This recipes are the base for all n2n ipsec tests.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
--- /dev/null
+# This contains the basic network configuration for all vpn-tests
+include: ../include/make-install
+include: ../include/network-settings
+include: ../include/network-reset
+include: ../include/alice-port-vars
+include: ../include/bob-port-vars
+all: network zone new upl0 bridge
+all: network zone new upl1 bridge
+all: network zone new net0 bridge
+all: network zone new net1 bridge
+all: network zone upl0 port attach ${p_net1}
+all: network zone upl1 port attach ${p_net2}
+# Attach dummy ports to all net*
+all: network port new dummy
+all: network port new dummy
+all: network zone net0 port attach d0
+all: network zone net1 port attach d1
+# Bring everyting up
+all: network zone upl0 up
+all: network zone upl1 up
+all: network zone net0 up
+all: network zone net1 up
+all: network status
+# IP config
+alice: network zone upl0 config new static 192.168.122.2/24
+alice: network zone upl1 config new static 2001:470:6ef3:1::1/64
+alice: network zone net0 config new static 192.168.200.1/24
+alice: network zone net1 config new static 2001:470:6ef3::1/64
+bob: network zone upl0 config new static 192.168.122.3/24
+bob: network zone upl1 config new static 2001:470:6ef3:1::2/64
+bob: network zone net0 config new static 192.168.201.1/24
+bob: network zone net1 config new static 2001:470:6ef3:2::1/64
+# Simple ping test
+alice: ping -c 5 192.168.122.3
+alice: ping6 -c 5 2001:470:6ef3:1::1
+bob: ping -c 5 192.168.122.2
+bob: ping6 -c 5 2001:470:6ef3:1::2
\ No newline at end of file
--- /dev/null
+# A basic vpn connection with some common config values set
+all: network vpn ipsec connection new basic
+all: network vpn ipsec connection basic authentication mode PSK
+all: network vpn ipsec connection basic authentication pre-shared-key "12345678"
+all: network vpn ipsec connection basic security-policy "system"
--- /dev/null
+alice: network vpn ipsec connection basic peer 192.168.122.3
+bob: network vpn ipsec connection basic peer 192.168.122.2
\ No newline at end of file
--- /dev/null
+alice: network vpn ipsec connection basic peer 2001:470:6ef3:1::2
+bob: network vpn ipsec connection basic peer 2001:470:6ef3:1::1
\ No newline at end of file
--- /dev/null
+# This recipe tests if the vpn connection is working by pinging the remote subnet
+alice: ping -c 5 192.168.201.1
+bob: ping -c 5 192.168.200.1
\ No newline at end of file
--- /dev/null
+# This recipe tests if the vpn connection is working by pinging the remote subnet
+alice: ping6 -c 5 2001:470:6ef3:2::1
+bob: ping6 -c 5 2001:470:6ef3::1
\ No newline at end of file
--- /dev/null
+# This recipe tests if the vpn connection is working by pinging the remote subnet
+alice: ping -c 5 192.168.201.1
+bob: ping -c 5 192.168.200.1
+alice: ping6 -c 5 2001:470:6ef3:2::1
+bob: ping6 -c 5 2001:470:6ef3::1
\ No newline at end of file
--- /dev/null
+alice: network vpn ipsec connection basic local prefix 192.168.200.0/24
+alice: network vpn ipsec connection basic remote prefix 192.168.201.0/24
+bob: network vpn ipsec connection basic local prefix 192.168.201.0/24
+bob: network vpn ipsec connection basic remote prefix 192.168.200.0/24
\ No newline at end of file
--- /dev/null
+alice: network vpn ipsec connection basic local prefix 2001:470:6ef3::/64
+alice: network vpn ipsec connection basic remote prefix 2001:470:6ef3:2::/64
+bob: network vpn ipsec connection basic local prefix 2001:470:6ef3:2::/64
+bob: network vpn ipsec connection basic remote prefix 2001:470:6ef3::/64
\ No newline at end of file
--- /dev/null
+alice: network vpn ipsec connection basic local prefix 192.168.200.0/24 2001:470:6ef3::/64
+alice: network vpn ipsec connection basic remote prefix 192.168.201.0/24 2001:470:6ef3:2::/64
+bob: network vpn ipsec connection basic local prefix 192.168.201.0/24 2001:470:6ef3:2::/64
+bob: network vpn ipsec connection basic remote prefix 192.168.200.0/24 2001:470:6ef3::/64
\ No newline at end of file
--- /dev/null
+# Check that the package are routed through the vti device
+all: [[ 0 != $(cat /sys/class/net/ipsec-basic/statistics/tx_packets) ]]
+all: [[ 0 != $(cat /sys/class/net/ipsec-basic/statistics/rx_packets) ]]
\ No newline at end of file