/testing/guestbin/swan-prep
east #
 ipsec start
Redirecting to: [initsystem]
east #
 /testing/pluto/bin/wait-until-pluto-started
east #
 ipsec whack --impair replay-forward
east #
 ipsec auto --add westnet-eastnet
002 "westnet-eastnet": added IKEv2 connection
east #
 echo "initdone"
initdone
east #
 ../../pluto/bin/ipsec-look.sh
east NOW
XFRM state:
XFRM policy:
src 192.0.2.0/24 dst 192.0.1.0/24
	dir out priority 2084814 ptype main
	tmpl src 0.0.0.0 dst 0.0.0.0
		proto esp reqid REQID mode transport
XFRM done
IPSEC mangle TABLES
NEW_IPSEC_CONN mangle TABLES
ROUTING TABLES
default via 192.1.2.254 dev eth1
192.0.1.0/24 via 192.1.2.45 dev eth1
192.0.2.0/24 dev eth0 proto kernel scope link src 192.0.2.254
192.1.2.0/24 dev eth1 proto kernel scope link src 192.1.2.23
NSS_CERTIFICATES
Certificate Nickname                                         Trust Attributes
                                                             SSL,S/MIME,JAR/XPI
east #
 sed -n -e '/IMPAIR: start processing replay forward/,/IMPAIR: stop processing replay forward/ { /^[^|]/ p }' /tmp/pluto.log | grep -v 'message arrived'
packet from 192.1.2.45:500: IMPAIR: start processing replay forward: packet 1 of 1 (842 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
"westnet-eastnet": local IKE proposals (IKE SA responder matching remote proposals): 
"westnet-eastnet":   1:IKE=AES_GCM_C_256-HMAC_SHA2_512+HMAC_SHA2_256-NONE-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
"westnet-eastnet":   2:IKE=AES_GCM_C_128-HMAC_SHA2_512+HMAC_SHA2_256-NONE-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
"westnet-eastnet":   3:IKE=AES_CBC_256-HMAC_SHA2_512+HMAC_SHA2_256-HMAC_SHA2_512_256+HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
"westnet-eastnet":   4:IKE=AES_CBC_128-HMAC_SHA2_512+HMAC_SHA2_256-HMAC_SHA2_512_256+HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
"westnet-eastnet" #1: proposal 1:IKE=AES_GCM_C_256-HMAC_SHA2_512-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519[first-match] 2:IKE:ENCR=AES_GCM_C_128;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519 3:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519 4:IKE:ENCR=AES_CBC_128;PRF=HMAC_SHA2_512;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048;DH=MODP3072;DH=MODP4096;DH=MODP8192;DH=ECP_256;DH=ECP_384;DH=ECP_521;DH=CURVE25519
packet from 192.1.2.45:500: IMPAIR: stop processing replay forward: packet 1 of 1
packet from 192.1.2.45:500: IMPAIR: start processing replay forward: packet 1 of 2 (842 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
"westnet-eastnet" #1: received duplicate IKE_SA_INIT message request (Message ID 0); retransmitting response
packet from 192.1.2.45:500: IMPAIR: stop processing replay forward: packet 1 of 2
packet from 192.1.2.45:500: IMPAIR: start processing replay forward: packet 2 of 2 (539 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
packet from 192.1.2.45:500: IMPAIR: stop processing replay forward: packet 2 of 2
packet from 192.1.2.45:500: IMPAIR: start processing replay forward: packet 1 of 3 (842 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
"westnet-eastnet" #1: received duplicate IKE_SA_INIT message request (Message ID 0); retransmitting response
packet from 192.1.2.45:500: IMPAIR: stop processing replay forward: packet 1 of 3
packet from 192.1.2.45:500: IMPAIR: start processing replay forward: packet 2 of 3 (539 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
packet from 192.1.2.45:500: IMPAIR: stop processing replay forward: packet 2 of 3
packet from 192.1.2.45:500: IMPAIR: start processing replay forward: packet 3 of 3 (169 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
packet from 192.1.2.45:500: IMPAIR: stop processing replay forward: packet 3 of 3
packet from 192.1.2.45:500: IMPAIR: start processing replay forward: packet 1 of 4 (842 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
"westnet-eastnet" #1: received too old retransmit: 0 < 1
packet from 192.1.2.45:500: IMPAIR: stop processing replay forward: packet 1 of 4
packet from 192.1.2.45:500: IMPAIR: start processing replay forward: packet 2 of 4 (539 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
"westnet-eastnet" #1: received duplicate IKE_AUTH message request (Message ID 1, fragment 1); retransmitting response
packet from 192.1.2.45:500: IMPAIR: stop processing replay forward: packet 2 of 4
packet from 192.1.2.45:500: IMPAIR: start processing replay forward: packet 3 of 4 (169 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
packet from 192.1.2.45:500: IMPAIR: stop processing replay forward: packet 3 of 4
packet from 192.1.2.45:500: IMPAIR: start processing replay forward: packet 4 of 4 (69 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
"westnet-eastnet" #1: received Delete SA payload: delete CHILD SA #2 now
"westnet-eastnet" #2: deleting state (STATE_V2_ESTABLISHED_CHILD_SA) and NOT sending notification
"westnet-eastnet" #2: ESP traffic information: in=336B out=336B
"westnet-eastnet" #1: established IKE SA
packet from 192.1.2.45:500: IMPAIR: stop processing replay forward: packet 4 of 4
packet from 192.1.2.45:500: IMPAIR: start processing replay forward: packet 1 of 5 (842 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
"westnet-eastnet" #1: received too old retransmit: 0 < 2
packet from 192.1.2.45:500: IMPAIR: stop processing replay forward: packet 1 of 5
packet from 192.1.2.45:500: IMPAIR: start processing replay forward: packet 2 of 5 (539 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
"westnet-eastnet" #1: received too old retransmit: 1 < 2
packet from 192.1.2.45:500: IMPAIR: stop processing replay forward: packet 2 of 5
packet from 192.1.2.45:500: IMPAIR: start processing replay forward: packet 3 of 5 (169 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
"westnet-eastnet" #1: received too old retransmit: 1 < 2
packet from 192.1.2.45:500: IMPAIR: stop processing replay forward: packet 3 of 5
packet from 192.1.2.45:500: IMPAIR: start processing replay forward: packet 4 of 5 (69 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
"westnet-eastnet" #1: received duplicate INFORMATIONAL message request (Message ID 2); retransmitting response
packet from 192.1.2.45:500: IMPAIR: stop processing replay forward: packet 4 of 5
packet from 192.1.2.45:500: IMPAIR: start processing replay forward: packet 5 of 5 (65 bytes)
"westnet-eastnet" #1: IMPAIR: processing a fake (cloned) message
"westnet-eastnet" #1: deleting state (STATE_V2_ESTABLISHED_IKE_SA) and NOT sending notification
packet from 192.1.2.45:500: IMPAIR: stop processing replay forward: packet 5 of 5
east #
 ../bin/check-for-core.sh
east #
 if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi
east #
 
