Starting UML PATH/start.sh spawn PATH single UML running in SKAS3 mode Checking PROT_EXEC mmap in /tmp...OK Linux version XXXX Built 1 zonelists Kernel command line: PID hash table entries: 256 (order: 8, 4096 bytes) Dentry-cache hash table entries: NUMBERS Inode-cache hash table entries: NUMBERS Mount-cache hash table entries: NUMBERS Checking syscall emulation patch for ptrace...OK Checking advanced syscall emulation patch for ptrace...OK checking if image is initramfs...it isn't (bad gzip magic numbers); looks like an initrd Freeing initrd memory: 1228k freed NET: Registered protocol family 16 VFS: Diskquotas version dquot_6.4.0 initialized Dquot-cache hash table entries: 1024 (order 0, 4096 bytes) Initializing Cryptographic API io scheduler noop registered io scheduler anticipatory registered io scheduler deadline registered io scheduler cfq registered loop: loaded (max 8 devices) nbd: registered device at major 43 PPP generic driver version VERSION SLIP: version 0.8.4-NET3.019-NEWTTY (dynamic channels, max=256). tun: Universal TUN/TAP device driver VERSION tun: (C) 1999-2004 Max Krasnyansky NET: Registered protocol family 2 IP route cache hash table entries: 512 (order: -1, 2048 bytes) TCP established hash table entries: 2048 (order: 2, 16384 bytes) TCP bind hash table entries: 2048 (order: 1, 8192 bytes) TCP: Hash tables configured (established 2048 bind 2048) TCP reno registered NET: Registered protocol family 15 ipsec_3des_init(alg_type=15 alg_id=3 name=3des): ret=0 IPv4 over IPv4 tunneling driver GRE over IPv4 tunneling driver TCP bic registered TCP westwood registered TCP highspeed registered TCP hybla registered TCP htcp registered TCP vegas registered TCP scalable registered NET: Registered protocol family 1 NET: Registered protocol family 17 Initialized stdio console driver Console initialized on /dev/tty0 RAMDISK: cramfs filesystem found at block 0 RAMDISK: Loading 1228KiB [1 disk] into ram disk... |/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|done. MOUNTING /btmp/build/HEAD/2005_11_26/UMLPOOL/east/root for UML testing root. Mounting a tmpfs over /dev...done. Creating initial device nodes...done. line_ioctl: tty0: ioctl KDSIGACCEPT called INIT: version 2.78 booting Activating swap... Checking all file systems... Parallelizing fsck version 1.18 (11-Nov-1999) Setting kernel variables. Mounting local filesystems... mount: devpts already mounted on /dev/pts /dev/shm on /tmp type tmpfs (rw) /dev/shm on /var/run type tmpfs (rw) none on /usr/share type hostfs (ro) none on /usr/obj type hostfs (ro, PATH) Enabling packet forwarding: done. Configuring network interfaces: done. Cleaning: /tmp /var/lock /var/run. Initializing random number generator... done. Recovering nvi editor sessions... done. Give root password for maintenance (or type Control-D for normal startup): east:~# klogd -c 4 -x -f /tmp/klog.log east:~# named east:~# TESTNAME=vpn-dns-01 east:~# mkdir -p /tmp/$TESTNAME east:~# cp /testing/pluto/$TESTNAME/east.conf /tmp/$TESTNAME/ipsec.conf east:~# cp /etc/ipsec.secrets /tmp/$TESTNAME east:~# mkdir -p /tmp/$TESTNAME/ipsec.d/policies east:~# cp /etc/ipsec.d/policies/* /tmp/$TESTNAME/ipsec.d/policies east:~# IPSEC_CONFS=/tmp/$TESTNAME export IPSEC_CONFS east:~# ipsec setup start ipsec_setup: Starting Libreswan IPsec VERSION east:~# /testing/pluto/bin/wait-until-pluto-started east:~# dig eastkey.uml.freeswan.org. key ; <<>> DiG VERSION<<>> eastkey.uml.freeswan.org. key ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12345 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;eastkey.uml.freeswan.org. IN KEY ;; ANSWER SECTION: eastkey.uml.freeswan.org. 604800 IN KEY 16896 4 1 AQN3cn11FrBVbZhWGwRnFDAf8O9FHBmBIyIvmvt0kfkI2UGDDq8k+vYg RkwBZDviLd1p3SkL30LzuV0rqG3vBriqaAUUGoCQ0UMgsuX+k01bROLs qGB1QNXYvYiPLsnoDhKd2Gx9MUMHEjwwEZeyskMT5k91jvoAZvdEkg+9 h7urbJ+kRQ4e+IHkMUrreDGwGVptV/hYQVCD54RZep6xp5ymaKRCDgMp zWvlzO80fP7JDjSZf9LI/MMu6c+qwXIKnWoNha75IhFyLWniVczxK2Rd hmMhLsi0kC0CoOwWDSIEOb+5zbECDjjud+SF5tT8qRCWnSomX8jtbCdZ 50WraQlL ;; Query time: 25 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: DATE ;; MSG SIZE rcvd: SIZE east:~# dig westtxt.uml.freeswan.org. txt ; <<>> DiG VERSION<<>> westtxt.uml.freeswan.org. txt ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12345 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;westtxt.uml.freeswan.org. IN TXT ;; ANSWER SECTION: westtxt.uml.freeswan.org. 604800 IN TXT "X-IPsec-Server(10)=@westtxt.uml.freeswan.org. " "AQNzGEFs18VKT00sA+4p+GUKn9C55PYuPQca6C+9Qhj0jfMdQnTRTDLeI+lp9TnidHH7fVpq+PkfiF2LHlZtDwMurLlwzbNOghlEYKfQ080WlOTTUAmOLhAzH28MF70q3hzq0m5fCaVZWtxcV+LfHWdxceCkjBUSaTFtR2W12urFCBz+SB3+OM33aeIbfHxmck2yzhJ8xyMods5kF3ek/RZlFvgN8VqBdcFVrZwTh0mXDCGN12HNFixL6FzQ1jQ" "KerKBbjb0m/IPqugvpVPWVIUajUpLMEmi1FAXc1mFZE9x1SFuSr0NzYIu2ZaHfvsAZY5oN+I+R2oC67fUCjgxY+t7" ;; Query time: 25 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: DATE ;; MSG SIZE rcvd: SIZE east:~# ipsec whack --debug-control east:~# : BAD/KEY - will fail east:~# ipsec auto $SHOW --add westnet-eastnet-bad-key 028 failure to fetch key for @eastbad.uml.freeswan.org from DNS: RR of type TXT for eastbad.uml.freeswan.org. was not found 028 failure to fetch key for @eastbad.uml.freeswan.org from DNS: RR of type KEY for eastbad.uml.freeswan.org. was not found east:~# ipsec auto $SHOW --delete westnet-eastnet-bad-key 021 no connection named "westnet-eastnet-bad-key" east:~# : TXT/BAD - will fail east:~# ipsec auto $SHOW --add westnet-eastnet-txt-bad 028 failure to fetch key for @westbad.uml.freeswan.org from DNS: RR of type TXT for westbad.uml.freeswan.org. was not found 028 failure to fetch key for @westbad.uml.freeswan.org from DNS: RR of type KEY for westbad.uml.freeswan.org. was not found east:~# ipsec auto $SHOW --delete westnet-eastnet-txt-bad 021 no connection named "westnet-eastnet-txt-bad" east:~# : KEY/KEY east:~# ipsec auto $SHOW --add westnet-eastnet-key-key east:~# ipsec auto $SHOW --delete westnet-eastnet-key-key east:~# : KEY/TXT east:~# ipsec auto $SHOW --add westnet-eastnet-key-txt east:~# ipsec auto $SHOW --delete westnet-eastnet-key-txt east:~# : TXT/TXT east:~# ipsec auto $SHOW --add westnet-eastnet-txt-txt east:~# ipsec auto $SHOW --delete westnet-eastnet-txt-txt east:~# : TXT/KEY east:~# ipsec auto $SHOW --add westnet-eastnet-txt-key east:~# ipsec auto $SHOW --delete westnet-eastnet-txt-key east:~# east:~# ipsec setup stop IPSEC EVENT: KLIPS device ipsec0 shut down. ipsec_setup: Stopping Libreswan IPsec... east:~# kill `cat /var/run/klogd.pid`; cat /tmp/klog.log klogd 1.3-3#33.1, log source = /proc/kmsg started. east:~# halt -p -f Power down.