 (539 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
IMPAIR: stop processing replay forward: packet 2 of 2
IMPAIR: start processing replay forward: packet 1 of 3 (828 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
"westnet-eastnet" #1: received duplicate IKE_SA_INIT message request (Message ID 0); retransmitting response
IMPAIR: stop processing replay forward: packet 1 of 3
IMPAIR: start processing replay forward: packet 2 of 3 (539 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
IMPAIR: stop processing replay forward: packet 2 of 3
IMPAIR: start processing replay forward: packet 3 of 3 (141 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
IMPAIR: stop processing replay forward: packet 3 of 3
IMPAIR: start processing replay forward: packet 1 of 4 (828 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
"westnet-eastnet" #1: received too old retransmit: 0 < 1
IMPAIR: stop processing replay forward: packet 1 of 4
IMPAIR: start processing replay forward: packet 2 of 4 (539 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
"westnet-eastnet" #1: received duplicate IKE_AUTH message request (Message ID 1, fragment 1); retransmitting response
IMPAIR: stop processing replay forward: packet 2 of 4
IMPAIR: start processing replay forward: packet 3 of 4 (141 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
IMPAIR: stop processing replay forward: packet 3 of 4
IMPAIR: start processing replay forward: packet 4 of 4 (69 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
"westnet-eastnet" #1: received Delete SA payload: delete IPsec State #2 now
"westnet-eastnet" #2: deleting other state #2 (STATE_V2_IPSEC_R) and NOT sending notification
"westnet-eastnet" #2: ESP traffic information: in=336B out=336B
"westnet-eastnet" #1: STATE_PARENT_R2: received v2I2, PARENT SA established
IMPAIR: stop processing replay forward: packet 4 of 4
IMPAIR: start processing replay forward: packet 1 of 5 (828 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
"westnet-eastnet" #1: received too old retransmit: 0 < 2
IMPAIR: stop processing replay forward: packet 1 of 5
IMPAIR: start processing replay forward: packet 2 of 5 (539 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
"westnet-eastnet" #1: received too old retransmit: 1 < 2
IMPAIR: stop processing replay forward: packet 2 of 5
IMPAIR: start processing replay forward: packet 3 of 5 (141 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
"westnet-eastnet" #1: received too old retransmit: 1 < 2
IMPAIR: stop processing replay forward: packet 3 of 5
IMPAIR: start processing replay forward: packet 4 of 5 (69 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
"westnet-eastnet" #1: received duplicate INFORMATIONAL message request (Message ID 2); retransmitting response
IMPAIR: stop processing replay forward: packet 4 of 5
IMPAIR: start processing replay forward: packet 5 of 5 (65 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
"westnet-eastnet" #1: deleting state (STATE_IKESA_DEL) and NOT sending notification
IMPAIR: stop processing replay forward: packet 5 of 5
east #
east #
 ../bin/check-for-core.sh
east #
 if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi

