east:~#
 TZ=GMT export TZ
east:~#
 ipsec spi --clear
east:~#
 ipsec eroute --clear
east:~#
 ipsec klipsdebug --set pfkey
east:~#
 ipsec eroute --add --eraf inet --src 192.1.2.23/32 --dst 192.0.1.0/24 --said %pass
east:~#
 ipsec tncfg --attach --virtual ipsec0 --physical eth1
east:~#
 ifconfig ipsec0 inet 192.1.2.23 netmask 0xffffff00 broadcast 192.1.2.255 up
east:~#
 arp -s 192.1.2.45 10:00:00:64:64:45
east:~#
 arp -s 192.1.2.254 10:00:00:64:64:45
east:~#
 ipsec look
east NOW
192.1.2.23/32      -> 192.0.1.0/24       => %pass (0)
ipsec0->eth1 mtu=16260(1500)->1500
ROUTING TABLE
east:~#
 route add -host 192.0.1.1 gw 192.1.2.45 dev ipsec0
east:~#
 /usr/obj/programs/ikeping/ikeping --verbose --wait 2 --inet 192.0.1.1 192.0.1.1 192.0.1.1 192.0.1.1
Sending packet to 192.0.1.1/500
Sending packet to 192.0.1.1/500
Sending packet to 192.0.1.1/500
Sending packet to 192.0.1.1/500
4 packets sent, 0 packets received. 100% packet loss
east:~#
 ipsec setup stop
IPSEC EVENT: KLIPS device ipsec0 shut down.
ipsec_setup: Stopping Libreswan IPsec...
ipsec_setup: stop ordered, but IPsec appears to be already stopped!
ipsec_setup: doing cleanup anyway...
east:~#
 kill `cat /var/run/klogd.pid`; cat /tmp/klog.log
klogd 1.3-3#33.1, log source = /proc/kmsg started.
east:~#
 halt -p -f
System halted.

klips_debug:pfkey_x_debug_process: set
klips_debug:pfkey_msg_interp: parsing message type 16(x-debug) with msg_parser 0pDEADF00D.
klips_debug:pfkey_x_msg_debug_parse: .
klips_debug:pfkey_release: sock=0pDEADF00D sk=0pDEADF00D
klips_debug:pfkey_destroy_socket: 0pDEADF00D
klips_debug:pfkey_remove_socket: 0pDEADF00D
klips_debug:pfkey_destroy_socket: pfkey_remove_socket called, sk=0pDEADF00D
klips_debug:pfkey_destroy_socket: sk(0pDEADF00D)->(&0pDEADF00D)receive_queue.{next=0pDEADF00D,prev=0pDEADF00D}.
klips_debug:pfkey_destroy_socket: destroyed.
klips_debug:pfkey_list_remove_socket: removing sock=0pDEADF00D
klips_debug:pfkey_list_remove_socket: removing sock=0pDEADF00D
klips_debug:pfkey_list_remove_socket: removing sock=0pDEADF00D
klips_debug:pfkey_list_remove_socket: removing sock=0pDEADF00D
klips_debug:pfkey_list_remove_socket: removing sock=0pDEADF00D
klips_debug:pfkey_list_remove_socket: removing sock=0pDEADF00D
klips_debug:pfkey_list_remove_socket: removing sock=0pDEADF00D
klips_debug:pfkey_list_remove_socket: removing sock=0pDEADF00D
klips_debug:pfkey_list_remove_socket: removing sock=0pDEADF00D
klips_debug:pfkey_list_remove_socket: removing sock=0pDEADF00D
klips_debug:pfkey_list_remove_socket: removing sock=0pDEADF00D
klips_debug:pfkey_list_remove_socket: removing sock=0pDEADF00D
klips_debug:pfkey_list_remove_socket: removing sock=0pDEADF00D
klips_debug:pfkey_release: succeeded.
klips_debug:pfkey_create: sock=0pDEADF00D type:3 state:1 flags:0 protocol:2
klips_debug:pfkey_create: sock->fasync_list=0pDEADF00D sk->sleep=0pDEADF00D.
klips_debug:pfkey_insert_socket: sk=0pDEADF00D
klips_debug:pfkey_list_insert_socket: allocating 8 bytes for socketp=0pDEADF00D
klips_debug:pfkey_create: Socket sock=0pDEADF00D sk=0pDEADF00D initialised.
klips_debug:pfkey_sendmsg: .
klips_debug:pfkey_sendmsg: allocating 184 bytes for downward message.
klips_debug:pfkey_sendmsg: msg sent for parsing.
klips_debug:pfkey_msg_interp: parsing message ver=2, type=14, errno=0, satype=11(INT), len=23, res=0, seq=1, pid=987.
klips_debug:pfkey_msg_interp: allocated extr->ips=0pDEADF00D.
klips_debug:pfkey_msg_interp: satype 11 lookups to proto=61.
klips_debug:pfkey_msg_parse: parsing message ver=2, type=14(x-addflow(eroute)), errno=0, satype=11(INT), len=23, res=0, seq=1, pid=987.
klips_debug:pfkey_msg_parse: satype 11(INT) conversion to proto gives 61 for msg_type 14(x-addflow(eroute)).
klips_debug:pfkey_msg_parse: remain=21
klips_debug:pfkey_msg_parse: extensions permitted=05e00c63, required=01e00043.
klips_debug:pfkey_msg_parse: parsing ext type=1(security-association) remain=21.
klips_debug:pfkey_msg_parse: remain=21 ext_type=1(security-association) ext_len=3 parsing ext 0pDEADF00D with parser pfkey_sa_parse.
klips_debug:pfkey_sa_parse: successfully found len=3 exttype=1(security-association) spi=00000100 replay=0 state=0 auth=0 encrypt=0 flags=0 ref=0.
klips_debug:pfkey_msg_parse: Extension 1(security-association) parsed.
klips_debug:pfkey_msg_parse: parsing ext type=5(source-address) remain=18.
klips_debug:pfkey_msg_parse: remain=18 ext_type=5(source-address) ext_len=3 parsing ext 0pDEADF00D with parser pfkey_address_parse.
klips_debug:pfkey_address_parse: found exttype=5(source-address) family=2(AF_INET) address=0.0.0.0 proto=0 port=0.
klips_debug:pfkey_address_parse: successful.
klips_debug:pfkey_msg_parse: Extension 5(source-address) parsed.
klips_debug:pfkey_msg_parse: parsing ext type=6(destination-address) remain=15.
klips_debug:pfkey_msg_parse: remain=15 ext_type=6(destination-address) ext_len=3 parsing ext 0pDEADF00D with parser pfkey_address_parse.
klips_debug:pfkey_address_parse: found exttype=6(destination-address) family=2(AF_INET) address=0.0.0.0 proto=0 port=0.
klips_debug:pfkey_address_parse: successful.
klips_debug:pfkey_msg_parse: Extension 6(destination-address) parsed.
klips_debug:pfkey_msg_parse: parsing ext type=21(X-source-flow-address) remain=12.
klips_debug:pfkey_msg_parse: remain=12 ext_type=21(X-source-flow-address) ext_len=3 parsing ext 0pDEADF00D with parser pfkey_address_parse.
klips_debug:pfkey_address_parse: found exttype=21(X-source-flow-address) family=2(AF_INET) address=192.1.2.23 proto=0 port=0.
klips_debug:pfkey_address_parse: successful.
klips_debug:pfkey_msg_parse: Extension 21(X-source-flow-address) parsed.
klips_debug:pfkey_msg_parse: parsing ext type=22(X-dest-flow-address) remain=9.
klips_debug:pfkey_msg_parse: remain=9 ext_type=22(X-dest-flow-address) ext_len=3 parsing ext 0pDEADF00D with parser pfkey_address_parse.
klips_debug:pfkey_address_parse: found exttype=22(X-dest-flow-address) family=2(AF_INET) address=192.0.1.0 proto=0 port=0.
klips_debug:pfkey_address_parse: successful.
klips_debug:pfkey_msg_parse: Extension 22(X-dest-flow-address) parsed.
klips_debug:pfkey_msg_parse: parsing ext type=23(X-source-mask) remain=6.
klips_debug:pfkey_msg_parse: remain=6 ext_type=23(X-source-mask) ext_len=3 parsing ext 0pDEADF00D with parser pfkey_address_parse.
klips_debug:pfkey_address_parse: found exttype=23(X-source-mask) family=2(AF_INET) address=255.255.255.255 proto=0 port=0.
klips_debug:pfkey_address_parse: successful.
klips_debug:pfkey_msg_parse: Extension 23(X-source-mask) parsed.
klips_debug:pfkey_msg_parse: parsing ext type=24(X-dest-mask) remain=3.
klips_debug:pfkey_msg_parse: remain=3 ext_type=24(X-dest-mask) ext_len=3 parsing ext 0pDEADF00D with parser pfkey_address_parse.
klips_debug:pfkey_address_parse: found exttype=24(X-dest-mask) family=2(AF_INET) address=255.255.255.0 proto=0 port=0.
klips_debug:pfkey_address_parse: successful.
klips_debug:pfkey_msg_parse: Extension 24(X-dest-mask) parsed.
klips_debug:pfkey_msg_parse: extensions permitted=05e00c63, seen=01e00063, required=01e00043.
klips_debug:pfkey_msg_interp: processing ext 1 0pDEADF00D with processor 0pDEADF00D.
klips_debug:pfkey_sa_process: .
klips_debug:pfkey_msg_interp: processing ext 5 0pDEADF00D with processor 0pDEADF00D.
klips_debug:pfkey_address_process:
klips_debug:pfkey_address_process: found address family=2, AF_INET, 0.0.0.0.
klips_debug:pfkey_address_process: found src address.
klips_debug:pfkey_address_process: allocating 16 bytes for saddr.
klips_debug:pfkey_address_process: successful.
klips_debug:pfkey_msg_interp: processing ext 6 0pDEADF00D with processor 0pDEADF00D.
klips_debug:pfkey_address_process:
klips_debug:pfkey_address_process: found address family=2, AF_INET, 0.0.0.0.
klips_debug:pfkey_address_process: found dst address.
klips_debug:pfkey_address_process: allocating 16 bytes for saddr.
klips_debug:pfkey_address_process: ips_said.dst set to 0.0.0.0.
klips_debug:pfkey_address_process: successful.
klips_debug:pfkey_msg_interp: processing ext 21 0pDEADF00D with processor 0pDEADF00D.
klips_debug:pfkey_address_process:
klips_debug:pfkey_address_process: found address family=2, AF_INET, 192.1.2.23.
klips_debug:pfkey_address_process: found src flow address.
klips_debug:pfkey_alloc_eroute: allocating 192 bytes for an eroute at 0pDEADF00D
klips_debug:pfkey_address_parse: extr->eroute set to 192.1.2.23/0:0->0.0.0.0/0:0
klips_debug:pfkey_address_process: successful.
klips_debug:pfkey_msg_interp: processing ext 22 0pDEADF00D with processor 0pDEADF00D.
klips_debug:pfkey_address_process:
klips_debug:pfkey_address_process: found address family=2, AF_INET, 192.0.1.0.
klips_debug:pfkey_address_process: found dst flow address.
klips_debug:pfkey_alloc_eroute: eroute struct already allocated
klips_debug:pfkey_address_parse: extr->eroute set to 192.1.2.23/0:0->192.0.1.0/0:0
klips_debug:pfkey_address_process: successful.
klips_debug:pfkey_msg_interp: processing ext 23 0pDEADF00D with processor 0pDEADF00D.
klips_debug:pfkey_address_process:
klips_debug:pfkey_address_process: found address family=2, AF_INET, 255.255.255.255.
klips_debug:pfkey_address_process: found src mask address.
klips_debug:pfkey_alloc_eroute: eroute struct already allocated
klips_debug:pfkey_address_parse: extr->eroute set to 192.1.2.23/32:0->192.0.1.0/0:0
klips_debug:pfkey_address_process: successful.
klips_debug:pfkey_msg_interp: processing ext 24 0pDEADF00D with processor 0pDEADF00D.
klips_debug:pfkey_address_process:
klips_debug:pfkey_address_process: found address family=2, AF_INET, 255.255.255.0.
klips_debug:pfkey_address_process: found dst mask address.
klips_debug:pfkey_alloc_eroute: eroute struct already allocated
klips_debug:pfkey_address_parse: extr->eroute set to 192.1.2.23/32:0->192.0.1.0/24:0
klips_debug:pfkey_address_process: successful.
klips_debug:pfkey_msg_interp: parsing message type 14(x-addflow(eroute)) with msg_parser 0pDEADF00D.
klips_debug:pfkey_x_addflow_parse: .
klips_debug:pfkey_x_addflow_parse: calling breakeroute and/or makeroute for 192.1.2.23/32->192.0.1.0/24
klips_debug:pfkey_x_addflow_parse: calling makeroute.
klips_debug:pfkey_x_addflow_parse: makeroute call successful.
klips_debug:pfkey_msg_hdr_build:
klips_debug:pfkey_msg_hdr_build: on_entry &pfkey_ext=0pDEADF00D pfkey_ext=0pDEADF00D *pfkey_ext=0pDEADF00D.
klips_debug:pfkey_msg_hdr_build: on_exit &pfkey_ext=0pDEADF00D pfkey_ext=0pDEADF00D *pfkey_ext=0pDEADF00D.
klips_debug:pfkey_safe_build: error=0
klips_debug:pfkey_safe_build:success.
klips_debug:pfkey_sa_build: spi=00000100 replay=0 sa_state=0 auth=0 encrypt=0 flags=0
klips_debug:pfkey_safe_build: error=0
klips_debug:pfkey_safe_build:success.
klips_debug:pfkey_address_build: exttype=5 proto=0 prefixlen=0
klips_debug:pfkey_address_build: found address family AF_INET.
klips_debug:pfkey_address_build: found address=0.0.0.0:0.
klips_debug:pfkey_address_build: successful created len: 3.
klips_debug:pfkey_safe_build: error=0
klips_debug:pfkey_safe_build:success.
klips_debug:pfkey_address_build: exttype=6 proto=0 prefixlen=0
klips_debug:pfkey_address_build: found address family AF_INET.
klips_debug:pfkey_address_build: found address=0.0.0.0:0.
klips_debug:pfkey_address_build: successful created len: 3.
klips_debug:pfkey_safe_build: error=0
klips_debug:pfkey_safe_build:success.
klips_debug:pfkey_address_build: exttype=21 proto=0 prefixlen=0
klips_debug:pfkey_address_build: found address family AF_INET.
klips_debug:pfkey_address_build: found address=192.1.2.23:0.
klips_debug:pfkey_address_build: successful created len: 3.
klips_debug:pfkey_safe_build: error=0
klips_debug:pfkey_safe_build:success.
klips_debug:pfkey_address_build: exttype=22 proto=0 prefixlen=0
klips_debug:pfkey_address_build: found address family AF_INET.
klips_debug:pfkey_address_build: found address=192.0.1.0:0.
klips_debug:pfkey_address_build: successful created len: 3.
klips_debug:pfkey_safe_build: error=0
klips_debug:pfkey_safe_build:success.
klips_debug:pfkey_address_build: exttype=23 proto=0 prefixlen=0
klips_debug:pfkey_address_build: found address family AF_INET.
klips_debug:pfkey_address_build: found address=255.255.255.255:0.
klips_debug:pfkey_address_build: successful created len: 3.
klips_debug:pfkey_safe_build: error=0
klips_debug:pfkey_safe_build:success.
klips_debug:pfkey_address_build: exttype=24 proto=0 prefixlen=0
klips_debug:pfkey_address_build: found address family AF_INET.
klips_debug:pfkey_address_build: found address=255.255.255.0:0.
klips_debug:pfkey_address_build: successful created len: 3.
klips_debug:pfkey_safe_build: error=0
klips_debug:pfkey_safe_build:success.
klips_debug:pfkey_msg_build: pfkey_msg=0pDEADF00D allocated 184 bytes, &(extensions[0])=0pDEADF00D
klips_debug:pfkey_msg_build: copying 24 bytes from extensions[1] (type=1)
klips_debug:pfkey_msg_build: copying 24 bytes from extensions[5] (type=5)
klips_debug:pfkey_msg_build: copying 24 bytes from extensions[6] (type=6)
klips_debug:pfkey_msg_build: copying 24 bytes from extensions[21] (type=21)
klips_debug:pfkey_msg_build: copying 24 bytes from extensions[22] (type=22)
klips_debug:pfkey_msg_build: copying 24 bytes from extensions[23] (type=23)
klips_debug:pfkey_msg_build: copying 24 bytes from extensions[24] (type=24)
klips_debug:pfkey_msg_build: extensions permitted=05e00063, seen=01e00063, required=01e00043.
klips_debug:pfkey_upmsg: allocating 184 bytes...
klips_debug:pfkey_upmsg: ...allocated at 0pDEADF00D.
klips_debug:pfkey_x_addflow_parse: sending up x_addflow reply message for satype=11(INT) (proto=61) to socket=0pDEADF00D succeeded.
klips_debug:pfkey_x_addflow_parse: extr->ips cleaned up and freed.
klips_debug:pfkey_release: sock=0pDEADF00D sk=0pDEADF00D
klips_debug:pfkey_destroy_socket: 0pDEADF00D
klips_debug:pfkey_remove_socket: 0pDEADF00D
klips_debug:pfkey_destroy_socket: pfkey_remove_socket called, sk=0pDEADF00D
klips_debug:pfkey_destroy_socket: sk(0pDEADF00D)->(&0pDEADF00D)receive_queue.{next=0pDEADF00D,prev=0pDEADF00D}.
klips_debug:pfkey_destroy_socket: skb=0pDEADF00D freed.
klips_debug:pfkey_destroy_socket: destroyed.
klips_debug:pfkey_list_remove_socket: removing sock=0pDEADF00D
klips_debug:pfkey_list_remove_socket: removing sock=0pDEADF00D
klips_debug:pfkey_list_remove_socket: removing sock=0pDEADF00D
klips_debug:pfkey_list_remove_socket: removing sock=0pDEADF00D
klips_debug:pfkey_list_remove_socket: removing sock=0pDEADF00D
klips_debug:pfkey_list_remove_socket: removing sock=0pDEADF00D
klips_debug:pfkey_list_remove_socket: removing sock=0pDEADF00D
klips_debug:pfkey_list_remove_socket: removing sock=0pDEADF00D
klips_debug:pfkey_list_remove_socket: removing sock=0pDEADF00D
klips_debug:pfkey_list_remove_socket: removing sock=0pDEADF00D
klips_debug:pfkey_list_remove_socket: removing sock=0pDEADF00D
klips_debug:pfkey_list_remove_socket: removing sock=0pDEADF00D
klips_debug:pfkey_list_remove_socket: removing sock=0pDEADF00D
klips_debug:pfkey_release: succeeded.
klips_debug:pfkey_create: sock=0pDEADF00D type:3 state:1 flags:0 protocol:2
klips_debug:pfkey_create: sock->fasync_list=0pDEADF00D sk->sleep=0pDEADF00D.
klips_debug:pfkey_insert_socket: sk=0pDEADF00D
klips_debug:pfkey_list_insert_socket: allocating 8 bytes for socketp=0pDEADF00D
klips_debug:pfkey_create: Socket sock=0pDEADF00D sk=0pDEADF00D initialised.
klips_debug:pfkey_sendmsg: .
klips_debug:pfkey_sendmsg: allocating 72 bytes for downward message.
klips_debug:pfkey_sendmsg: msg sent for parsing.
klips_debug:pfkey_msg_interp: parsing message ver=2, type=16, errno=0, satype=0(UNKNOWN), len=9, res=0, seq=1, pid=987.
klips_debug:pfkey_msg_interp: allocated extr->ips=0pDEADF00D.
klips_debug:pfkey_msg_parse: parsing message ver=2, type=16(x-debug), errno=0, satype=0(UNKNOWN), len=9, res=0, seq=1, pid=987.
klips_debug:pfkey_msg_parse: remain=7
klips_debug:pfkey_msg_parse: extensions permitted=02000001, required=02000001.
klips_debug:pfkey_msg_parse: parsing ext type=25(X-set-debug) remain=7.
klips_debug:pfkey_msg_parse: remain=7 ext_type=25(X-set-debug) ext_len=7 parsing ext 0pDEADF00D with parser pfkey_x_ext_debug_parse.
klips_debug:pfkey_x_debug_parse: enter
klips_debug:pfkey_msg_parse: Extension 25(X-set-debug) parsed.
klips_debug:pfkey_msg_parse: extensions permitted=02000001, seen=02000001, required=02000001.
klips_debug:pfkey_msg_interp: processing ext 25 0pDEADF00D with processor 0pDEADF00D.
klips_debug:pfkey_x_debug_process: .
klips_debug:pfkey_x_debug_process: unset