From: Andreas Steffen <andreas.steffen@strongswan.org>
Date: Wed, 18 Jun 2014 12:35:36 +0000 (+0200)
Subject: Minor changes in swanctl scenarios
X-Git-Tag: 5.2.0rc1~39
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4402bae77d78f0fa4e36f73134e9f332b9ae324a;p=thirdparty%2Fstrongswan.git

Minor changes in swanctl scenarios
---

diff --git a/testing/tests/swanctl/ip-pool-db/description.txt b/testing/tests/swanctl/ip-pool-db/description.txt
index 7bc4ef3ab6..9774e573bb 100755
--- a/testing/tests/swanctl/ip-pool-db/description.txt
+++ b/testing/tests/swanctl/ip-pool-db/description.txt
@@ -4,7 +4,7 @@ by using the <b>leftsourceip=%config</b> parameter. The gateway <b>moon</b> assi
 addresses from a pool named <b>bigpool</b> that was created in an SQL database by the command
 <b>ipsec pool --name bigpool --start 10.3.0.1 --end 10.3.3.232 --timeout 0</b>.
 <p>
-<b>leftfirewall=yes</b> automatically inserts iptables-based firewall rules that let pass the
+The updown script automatically inserts iptables-based firewall rules that let pass the
 tunneled traffic. In order to test the tunnels, <b>carol</b> and <b>dave</b> then ping the client
 <b>alice</b> behind the gateway <b>moon</b>. The source IP addresses of the two pings will be the
 virtual IPs <b>carol1</b> and <b>dave1</b>, respectively.
diff --git a/testing/tests/swanctl/ip-pool/description.txt b/testing/tests/swanctl/ip-pool/description.txt
index fc3f8c63a0..23cab8e8f2 100755
--- a/testing/tests/swanctl/ip-pool/description.txt
+++ b/testing/tests/swanctl/ip-pool/description.txt
@@ -4,7 +4,7 @@ by using the <b>leftsourceip=%config</b> parameter. The gateway <b>moon</b> assi
 IP addresses from a simple pool defined by <b>rightsourceip=10.3.0.0/28</b> in a monotonously
 increasing order. 
 <p>
-<b>leftfirewall=yes</b> automatically inserts iptables-based firewall rules that let pass
+<b>The updown script automatically inserts iptables-based firewall rules that let pass
 the tunneled traffic. In order to test the tunnels, <b>carol</b> and <b>dave</b> then ping
 the client <b>alice</b> behind the gateway <b>moon</b>. The source IP addresses of the two
 pings will be the virtual IPs <b>carol1</b> and <b>dave1</b>, respectively.
diff --git a/testing/tests/swanctl/net2net-cert/description.txt b/testing/tests/swanctl/net2net-cert/description.txt
index 6ab45c0657..345769a5f4 100755
--- a/testing/tests/swanctl/net2net-cert/description.txt
+++ b/testing/tests/swanctl/net2net-cert/description.txt
@@ -1,6 +1,6 @@
 A connection between the subnets behind the gateways <b>moon</b> and <b>sun</b> is set up.
 The authentication is based on <b>X.509 certificates</b>. Upon the successful
-establishment of the IPsec tunnel, the updown scripts automatically
+establishment of the IPsec tunnel, the updown script automatically
 inserts iptables-based firewall rules that let pass the tunneled traffic.
 In order to test both tunnel and firewall, client <b>alice</b> behind gateway <b>moon</b>
 pings client <b>bob</b> located behind gateway <b>sun</b>.
diff --git a/testing/tests/swanctl/net2net-cert/hosts/moon/etc/swanctl/swanctl.conf b/testing/tests/swanctl/net2net-cert/hosts/moon/etc/swanctl/swanctl.conf
index 5dc5db5a36..2f0fd9da1e 100755
--- a/testing/tests/swanctl/net2net-cert/hosts/moon/etc/swanctl/swanctl.conf
+++ b/testing/tests/swanctl/net2net-cert/hosts/moon/etc/swanctl/swanctl.conf
@@ -26,6 +26,7 @@ connections {
       }
 
       version = 2
+      mobike = no
       reauth_time = 60m
       rekey_time =  20m
       proposals = aes128-sha256-modp2048
diff --git a/testing/tests/swanctl/net2net-cert/hosts/sun/etc/swanctl/swanctl.conf b/testing/tests/swanctl/net2net-cert/hosts/sun/etc/swanctl/swanctl.conf
index 66e4e29c78..e4c8556219 100755
--- a/testing/tests/swanctl/net2net-cert/hosts/sun/etc/swanctl/swanctl.conf
+++ b/testing/tests/swanctl/net2net-cert/hosts/sun/etc/swanctl/swanctl.conf
@@ -26,6 +26,7 @@ connections {
       }
 
       version = 2
+      mobike = no
       reauth_time = 60m
       rekey_time =  20m
       proposals = aes128-sha256-modp2048
diff --git a/testing/tests/swanctl/rw-cert/description.txt b/testing/tests/swanctl/rw-cert/description.txt
index 15b3822b5c..6af7a39ae2 100755
--- a/testing/tests/swanctl/rw-cert/description.txt
+++ b/testing/tests/swanctl/rw-cert/description.txt
@@ -1,6 +1,6 @@
 The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each 
 to gateway <b>moon</b>. The authentication is based on <b>X.509 certificates</b>.
-Upon the successful establishment of the IPsec tunnels, <b>leftfirewall=yes</b>
+Upon the successful establishment of the IPsec tunnels, the updown script
 automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
 In order to test both tunnel and firewall, both <b>carol</b> and <b>dave</b> ping
 the client <b>alice</b> behind the gateway <b>moon</b>.
diff --git a/testing/tests/swanctl/rw-psk-fqdn/hosts/carol/etc/swanctl/swanctl.conf b/testing/tests/swanctl/rw-psk-fqdn/hosts/carol/etc/swanctl/swanctl.conf
index 782b81b492..c113620b37 100755
--- a/testing/tests/swanctl/rw-psk-fqdn/hosts/carol/etc/swanctl/swanctl.conf
+++ b/testing/tests/swanctl/rw-psk-fqdn/hosts/carol/etc/swanctl/swanctl.conf
@@ -34,7 +34,8 @@ secrets {
 
    ike-moon {
       id = moon.strongswan.org
-      secret = 0sFpZAZqEN6Ti9sqt4ZP5EWcqx
+      # hex value equal to base64 0sFpZAZqEN6Ti9sqt4ZP5EWcqx
+      secret = 0x16964066a10de938bdb2ab7864fe4459cab1
    }
 }