diff options
author | Martin Willi <martin@revosec.ch> | 2014-11-18 11:33:28 +0100 |
---|---|---|
committer | Martin Willi <martin@revosec.ch> | 2015-02-20 16:34:54 +0100 |
commit | 9ed09d5f771727a05df20df9a1cd0f48af9cef40 (patch) | |
tree | 20d58ce15ade365a64b12631b949404aade9935b /testing/tests/ikev2/host2host-transport-connmark/test.conf | |
parent | 15f392d9edbad4c062a5de64850d91080842cf08 (diff) | |
download | strongswan-9ed09d5f771727a05df20df9a1cd0f48af9cef40.tar.bz2 strongswan-9ed09d5f771727a05df20df9a1cd0f48af9cef40.tar.xz |
testing: Add a connmark plugin test
In this test two hosts establish a transport mode connection from behind
moon. sun uses the connmark plugin to distinguish the flows.
This is an example that shows how one can terminate L2TP/IPsec connections
from two hosts behind the same NAT. For simplification of the test, we use
an SSH connection instead, but this works for any connection initiated flow
that conntrack can track.
Diffstat (limited to 'testing/tests/ikev2/host2host-transport-connmark/test.conf')
-rw-r--r-- | testing/tests/ikev2/host2host-transport-connmark/test.conf | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/testing/tests/ikev2/host2host-transport-connmark/test.conf b/testing/tests/ikev2/host2host-transport-connmark/test.conf new file mode 100644 index 000000000..8c2facefd --- /dev/null +++ b/testing/tests/ikev2/host2host-transport-connmark/test.conf @@ -0,0 +1,21 @@ +#!/bin/bash +# +# This configuration file provides information on the +# guest instances used for this test + +# All guest instances that are required for this test +# +VIRTHOSTS="alice moon winnetou sun" + +# Corresponding block diagram +# +DIAGRAM="a-m-w-s-b.png" + +# Guest instances on which tcpdump is to be started +# +TCPDUMPHOSTS="sun alice venus moon" + +# Guest instances on which IPsec is started +# Used for IPsec logging purposes +# +IPSECHOSTS="alice venus sun" |