gw1 Wed Jun 12 18:53:56 EDT 2002 + _________________________ version + ipsec --version Linux FreeS/WAN 1.97 See `ipsec --copyright' for copyright information. + _________________________ proc/version + cat /proc/version Linux version 2.4.18 (root@gw1) (gcc version 2.95.4 20011002 (Debian prerelease)) #3 Sat Jun 1 12:06:12 EDT 2002 + _________________________ proc/net/ipsec_eroute + sort +3 /proc/net/ipsec_eroute 0 192.168.0.0/24 -> 10.1.1.0/24 => tun0x1002@149.2.24.213 + _________________________ proc/net/ipsec_spi + cat /proc/net/ipsec_spi esp0x7fb0c88b@149.2.24.213 ESP_3DES_HMAC_MD5: dir=out src=65.219.193.250 iv_bits=64bits iv=0x27d94850bbe2e645 ooowin=64 alen=128 aklen=128 eklen=192 life(c,s,h)=addtime(512318,0,0) tun0x1001@65.219.193.250 IPIP: dir=in src=149.2.24.213 life(c,s,h)=addtime(512318,0,0) esp0xd45babfe@65.219.193.250 ESP_3DES_HMAC_MD5: dir=in src=149.2.24.213 iv_bits=64bits iv=0x2ce4c73d47c0bb65 ooowin=64 alen=128 aklen=128 eklen=192 life(c,s,h)=addtime(512318,0,0) tun0x1002@149.2.24.213 IPIP: dir=out src=65.219.193.250 life(c,s,h)=addtime(512318,0,0) + _________________________ proc/net/ipsec_spigrp + cat /proc/net/ipsec_spigrp tun0x1001@65.219.193.250 esp0xd45babfe@65.219.193.250 tun0x1002@149.2.24.213 esp0x7fb0c88b@149.2.24.213 + _________________________ netstart-rn + netstat -nr Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 65.219.193.240 0.0.0.0 255.255.255.255 UH 40 0 0 eth2 65.219.193.241 0.0.0.0 255.255.255.255 UH 40 0 0 eth2 192.168.100.0 0.0.0.0 255.255.255.224 U 40 0 0 eth2 65.219.193.224 0.0.0.0 255.255.255.224 U 40 0 0 eth0 65.219.193.224 0.0.0.0 255.255.255.224 U 40 0 0 ipsec0 192.168.0.0 0.0.0.0 255.255.255.0 U 40 0 0 eth1 10.1.1.0 65.219.193.225 255.255.255.0 UG 40 0 0 ipsec0 0.0.0.0 65.219.193.225 0.0.0.0 UG 40 0 0 eth0 0.0.0.0 65.219.193.225 0.0.0.0 UG 40 0 0 eth0 0.0.0.0 65.219.193.225 0.0.0.0 UG 40 0 0 eth0 0.0.0.0 65.219.193.225 0.0.0.0 UG 40 0 0 eth0 0.0.0.0 65.219.193.225 0.0.0.0 UG 40 0 0 eth0 0.0.0.0 65.219.193.225 0.0.0.0 UG 40 0 0 eth0 0.0.0.0 65.219.193.225 0.0.0.0 UG 40 0 0 eth0 + _________________________ proc/net/ipsec_tncfg + cat /proc/net/ipsec_tncfg ipsec0 -> eth0 mtu=16260(1500) -> 1500 ipsec1 -> NULL mtu=0(0) -> 0 ipsec2 -> NULL mtu=0(0) -> 0 ipsec3 -> NULL mtu=0(0) -> 0 + _________________________ proc/net/pf_key + cat /proc/net/pf_key sock pid socket next prev e n p sndbf Flags Type St dfc9aa40 20911 c610de80 0 0 0 0 2 65535 00000000 3 1 + _________________________ proc/net/pf_key-star + cd /proc/net + egrep '^' pf_key_registered pf_key_supported pf_key_registered:satype socket pid sk pf_key_registered: 2 c610de80 20911 dfc9aa40 pf_key_registered: 3 c610de80 20911 dfc9aa40 pf_key_registered: 9 c610de80 20911 dfc9aa40 pf_key_registered: 10 c610de80 20911 dfc9aa40 pf_key_supported:satype exttype alg_id ivlen minbits maxbits pf_key_supported: 2 14 3 0 160 160 pf_key_supported: 2 14 2 0 128 128 pf_key_supported: 3 15 3 128 168 168 pf_key_supported: 3 14 3 0 160 160 pf_key_supported: 3 14 2 0 128 128 pf_key_supported: 9 15 1 0 32 32 pf_key_supported: 10 15 2 0 1 1 + _________________________ proc/sys/net/ipsec-star + cd /proc/sys/net/ipsec + egrep '^' debug_ah debug_eroute debug_esp debug_ipcomp debug_netlink debug_pfkey debug_radij debug_rcv debug_spi debug_tunnel debug_verbose debug_xform icmp inbound_policy_check tos debug_ah:-1 debug_eroute:-1 debug_esp:-1 debug_ipcomp:-1 debug_netlink:2147483647 debug_pfkey:-1 debug_radij:-1 debug_rcv:-1 debug_spi:-1 debug_tunnel:-1 debug_verbose:0 debug_xform:-1 icmp:1 inbound_policy_check:1 tos:1 + _________________________ ipsec/status + ipsec auto --status 000 interface ipsec0/eth0:5 65.219.193.250 000 000 "db08": 192.168.0.0/24===65.219.193.250---65.219.193.225...149.2.24.1---149.2.24.213===10.1.1.0/24 000 "db08": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3 000 "db08": policy: PSK+ENCRYPT+TUNNEL+DISABLEARRIVALCHECK; interface: eth0:5; erouted 000 "db08": newest ISAKMP SA: #1; newest IPsec SA: #2; eroute owner: #2 000 000 #2: "db08" STATE_QUICK_I2 (sent QI2, IPsec SA established); EVENT_SA_REPLACE in 26545s; newest IPSEC; eroute owner 000 #2: "db08" esp.7fb0c88b@149.2.24.213 esp.d45babfe@65.219.193.250 tun.1002@149.2.24.213 tun.1001@65.219.193.250 000 #1: "db08" STATE_MAIN_I4 (ISAKMP SA established); EVENT_SA_REPLACE in 1172s; newest ISAKMP + _________________________ ifconfig-a + ifconfig -a eth0 Link encap:Ethernet HWaddr 00:02:B3:86:28:6A inet addr:65.219.193.226 Bcast:65.255.255.255 Mask:255.255.255.224 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:65224813 errors:0 dropped:0 overruns:0 frame:0 TX packets:68866584 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:3765939653 (3.5 GiB) TX bytes:3147316308 (2.9 GiB) Interrupt:5 eth0:0 Link encap:Ethernet HWaddr 00:02:B3:86:28:6A inet addr:65.219.193.230 Bcast:65.255.255.255 Mask:255.255.255.224 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 Interrupt:5 eth0:1 Link encap:Ethernet HWaddr 00:02:B3:86:28:6A inet addr:65.219.193.231 Bcast:65.255.255.255 Mask:255.255.255.224 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 Interrupt:5 eth0:2 Link encap:Ethernet HWaddr 00:02:B3:86:28:6A inet addr:65.219.193.235 Bcast:65.255.255.255 Mask:255.255.255.224 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 Interrupt:5 eth0:3 Link encap:Ethernet HWaddr 00:02:B3:86:28:6A inet addr:65.219.193.236 Bcast:65.255.255.255 Mask:255.255.255.224 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 Interrupt:5 eth0:4 Link encap:Ethernet HWaddr 00:02:B3:86:28:6A inet addr:65.219.193.237 Bcast:65.255.255.255 Mask:255.255.255.224 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 Interrupt:5 eth0:5 Link encap:Ethernet HWaddr 00:02:B3:86:28:6A inet addr:65.219.193.250 Bcast:65.255.255.255 Mask:255.255.255.224 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 Interrupt:5 eth1 Link encap:Ethernet HWaddr 00:02:B3:86:28:6B inet addr:192.168.0.254 Bcast:192.168.0.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:69627998 errors:0 dropped:0 overruns:0 frame:0 TX packets:65459708 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:3273200797 (3.0 GiB) TX bytes:3787912698 (3.5 GiB) Interrupt:5 Base address:0x2000 eth2 Link encap:Ethernet HWaddr 00:02:B3:88:71:A2 inet addr:192.168.100.1 Bcast:192.168.100.255 Mask:255.255.255.224 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:216227 errors:0 dropped:0 overruns:0 frame:0 TX packets:165545 errors:0 dropped:0 overruns:0 carrier:62 collisions:18511 txqueuelen:100 RX bytes:93405324 (89.0 MiB) TX bytes:25059686 (23.8 MiB) Interrupt:7 Base address:0x4000 ipsec0 Link encap:Ethernet HWaddr 00:02:B3:86:28:6A inet addr:65.219.193.250 Mask:255.255.255.224 UP RUNNING NOARP MTU:16260 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:17 errors:0 dropped:409 overruns:0 carrier:0 collisions:0 txqueuelen:10 RX bytes:0 (0.0 b) TX bytes:2614 (2.5 KiB) ipsec1 Link encap:IPIP Tunnel HWaddr NOARP MTU:0 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:10 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) ipsec2 Link encap:IPIP Tunnel HWaddr NOARP MTU:0 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:10 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) ipsec3 Link encap:IPIP Tunnel HWaddr NOARP MTU:0 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:10 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:1855 errors:0 dropped:0 overruns:0 frame:0 TX packets:1855 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:159170 (155.4 KiB) TX bytes:159170 (155.4 KiB) tunl0 Link encap:IPIP Tunnel HWaddr NOARP MTU:1480 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) + _________________________ ipsec/directory + ipsec --directory /usr/local/lib/ipsec + _________________________ hostname/fqdn + hostname --fqdn gw1.infiniconsys.com + _________________________ hostname/ipaddress + hostname --ip-address 192.168.0.254 + _________________________ uptime + uptime 18:53:56 up 5 days, 22:42, 4 users, load average: 0.00, 0.00, 0.00 + _________________________ ps + ps alxwf + egrep -i 'ppid|pluto|ipsec|klips' F UID PID PPID PRI NI VSZ RSS WCHAN STAT TTY TIME COMMAND 000 0 21629 21604 9 0 2036 928 regist S pts/1 0:00 \_ /bin/sh /usr/local/sbin/ipsec barf 000 0 21630 21629 16 0 2056 980 regist S pts/1 0:00 \_ /bin/sh /usr/local/lib/ipsec/barf 040 0 21671 21630 15 0 2056 980 - R pts/1 0:00 \_ /bin/sh /usr/local/lib/ipsec/barf 040 0 20907 1 9 0 2044 944 regist S pts/0 0:00 /bin/sh /usr/local/lib/ipsec/_plutorun --debug all --uniqueids --dump --load --start --wait --pre --post --log daemon.error --pid /var/run/pluto.pid 040 0 20909 20907 9 0 2044 944 regist S pts/0 0:00 \_ /bin/sh /usr/local/lib/ipsec/_plutorun --debug all --uniqueids --dump --load --start --wait --pre --post --log daemon.error --pid /var/run/pluto.pid 100 0 20911 20909 8 0 1824 884 posix_ S pts/0 0:00 | \_ /usr/local/lib/ipsec/pluto --nofork --debug-all 000 0 20922 20911 9 0 1308 292 posix_ S pts/0 0:00 | \_ _pluto_adns -d 7 10 000 0 20910 20907 8 0 2036 936 user_w S pts/0 0:00 \_ /bin/sh /usr/local/lib/ipsec/_plutoload --load --start --wait --post 000 0 20908 1 9 0 1244 392 user_w S pts/0 0:00 logger -p daemon.error -t ipsec__plutorun + _________________________ ipsec/showdefaults + ipsec showdefaults #dr: no default route # no default route # no default route + _________________________ ipsec/conf + ipsec _include /etc/ipsec.conf + ipsec _keycensor #< /etc/ipsec.conf 1 # /etc/ipsec.conf - FreeS/WAN IPsec configuration file # create tunnel to Core Systems for Oracle ASP access # created 6-7-02 cbarry@infiniconsys.com config setup interfaces="ipsec0=eth0:5" klipsdebug=all plutodebug=all manualstart= plutoload= plutostart= conn db08 type=tunnel left=149.2.24.213 leftnexthop=149.2.24.1 leftsubnet=10.1.1.0/24 right=65.219.193.250 rightnexthop=65.219.193.225 rightsubnet=192.168.0.0/24 keyexchange=ike pfs=no + _________________________ ipsec/secrets + ipsec _include /etc/ipsec.secrets + ipsec _secretcensor #< /etc/ipsec.secrets 1 # This file holds shared secrets or RSA private keys for inter-Pluto # authentication. See ipsec_pluto(8) manpage, and HTML documentation. # RSA private key for this host, authenticating it to any other host # which knows the public part. Suitable public keys, for ipsec.conf, DNS, # or configuration of other implementations, can be extracted conveniently # with "[sums to ef67...]". # # RSA 2192 bits gw1 Sat Jun 1 09:23:18 2002 # # for signatures only, UNSAFE FOR ENCRYPTION # #pubkey=[keyid AQN/zZFLy] # #IN KEY 0x4200 4 1 [keyid AQN/zZFLy] # # (0x4200 = auth-only host-level, 4 = IPSec, 1 = RSA) # Modulus: 0x7fcd914bc845fc427a0339791152b4fc6bcdc3fc3f898c099074137cf3856c5c8464499932f5f4e25d93c4acc136db8549322608302c66a8e7b540219a878899eef344a12a5af85004082f60829b8c1cef1c729f1a9ac0068c96004408eebce5149c1e8c2a0d28f35cc980dc28f2aedcbc386392c5dc3021417525fd69fe79de5ace8132a79099fbcf6f855808439a0bc8f516e154ae07d4ed17902d4fc1ad473c539428f309b6aca1fca908e4cf44f66302a462fb175c26819e23f5c7fd5b6b670921ba942b50e360e4f615b1f85b67f23c4ff278ed5b793e87ef01aba36bac5b47e3aac61c853a940de0b1fa559dadd2db2af50b425f6d71540be0fae9618945f77894e4d6fb9cb28c3ceab8fdfc752909 # PublicExponent: 0x03 # # everything after this point is secret # PrivateExponent: 0x02214af47689b3233dc4520648d271f323ee18998997a0335c01ef4215201723acdf89c28da63b8c4e5c1013f22750756be2f819bc8945fa4820e333c2935357e61da78b382c2ece2233561f79a4b9cd4840796084b5c7779368e66788aea54815ad44c69a4d04f2fd47a003ab5960c7f21201a8d8a18955e3396b4cc1c43dc3b4b6a44960a8cf5dcbf78ed687c9a7c973edca816201ed98a16d50444037d59587df2b91d46ea6cdb8ea92a6211315bd477f68d001dd942b489ed7132e897a13fd8fe9db066554ac4f2b13511cc4ab2cda4a179ab5a28e51a4cad7b5777f5a5e763076544314f0493189733dced0c7813349fcbff1aa15b8835bd004075f87a5ca34170705abbb707fb8a7c734e659e5b78b # Prime1: 0xbc2e4d6470ef0a51243f51062067d3bc397e3783cde7cf0bfe65fe56f99dbd9b7eeedf25a74a12e362f3174e9ce0a8b3a110749e5a610c8b43914f96010e382c84aabe21f37b1c4b54f1db585ed1aa2c9f69d059a5c035cdb7eb776d489505a591b4c92ea32cce019de640a83d3949e5dcc1208ba491db046e26da927c9166b7998605d981598a47d9 # Prime2: 0xaddcc2d08f57ca4c15613d5619f03b5b3f41f6beddb66c5806f7fcd22100b7af835b39feaee286bdc3208b3c8bc158c8c2ab02416a5daf6e0ac1157e6a6a48a647c454d1ecc1c87d89d5d48e752eac725df6a950247d52da343c739feb9f0d5245296c52c3ae97cbe607b7bf280ee4c1f289ceb4e104d2dd53ec14fe1a7bd80bab6434797f9113dcb1 # Exponent1: 0x7d7433984b4a06e0c2d4e0aec04537d2d0fecfad33efdf5d5443fee4a6692912549f3f6e6f86b74241f764df13407077c0b5a3143c40b3078260dfb956097ac85871d416a25212dce34be7903f36717314f13591192ace892547a4f385b8ae6e612330c9c21ddeabbe99807028d0dbee932b6b07c30be758496f3c61a860ef25110403e6563bb1853b # Exponent2: 0x73e881e05f8fdc32b8eb7e3966a027922a2bf9d493cef2e559faa88c16007a75023cd1547497047e8215b2285d2b9085d71cac2b9c3e74f4072b63a99c46db19852d8de148813053b139385ef8c9c84c3ea470e018538c9178284d1547bf5e36d8c648372d1f0fdd4405252a1ab498814c5bdf2340ade1e8e29d635411a7e55d1ced7850ffb60d3dcb # Coefficient: 0x269962796928840e81095d71be30eaa3c7078c1024c1639c004409b5287c48a55e2a2ecf059b1d30ec8ed81b4328b45fdac41f9124d19d05fd1f0382d09771d2bb2eaed499c698a6fbc5eb1977b4794c818c00f94ad16e6a4ced72f694acedde913679e0dc33e33f414b0557b5f300cd25a797954454dc1c384687fb44e646af75772eae71066dc656 # } # do not change the indenting of that "[sums to 7d9d...]" 65.219.193.250 149.2.24.213 "[sums to a406...]" + _________________________ ipsec/ls-dir + ls -l /usr/local/lib/ipsec total 2228 -rwxr-xr-x 1 root staff 11085 Jun 1 09:24 _confread -rwxr-xr-x 1 root staff 37484 Jun 1 09:24 _copyright -rwxr-xr-x 1 root staff 2163 Jun 1 09:24 _include -rwxr-xr-x 1 root staff 1472 Jun 1 09:24 _keycensor -rwxr-xr-x 1 root staff 61464 Jun 1 09:24 _pluto_adns -rwxr-xr-x 1 root staff 3495 Jun 1 09:24 _plutoload -rwxr-xr-x 1 root staff 4265 Jun 1 09:24 _plutorun -rwxr-xr-x 1 root staff 7294 Jun 1 09:24 _realsetup -rwxr-xr-x 1 root staff 1971 Jun 1 09:24 _secretcensor -rwxr-xr-x 1 root staff 6839 Jun 1 09:24 _startklips -rwxr-xr-x 1 root staff 5014 Jun 1 09:24 _updown -rwxr-xr-x 1 root staff 10912 Jun 1 09:24 auto -rwxr-xr-x 1 root staff 7132 Jun 1 09:24 barf -rwxr-xr-x 1 root staff 194356 Jun 1 09:24 eroute -rwxr-xr-x 1 root root 87061 Jun 1 09:24 ikeping -rwxr-xr-x 1 root staff 2915 Jun 1 09:24 ipsec -rw-r--r-- 1 root staff 1950 Jun 1 09:24 ipsec_pr.template -rwxr-xr-x 1 root staff 137947 Jun 1 09:24 klipsdebug -rwxr-xr-x 1 root staff 2437 Jun 1 09:24 look -rwxr-xr-x 1 root staff 16157 Jun 1 09:24 manual -rwxr-xr-x 1 root staff 1847 Jun 1 09:24 newhostkey -rwxr-xr-x 1 root staff 114190 Jun 1 09:24 pf_key -rwxr-xr-x 1 root staff 752893 Jun 1 09:24 pluto -rwxr-xr-x 1 root staff 43665 Jun 1 09:24 ranbits -rwxr-xr-x 1 root staff 69482 Jun 1 09:24 rsasigkey -rwxr-xr-x 1 root staff 16671 Jun 1 09:24 send-pr lrwxrwxrwx 1 root staff 17 Jun 1 09:24 setup -> /etc/init.d/ipsec -rwxr-xr-x 1 root staff 1041 Jun 1 09:24 showdefaults -rwxr-xr-x 1 root staff 3484 Jun 1 09:24 showhostkey -rwxr-xr-x 1 root staff 222068 Jun 1 09:24 spi -rwxr-xr-x 1 root staff 171679 Jun 1 09:24 spigrp -rwxr-xr-x 1 root staff 55922 Jun 1 09:24 tncfg -rwxr-xr-x 1 root staff 122039 Jun 1 09:24 whack + _________________________ ipsec/updowns ++ ls /usr/local/lib/ipsec ++ egrep updown + cat /usr/local/lib/ipsec/_updown #! /bin/sh # default updown script # Copyright (C) 2000, 2001 D. Hugh Redelmeier, Henry Spencer # # This program is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by the # Free Software Foundation; either version 2 of the License, or (at your # option) any later version. See . # # This program is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License # for more details. # # RCSID $Id: _updown,v 1.19 2002/03/25 18:04:42 henry Exp $ # CAUTION: Installing a new version of FreeS/WAN will install a new # copy of this script, wiping out any custom changes you make. If # you need changes, make a copy of this under another name, and customize # that, and use the (left/right)updown parameters in ipsec.conf to make # FreeS/WAN use yours instead of this default one. # check interface version case "$PLUTO_VERSION" in 1.[0]) # Older Pluto?!? Play it safe, script may be using new features. echo "$0: obsolete interface version \`$PLUTO_VERSION'," >&2 echo "$0: called by obsolete Pluto?" >&2 exit 2 ;; 1.*) ;; *) echo "$0: unknown interface version \`$PLUTO_VERSION'" >&2 exit 2 ;; esac # check parameter(s) case "$1:$*" in ':') # no parameters ;; ipfwadm:ipfwadm) # due to (left/right)firewall; for default script only ;; custom:*) # custom parameters (see above CAUTION comment) ;; *) echo "$0: unknown parameters \`$*'" >&2 exit 2 ;; esac # utility functions for route manipulation # Meddling with this stuff should not be necessary and requires great care. uproute() { doroute add } downroute() { doroute del } doroute() { parms="-net $PLUTO_PEER_CLIENT_NET netmask $PLUTO_PEER_CLIENT_MASK" parms2="dev $PLUTO_INTERFACE gw $PLUTO_NEXT_HOP" case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in "0.0.0.0/0.0.0.0") # horrible kludge for obscure routing bug with opportunistic it="route $1 -net 0.0.0.0 netmask 128.0.0.0 $parms2 && route $1 -net 128.0.0.0 netmask 128.0.0.0 $parms2" ;; *) it="route $1 $parms $parms2" ;; esac eval $it st=$? if test $st -ne 0 then # route has already given its own cryptic message echo "$0: \`$it' failed" >&2 if test " $1 $st" = " add 7" then # another totally undocumented interface -- 7 and # "SIOCADDRT: Network is unreachable" means that # the gateway isn't reachable. echo "$0: (incorrect or missing nexthop setting??)" >&2 fi fi return $st } # the big choice case "$PLUTO_VERB:$1" in prepare-host:*|prepare-client:*) # delete possibly-existing route (preliminary to adding a route) case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in "0.0.0.0/0.0.0.0") # horrible kludge for obscure routing bug with opportunistic it="route del -net 0.0.0.0 netmask 128.0.0.0 2>&1 ; route del -net 128.0.0.0 netmask 128.0.0.0 2>&1" ;; *) it="route del -net $PLUTO_PEER_CLIENT_NET \ netmask $PLUTO_PEER_CLIENT_MASK 2>&1" ;; esac oops="`eval $it`" status="$?" if test " $oops" = " " -a " $status" != " 0" then oops="silent error, exit status $status" fi case "$oops" in 'SIOCDELRT: No such process'*) # This is what route (currently -- not documented!) gives # for "could not find such a route". oops= status=0 ;; esac if test " $oops" != " " -o " $status" != " 0" then echo "$0: \`$it' failed ($oops)" >&2 fi exit $status ;; route-host:*|route-client:*) # connection to me or my client subnet being routed uproute ;; unroute-host:*|unroute-client:*) # connection to me or my client subnet being unrouted downroute ;; up-host:*) # connection to me coming up # If you are doing a custom version, firewall commands go here. ;; down-host:*) # connection to me going down # If you are doing a custom version, firewall commands go here. ;; up-client:) # connection to my client subnet coming up # If you are doing a custom version, firewall commands go here. ;; down-client:) # connection to my client subnet going down # If you are doing a custom version, firewall commands go here. ;; up-client:ipfwadm) # connection to client subnet, with (left/right)firewall=yes, coming up # This is used only by the default updown script, not by your custom # ones, so do not mess with it; see CAUTION comment up at top. ipfwadm -F -i accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \ -D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK ;; down-client:ipfwadm) # connection to client subnet, with (left/right)firewall=yes, going down # This is used only by the default updown script, not by your custom # ones, so do not mess with it; see CAUTION comment up at top. ipfwadm -F -d accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \ -D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK ;; *) echo "$0: unknown verb \`$PLUTO_VERB' or parameter \`$1'" >&2 exit 1 ;; esac + _________________________ proc/net/dev + cat /proc/net/dev Inter-| Receive | Transmit face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed lo: 159170 1855 0 0 0 0 0 0 159170 1855 0 0 0 0 0 0 eth0:3765959116 65224842 0 0 0 0 0 0 3147324120 68866611 0 0 0 0 0 0 eth1:3273208591 69628024 0 0 0 0 0 0 3787932049 65459736 0 0 0 0 0 0 eth2:93405324 216227 0 0 0 0 0 0 25059686 165545 0 0 0 18511 62 0 tunl0: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ipsec0: 0 0 0 0 0 0 0 0 2614 17 0 409 0 0 0 0 ipsec1: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ipsec2: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ipsec3: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 + _________________________ proc/net/route + cat /proc/net/route Iface Destination Gateway Flags RefCnt Use Metric Mask MTU Window IRTT eth2 F0C1DB41 00000000 0005 0 0 0 FFFFFFFF 40 0 0 eth2 F1C1DB41 00000000 0005 0 0 0 FFFFFFFF 40 0 0 eth2 0064A8C0 00000000 0001 0 0 0 E0FFFFFF 40 0 0 eth0 E0C1DB41 00000000 0001 0 0 0 E0FFFFFF 40 0 0 ipsec0 E0C1DB41 00000000 0001 0 0 0 E0FFFFFF 40 0 0 eth1 0000A8C0 00000000 0001 0 0 0 00FFFFFF 40 0 0 ipsec0 0001010A E1C1DB41 0003 0 0 0 00FFFFFF 40 0 0 eth0 00000000 E1C1DB41 0003 0 0 0 00000000 40 0 0 eth0 00000000 E1C1DB41 0003 0 0 0 00000000 40 0 0 eth0 00000000 E1C1DB41 0003 0 0 0 00000000 40 0 0 eth0 00000000 E1C1DB41 0003 0 0 0 00000000 40 0 0 eth0 00000000 E1C1DB41 0003 0 0 0 00000000 40 0 0 eth0 00000000 E1C1DB41 0003 0 0 0 00000000 40 0 0 eth0 00000000 E1C1DB41 0003 0 0 0 00000000 40 0 0 + _________________________ proc/sys/net/ipv4/ip_forward + cat /proc/sys/net/ipv4/ip_forward 1 + _________________________ proc/sys/net/ipv4/conf/star-rp_filter + cd /proc/sys/net/ipv4/conf + egrep '^' all/rp_filter default/rp_filter eth0/rp_filter eth1/rp_filter eth2/rp_filter ipsec0/rp_filter lo/rp_filter all/rp_filter:0 default/rp_filter:0 eth0/rp_filter:1 eth1/rp_filter:0 eth2/rp_filter:0 ipsec0/rp_filter:0 lo/rp_filter:0 + _________________________ uname-a + uname -a Linux gw1 2.4.18 #3 Sat Jun 1 12:06:12 EDT 2002 i686 unknown + _________________________ redhat-release + test -r /etc/redhat-release + _________________________ proc/net/ipsec_version + cat /proc/net/ipsec_version FreeS/WAN version: 1.97 + _________________________ iptables/list + iptables -L -v -n Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 116K 8724K rfc1918 all -- eth0 * 0.0.0.0/0 0.0.0.0/0 1816 156K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 115K 8199K net2fw all -- eth0 * 0.0.0.0/0 0.0.0.0/0 217K 35M loc2fw all -- eth1 * 192.168.0.0/24 0.0.0.0/0 43 2676 dmz2fw all -- eth2 * 0.0.0.0/0 0.0.0.0/0 0 0 gw2fw all -- ipsec0 * 0.0.0.0/0 0.0.0.0/0 5578 1566K common all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/hour burst 5 LOG flags 0 level 6 prefix `Shorewall:all2all:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 65M 20G rfc1918 all -- eth0 * 0.0.0.0/0 0.0.0.0/0 65M 20G net2loc all -- eth0 eth1 0.0.0.0/0 192.168.0.0/24 6663 881K net2dmz all -- eth0 eth2 0.0.0.0/0 0.0.0.0/0 0 0 net2all all -- eth0 ipsec0 0.0.0.0/0 0.0.0.0/0 68M 32G loc2net all -- eth1 eth0 192.168.0.0/24 0.0.0.0/0 157K 22M loc2dmz all -- eth1 eth2 192.168.0.0/24 0.0.0.0/0 405 36954 loc2gw all -- eth1 ipsec0 192.168.0.0/24 0.0.0.0/0 7357 1446K dmz2net all -- eth2 eth0 0.0.0.0/0 0.0.0.0/0 207K 89M dmz2loc all -- eth2 eth1 0.0.0.0/0 192.168.0.0/24 0 0 all2all all -- eth2 ipsec0 0.0.0.0/0 0.0.0.0/0 0 0 all2all all -- ipsec0 eth0 0.0.0.0/0 0.0.0.0/0 0 0 gw2loc all -- ipsec0 eth1 0.0.0.0/0 192.168.0.0/24 0 0 all2all all -- ipsec0 eth2 0.0.0.0/0 0.0.0.0/0 10440 702K common all -- * * 0.0.0.0/0 0.0.0.0/0 131 9436 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/hour burst 5 LOG flags 0 level 6 prefix `Shorewall:all2all:REJECT:' 168 12231 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 1816 156K ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0 48484 9126K ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 16204 5150K fw2net all -- * eth0 0.0.0.0/0 0.0.0.0/0 13628 2845K all2all all -- * eth1 0.0.0.0/0 192.168.0.0/24 167 6680 all2all all -- * eth2 0.0.0.0/0 0.0.0.0/0 17 1164 all2all all -- * ipsec0 0.0.0.0/0 0.0.0.0/0 0 0 common all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/hour burst 5 LOG flags 0 level 6 prefix `Shorewall:all2all:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain all2all (12 references) pkts bytes target prot opt in out source destination 11995 2748K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 211K 35M common all -- * * 0.0.0.0/0 0.0.0.0/0 1419 227K LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/hour burst 5 LOG flags 0 level 6 prefix `Shorewall:all2all:REJECT:' 51099 7835K reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain common (5 references) pkts bytes target prot opt in out source destination 381 37168 icmpdef icmp -- * * 0.0.0.0/0 0.0.0.0/0 12648 1233K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x10/0x10 853 34690 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x04/0x04 126K 21M DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:445 23137 6550K DROP all -- * * 0.0.0.0/0 255.255.255.255 0 0 DROP all -- * * 0.0.0.0/0 224.0.0.0/4 284 17047 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:53 state NEW 0 0 DROP all -- * * 0.0.0.0/0 65.219.193.255 17592 1302K DROP all -- * * 0.0.0.0/0 192.168.0.255 0 0 DROP all -- * * 0.0.0.0/0 192.168.100.255 Chain dmz2fw (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 4 336 ACCEPT icmp -- eth2 * 0.0.0.0/0 0.0.0.0/0 icmp type 8 39 2340 all2all all -- * * 0.0.0.0/0 0.0.0.0/0 Chain dmz2loc (1 references) pkts bytes target prot opt in out source destination 207K 89M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT tcp -- * * 65.219.193.240 192.168.0.5 state NEW tcp dpt:25 0 0 ACCEPT tcp -- * * 65.219.193.241 192.168.0.5 state NEW tcp dpt:25 3 140 all2all all -- * * 0.0.0.0/0 0.0.0.0/0 Chain dmz2net (1 references) pkts bytes target prot opt in out source destination 4802 1270K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 15 900 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:53 2 120 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80 2408 167K ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:53 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:123 130 7734 all2all all -- * * 0.0.0.0/0 0.0.0.0/0 Chain fw2net (1 references) pkts bytes target prot opt in out source destination 14843 5047K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT esp -- * * 0.0.0.0/0 149.2.24.213 state NEW 0 0 ACCEPT ah -- * * 0.0.0.0/0 149.2.24.213 state NEW 121 23640 ACCEPT udp -- * * 0.0.0.0/0 149.2.24.213 udp spt:500 dpt:500 state NEW 1240 79574 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain gw2fw (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT icmp -- ipsec0 * 0.0.0.0/0 0.0.0.0/0 icmp type 8 0 0 all2all all -- * * 0.0.0.0/0 0.0.0.0/0 Chain gw2loc (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain icmpdef (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 0 4 224 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 4 297 16632 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3 1 56 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 11 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 12 Chain loc2dmz (1 references) pkts bytes target prot opt in out source destination 157K 22M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 10 480 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 318 15176 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80 36 1829 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25 39 2232 all2all all -- * * 0.0.0.0/0 0.0.0.0/0 Chain loc2fw (1 references) pkts bytes target prot opt in out source destination 7602 653K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 3 156 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:161 228 6572 ACCEPT icmp -- eth1 * 0.0.0.0/0 0.0.0.0/0 icmp type 8 209K 35M all2all all -- * * 0.0.0.0/0 0.0.0.0/0 Chain loc2gw (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 405 36954 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain loc2net (1 references) pkts bytes target prot opt in out source destination 68M 32G ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 16 768 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:6667 limit: avg 10/hour burst 5 LOG flags 0 level 6 prefix `Shorewall:loc2net:REJECT:' 18 864 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:6667 791K 42M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain logdrop (7 references) pkts bytes target prot opt in out source destination 1306 533K LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:rfc1918:DROP:' 1306 533K DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain net2all (4 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 100K 5675K common all -- * * 0.0.0.0/0 0.0.0.0/0 1405 78644 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/hour burst 5 LOG flags 0 level 6 prefix `Shorewall:net2all:DROP:' 95301 4990K DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain net2dmz (1 references) pkts bytes target prot opt in out source destination 6099 853K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 263 12804 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80 16 888 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21 2 120 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:53 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:53 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:113 limit: avg 10/hour burst 5 LOG flags 0 level 6 prefix `Shorewall:net2dmz:REJECT:' 0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:113 283 13616 net2all all -- * * 0.0.0.0/0 0.0.0.0/0 Chain net2fw (1 references) pkts bytes target prot opt in out source destination 16486 2547K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT esp -- * * 149.2.24.213 0.0.0.0/0 state NEW 0 0 ACCEPT ah -- * * 149.2.24.213 0.0.0.0/0 state NEW 433 80520 ACCEPT udp -- * * 149.2.24.213 0.0.0.0/0 udp spt:500 dpt:500 state NEW 4 236 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 20 1136 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:113 0 0 LOG icmp -- * * 199.171.54.0/24 0.0.0.0/0 icmp type 8 limit: avg 10/hour burst 5 LOG flags 0 level 6 prefix `Shorewall:net2fw:ACCEPT:' 0 0 ACCEPT icmp -- * * 199.171.54.0/24 0.0.0.0/0 icmp type 8 0 0 LOG icmp -- * * 153.39.50.6 0.0.0.0/0 icmp type 8 limit: avg 10/hour burst 5 LOG flags 0 level 6 prefix `Shorewall:net2fw:ACCEPT:' 0 0 ACCEPT icmp -- * * 153.39.50.6 0.0.0.0/0 icmp type 8 0 0 LOG icmp -- * * 153.39.57.136 0.0.0.0/0 icmp type 8 limit: avg 10/hour burst 5 LOG flags 0 level 6 prefix `Shorewall:net2fw:ACCEPT:' 0 0 ACCEPT icmp -- * * 153.39.57.136 0.0.0.0/0 icmp type 8 0 0 LOG icmp -- * * 153.39.57.196 0.0.0.0/0 icmp type 8 limit: avg 10/hour burst 5 LOG flags 0 level 6 prefix `Shorewall:net2fw:ACCEPT:' 0 0 ACCEPT icmp -- * * 153.39.57.196 0.0.0.0/0 icmp type 8 0 0 LOG icmp -- * * 153.39.129.196 0.0.0.0/0 icmp type 8 limit: avg 10/hour burst 5 LOG flags 0 level 6 prefix `Shorewall:net2fw:ACCEPT:' 0 0 ACCEPT icmp -- * * 153.39.129.196 0.0.0.0/0 icmp type 8 0 0 LOG icmp -- * * 153.39.129.230 0.0.0.0/0 icmp type 8 limit: avg 10/hour burst 5 LOG flags 0 level 6 prefix `Shorewall:net2fw:ACCEPT:' 0 0 ACCEPT icmp -- * * 153.39.129.230 0.0.0.0/0 icmp type 8 0 0 LOG icmp -- * * 153.39.129.30 0.0.0.0/0 icmp type 8 limit: avg 10/hour burst 5 LOG flags 0 level 6 prefix `Shorewall:net2fw:ACCEPT:' 0 0 ACCEPT icmp -- * * 153.39.129.30 0.0.0.0/0 icmp type 8 0 0 LOG icmp -- * * 153.39.201.154 0.0.0.0/0 icmp type 8 limit: avg 10/hour burst 5 LOG flags 0 level 6 prefix `Shorewall:net2fw:ACCEPT:' 0 0 ACCEPT icmp -- * * 153.39.201.154 0.0.0.0/0 icmp type 8 0 0 LOG icmp -- * * 153.39.201.213 0.0.0.0/0 icmp type 8 limit: avg 10/hour burst 5 LOG flags 0 level 6 prefix `Shorewall:net2fw:ACCEPT:' 0 0 ACCEPT icmp -- * * 153.39.201.213 0.0.0.0/0 icmp type 8 0 0 LOG icmp -- * * 153.39.203.154 0.0.0.0/0 icmp type 8 limit: avg 10/hour burst 5 LOG flags 0 level 6 prefix `Shorewall:net2fw:ACCEPT:' 0 0 ACCEPT icmp -- * * 153.39.203.154 0.0.0.0/0 icmp type 8 0 0 LOG icmp -- * * 153.39.203.213 0.0.0.0/0 icmp type 8 limit: avg 10/hour burst 5 LOG flags 0 level 6 prefix `Shorewall:net2fw:ACCEPT:' 0 0 ACCEPT icmp -- * * 153.39.203.213 0.0.0.0/0 icmp type 8 0 0 LOG icmp -- * * 66.92.235.40 0.0.0.0/0 icmp type 8 limit: avg 10/hour burst 5 LOG flags 0 level 6 prefix `Shorewall:net2fw:ACCEPT:' 0 0 ACCEPT icmp -- * * 66.92.235.40 0.0.0.0/0 icmp type 8 0 0 LOG icmp -- * * 66.92.235.41 0.0.0.0/0 icmp type 8 limit: avg 10/hour burst 5 LOG flags 0 level 6 prefix `Shorewall:net2fw:ACCEPT:' 0 0 ACCEPT icmp -- * * 66.92.235.41 0.0.0.0/0 icmp type 8 44 28200 ACCEPT icmp -- eth0 * 0.0.0.0/0 0.0.0.0/0 icmp type 8 97887 5542K net2all all -- * * 0.0.0.0/0 0.0.0.0/0 Chain net2loc (1 references) pkts bytes target prot opt in out source destination 65M 20G ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 330 16116 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80 4928 257K ACCEPT tcp -- * * 0.0.0.0/0 192.168.0.5 state NEW tcp dpt:25 0 0 ACCEPT tcp -- * * 0.0.0.0/0 192.168.0.5 state NEW tcp dpt:110 7068 344K ACCEPT tcp -- * * 0.0.0.0/0 192.168.0.5 state NEW tcp dpt:143 18 752 ACCEPT tcp -- * * 0.0.0.0/0 192.168.0.5 state NEW tcp dpt:389 146 7020 ACCEPT tcp -- * * 0.0.0.0/0 192.168.0.10 state NEW tcp dpt:1723 0 0 ACCEPT tcp -- * * 0.0.0.0/0 192.168.0.10 state NEW tcp dpt:1701 126 9101 ACCEPT 47 -- * * 0.0.0.0/0 192.168.0.10 state NEW 36 2184 ACCEPT tcp -- * * 0.0.0.0/0 192.168.0.204 state NEW tcp dpt:22 0 0 ACCEPT tcp -- * * 0.0.0.0/0 192.168.0.204 state NEW tcp dpt:113 1883 119K net2all all -- * * 0.0.0.0/0 0.0.0.0/0 Chain reject (8 references) pkts bytes target prot opt in out source destination 2259 130K REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset 49376 7735K REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain rfc1918 (2 references) pkts bytes target prot opt in out source destination 0 0 RETURN all -- * * 0.0.0.0/0 255.255.255.255 0 0 DROP all -- * * 169.254.0.0/16 0.0.0.0/0 0 0 logdrop all -- * * 0.0.0.0/8 0.0.0.0/0 836 408K logdrop all -- * * 10.0.0.0/8 0.0.0.0/0 0 0 logdrop all -- * * 127.0.0.0/8 0.0.0.0/0 0 0 logdrop all -- * * 192.0.2.0/24 0.0.0.0/0 302 87866 logdrop all -- * * 192.168.0.0/16 0.0.0.0/0 168 36965 logdrop all -- * * 172.16.0.0/12 0.0.0.0/0 0 0 logdrop all -- * * 240.0.0.0/4 0.0.0.0/0 Chain shorewall (0 references) pkts bytes target prot opt in out source destination + _________________________ ipchains/list + ipchains -L -v -n ipchains: Incompatible with this kernel + _________________________ ipfwadm/forward + ipfwadm -F -l -n -e Generic IP Firewall Chains not in this kernel + _________________________ ipfwadm/input + ipfwadm -I -l -n -e Generic IP Firewall Chains not in this kernel + _________________________ ipfwadm/output + ipfwadm -O -l -n -e Generic IP Firewall Chains not in this kernel + _________________________ iptables/nat + iptables -t nat -L -v -n Chain PREROUTING (policy ACCEPT 1026K packets, 78M bytes) pkts bytes target prot opt in out source destination 13191 680K DNAT all -- eth0 * 0.0.0.0/0 65.219.193.230 to:192.168.0.5 294 14562 DNAT all -- eth0 * 0.0.0.0/0 65.219.193.231 to:192.168.0.5 542 31692 DNAT all -- eth0 * 0.0.0.0/0 65.219.193.235 to:192.168.0.10 202 9862 DNAT all -- eth0 * 0.0.0.0/0 65.219.193.236 to:192.168.0.10 337 20998 DNAT all -- eth0 * 0.0.0.0/0 65.219.193.237 to:192.168.0.204 Chain POSTROUTING (policy ACCEPT 19699 packets, 1067K bytes) pkts bytes target prot opt in out source destination 177K 8609K SNAT all -- * eth0 192.168.0.5 0.0.0.0/0 to:65.219.193.230 0 0 SNAT all -- * eth0 192.168.0.5 0.0.0.0/0 to:65.219.193.231 3567 689K SNAT all -- * eth0 192.168.0.10 0.0.0.0/0 to:65.219.193.235 0 0 SNAT all -- * eth0 192.168.0.10 0.0.0.0/0 to:65.219.193.236 2572 188K SNAT all -- * eth0 192.168.0.204 0.0.0.0/0 to:65.219.193.237 518K 25M SNAT all -- * eth0 192.168.0.0/24 0.0.0.0/0 to:65.219.193.226 Chain OUTPUT (policy ACCEPT 3276 packets, 214K bytes) pkts bytes target prot opt in out source destination + _________________________ ipchains/masq + ipchains -M -L -v -n ipchains: cannot open file `/proc/net/ip_masquerade' + _________________________ ipfwadm/masq + ipfwadm -M -l -n -e Generic IP Firewall Chains not in this kernel + _________________________ iptables/mangle + iptables -t mangle -L -v -n Chain PREROUTING (policy ACCEPT 135M packets, 52G bytes) pkts bytes target prot opt in out source destination 65M 20G rfc1918 all -- eth0 * 0.0.0.0/0 0.0.0.0/0 134M 52G pretos all -- * * 0.0.0.0/0 0.0.0.0/0 Chain INPUT (policy ACCEPT 343K packets, 46M bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 134M packets, 52G bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 80904 packets, 17M bytes) pkts bytes target prot opt in out source destination 80316 17M outtos all -- * * 0.0.0.0/0 0.0.0.0/0 Chain POSTROUTING (policy ACCEPT 134M packets, 52G bytes) pkts bytes target prot opt in out source destination Chain logdrop (7 references) pkts bytes target prot opt in out source destination 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:rfc1918:DROP:' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain outtos (1 references) pkts bytes target prot opt in out source destination 0 0 TOS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 TOS set 0x10 21336 7524K TOS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:22 TOS set 0x10 141 10759 TOS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 TOS set 0x10 131 5240 TOS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:21 TOS set 0x10 1 40 TOS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:20 TOS set 0x08 0 0 TOS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:20 TOS set 0x08 Chain pretos (1 references) pkts bytes target prot opt in out source destination 185K 22M TOS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 TOS set 0x10 190K 73M TOS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:22 TOS set 0x10 25165 1333K TOS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 TOS set 0x10 21488 1624K TOS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:21 TOS set 0x10 92035 81M TOS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:20 TOS set 0x08 60232 14M TOS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:20 TOS set 0x08 Chain rfc1918 (1 references) pkts bytes target prot opt in out source destination 0 0 RETURN all -- * * 0.0.0.0/0 255.255.255.255 0 0 DROP all -- * * 0.0.0.0/0 169.254.0.0/16 0 0 logdrop all -- * * 0.0.0.0/0 0.0.0.0/8 0 0 logdrop all -- * * 0.0.0.0/0 10.0.0.0/8 0 0 logdrop all -- * * 0.0.0.0/0 127.0.0.0/8 0 0 logdrop all -- * * 0.0.0.0/0 192.0.2.0/24 0 0 logdrop all -- * * 0.0.0.0/0 192.168.0.0/16 0 0 logdrop all -- * * 0.0.0.0/0 172.16.0.0/12 0 0 logdrop all -- * * 0.0.0.0/0 240.0.0.0/4 + _________________________ proc/modules + cat /proc/modules ipt_TOS 1024 12 (autoclean) ipt_limit 960 20 (autoclean) ipt_LOG 3104 22 (autoclean) ipt_REJECT 2720 2 (autoclean) ipt_state 608 56 (autoclean) iptable_mangle 2112 1 (autoclean) ip_nat_irc 2784 0 (unused) ip_nat_ftp 3456 0 (unused) iptable_nat 18228 3 [ip_nat_irc ip_nat_ftp] ip_conntrack_irc 2592 0 [ip_nat_irc] ip_conntrack_ftp 3424 0 [ip_nat_ftp] ip_conntrack 19372 4 [ipt_state ip_nat_irc ip_nat_ftp iptable_nat ip_conntrack_irc ip_conntrack_ftp] iptable_filter 1728 1 (autoclean) ip_tables 12896 10 [ipt_TOS ipt_limit ipt_LOG ipt_REJECT ipt_state iptable_mangle iptable_nat iptable_filter] rtc 5528 0 (autoclean) + _________________________ proc/meminfo + cat /proc/meminfo total: used: free: shared: buffers: cached: Mem: 526209024 302247936 223961088 0 12046336 186494976 Swap: 131600384 12288 131588096 MemTotal: 513876 kB MemFree: 218712 kB MemShared: 0 kB Buffers: 11764 kB Cached: 182112 kB SwapCached: 12 kB Active: 143832 kB Inactive: 56380 kB HighTotal: 0 kB HighFree: 0 kB LowTotal: 513876 kB LowFree: 218712 kB SwapTotal: 128516 kB SwapFree: 128504 kB + _________________________ dev/ipsec-ls + ls -l '/dev/ipsec*' ls: /dev/ipsec*: No such file or directory + _________________________ proc/net/ipsec-ls + ls -l /proc/net/ipsec_eroute /proc/net/ipsec_klipsdebug /proc/net/ipsec_spi /proc/net/ipsec_spigrp /proc/net/ipsec_tncfg /proc/net/ipsec_version -r--r--r-- 1 root root 0 Jun 12 18:53 /proc/net/ipsec_eroute -r--r--r-- 1 root root 0 Jun 12 18:53 /proc/net/ipsec_klipsdebug -r--r--r-- 1 root root 0 Jun 12 18:53 /proc/net/ipsec_spi -r--r--r-- 1 root root 0 Jun 12 18:53 /proc/net/ipsec_spigrp -r--r--r-- 1 root root 0 Jun 12 18:53 /proc/net/ipsec_tncfg -r--r--r-- 1 root root 0 Jun 12 18:53 /proc/net/ipsec_version + _________________________ usr/src/linux/.config + test -f /usr/src/linux/.config + egrep 'IP|NETLINK' /usr/src/linux/.config # CONFIG_MWINCHIPC6 is not set # CONFIG_MWINCHIP2 is not set # CONFIG_MWINCHIP3D is not set CONFIG_SYSVIPC=y # CONFIG_MD_MULTIPATH is not set # CONFIG_NETLINK_DEV is not set CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_FWMARK=y CONFIG_IP_ROUTE_NAT=y CONFIG_IP_ROUTE_MULTIPATH=y CONFIG_IP_ROUTE_TOS=y CONFIG_IP_ROUTE_VERBOSE=y CONFIG_IP_ROUTE_LARGE_TABLES=y # CONFIG_IP_PNP is not set CONFIG_NET_IPIP=y # CONFIG_NET_IPGRE is not set # CONFIG_IP_MROUTE is not set # IP: Netfilter Configuration CONFIG_IP_NF_CONNTRACK=m CONFIG_IP_NF_FTP=m CONFIG_IP_NF_IRC=m CONFIG_IP_NF_QUEUE=m CONFIG_IP_NF_IPTABLES=m CONFIG_IP_NF_MATCH_LIMIT=m CONFIG_IP_NF_MATCH_MAC=m CONFIG_IP_NF_MATCH_MARK=m CONFIG_IP_NF_MATCH_MULTIPORT=m CONFIG_IP_NF_MATCH_TOS=m CONFIG_IP_NF_MATCH_AH_ESP=m CONFIG_IP_NF_MATCH_LENGTH=m CONFIG_IP_NF_MATCH_TTL=m CONFIG_IP_NF_MATCH_TCPMSS=m CONFIG_IP_NF_MATCH_STATE=m CONFIG_IP_NF_MATCH_UNCLEAN=m CONFIG_IP_NF_MATCH_OWNER=m CONFIG_IP_NF_FILTER=m CONFIG_IP_NF_TARGET_REJECT=m CONFIG_IP_NF_TARGET_MIRROR=m CONFIG_IP_NF_NAT=m CONFIG_IP_NF_NAT_NEEDED=y CONFIG_IP_NF_TARGET_MASQUERADE=m CONFIG_IP_NF_TARGET_REDIRECT=m CONFIG_IP_NF_NAT_SNMP_BASIC=m CONFIG_IP_NF_NAT_IRC=m CONFIG_IP_NF_NAT_FTP=m CONFIG_IP_NF_MANGLE=m CONFIG_IP_NF_TARGET_TOS=m CONFIG_IP_NF_TARGET_MARK=m CONFIG_IP_NF_TARGET_LOG=m CONFIG_IP_NF_TARGET_ULOG=m CONFIG_IP_NF_TARGET_TCPMSS=m CONFIG_IP_NF_COMPAT_IPCHAINS=m CONFIG_IP_NF_NAT_NEEDED=y # CONFIG_IP_NF_COMPAT_IPFWADM is not set # CONFIG_IPV6 is not set # CONFIG_IPX is not set CONFIG_IPSEC=y CONFIG_IPSEC_IPIP=y CONFIG_IPSEC_AH=y CONFIG_IPSEC_AUTH_HMAC_MD5=y CONFIG_IPSEC_AUTH_HMAC_SHA1=y CONFIG_IPSEC_ESP=y CONFIG_IPSEC_ENC_3DES=y CONFIG_IPSEC_IPCOMP=y CONFIG_IPSEC_DEBUG=y # CONFIG_IDEDMA_PCI_WIP is not set # CONFIG_IDE_CHIPSETS is not set # CONFIG_TULIP is not set # CONFIG_HIPPI is not set # CONFIG_PLIP is not set # CONFIG_SLIP is not set # CONFIG_USB_SERIAL_IPAQ is not set + _________________________ etc/syslog.conf + cat /etc/syslog.conf # /etc/syslog.conf Configuration file for syslogd. # # For more information see syslog.conf(5) # manpage. # # First some standard logfiles. Log by facility. # auth,authpriv.* /var/log/auth.log *.*;auth,authpriv.none -/var/log/syslog #cron.* /var/log/cron.log daemon.* -/var/log/daemon.log kern.* -/var/log/kern.log lpr.* -/var/log/lpr.log mail.* -/var/log/mail.log user.* -/var/log/user.log uucp.* /var/log/uucp.log # # Logging for the mail system. Split it up so that # it is easy to write scripts to parse these files. # mail.info -/var/log/mail.info mail.warn -/var/log/mail.warn mail.err /var/log/mail.err # Logging for INN news system # news.crit /var/log/news/news.crit news.err /var/log/news/news.err news.notice -/var/log/news/news.notice # # Some `catch-all' logfiles. # *.=debug;\ auth,authpriv.none;\ news.none;mail.none -/var/log/debug *.=info;*.=notice;*.=warn;\ auth,authpriv.none;\ cron,daemon.none;\ mail,news.none -/var/log/messages # # Emergencies are sent to everybody logged in. # *.emerg * # # I like to have messages displayed on the console, but only on a virtual # console I usually leave idle. # daemon.*;mail.*;\ news.=crit;news.=err;news.=notice;\ *.=debug;*.=info;\ *.=notice;*.=warn |/dev/tty8 # The named pipe /dev/xconsole is for the `xconsole' utility. To use it, # you must invoke `xconsole' with the `-file' option: # # $ xconsole -file /dev/xconsole [...] # # NOTE: adjust the list below, or you'll go crazy if you have a reasonably # busy site.. # #daemon.*;mail.*;\ # news.crit;news.err;news.notice;\ # *.=debug;*.=info;\ # *.=notice;*.=warn |/dev/xconsole # + _________________________ lib/modules-ls + ls -ltr /lib/modules total 2 drwxr-xr-x 12 root root 1024 Feb 11 05:12 2.2.20 drwxr-xr-x 4 root root 1024 Jun 1 12:06 2.4.18 + _________________________ proc/ksyms-netif_rx + egrep netif_rx /proc/ksyms c019b68c netif_rx_Rd40a978b + _________________________ lib/modules-netif_rx + modulegoo kernel/net/ipv4/ipip.o netif_rx + set +x 2.2.20: 2.4.18: + _________________________ kern.debug + test -f /var/log/kern.debug + _________________________ klog + sed -n '420,$p' /var/log/syslog + egrep -i 'ipsec|klips|pluto' + cat Jun 12 18:17:29 gw1 ipsec_setup: Starting FreeS/WAN IPsec 1.97... Jun 12 18:17:29 gw1 ipsec_setup: KLIPS debug `all' Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_x_debug_process: set Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_interp: parsing message type 16 with msg_parser c01e09f0. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_x_msg_debug_parse: . Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_release: sock=c59deb20 sk=dfc9b0c0 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_destroy_socket: . Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_remove_socket: . Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_remove_socket: succeeded. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_destroy_socket: pfkey_remove_socket called. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_destroy_socket: sk(dfc9b0c0)->(&dfc9b114)receive_queue.{next=dfc9b114,prev=dfc9b114}. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_destroy_socket: destroyed. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_list_remove_socket: removing sock=c59deb20 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_release: succeeded. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_create: sock=c59deb20 type:3 state:1 flags:0 protocol:2 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_create: sock->fasync_list=00000000 sk->sleep=c59deb3c. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_insert_socket: sk=dfc9b0c0 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_list_insert_socket: socketp=c59deb20 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_create: Socket sock=c59deb20 sk=dfc9b0c0 initialised. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_sendmsg: . Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_sendmsg: msg sent for parsing. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_interp: parsing message ver=2, type=15, errno=0, satype=0(UNKNOWN), len=4, res=0, seq=1, pid=20887. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_alloc_ipsec_sa: allocated tdb struct=de9e5e88. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_interp: allocated extr->tdb=c5012400. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_interp: processing ext 1 c65b8ef0 with processor c01dbbf0. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_sa_process: . Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_interp: parsing message type 15 with msg_parser c01e0458. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_x_delflow_parse: . Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_x_delflow_parse: CLEARFLOW flag set, calling cleareroutes. Jun 12 18:17:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:17:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:17:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_release: sock=c59deb20 sk=dfc9b0c0 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_destroy_socket: . Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_remove_socket: . Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_remove_socket: succeeded. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_destroy_socket: pfkey_remove_socket called. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_destroy_socket: sk(dfc9b0c0)->(&dfc9b114)receive_queue.{next=dfc9b114,prev=dfc9b114}. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_destroy_socket: destroyed. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_list_remove_socket: removing sock=c59deb20 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_release: succeeded. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_create: sock=c59deb20 type:3 state:1 flags:0 protocol:2 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_create: sock->fasync_list=00000000 sk->sleep=c59deb3c. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_insert_socket: sk=dfc9b0c0 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_list_insert_socket: socketp=c59deb20 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_create: Socket sock=c59deb20 sk=dfc9b0c0 initialised. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_sendmsg: . Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_sendmsg: msg sent for parsing. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_interp: parsing message ver=2, type=9, errno=0, satype=0(UNKNOWN), len=2, res=0, seq=1, pid=20889. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_alloc_ipsec_sa: allocated tdb struct=dc1b1e88. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_interp: allocated extr->tdb=c5012400. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_interp: parsing message type 9 with msg_parser c01df5f4. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_flush_parse: flushing type 0 SAs Jun 12 18:17:29 gw1 kernel: klips_debug:ipsec_tdbcleanup: cleaning up proto=0. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_upmsg: allocating 16 bytes... Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_upmsg: ...allocated at c1845680. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_flush_parse: sending up flush reply message for satype=0(UNKNOWN) to socket=c59deb20 succeeded. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_release: sock=c59deb20 sk=dfc9b0c0 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_destroy_socket: . Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_remove_socket: . Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_remove_socket: succeeded. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_destroy_socket: pfkey_remove_socket called. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_destroy_socket: sk(dfc9b0c0)->(&dfc9b114)receive_queue.{next=c1845680,prev=c1845680}. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_destroy_socket: skb=c1845680 freed. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_destroy_socket: destroyed. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_list_remove_socket: removing sock=c59deb20 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_release: succeeded. Jun 12 18:17:29 gw1 ipsec_setup: KLIPS ipsec0 on eth0:5 65.219.193.250/255.255.255.224 broadcast 65.255.255.255 Jun 12 18:17:29 gw1 kernel: klips_debug:ipsec_tunnel_ioctl: tncfg service call #35312 for dev=ipsec0 Jun 12 18:17:29 gw1 kernel: klips_debug:ipsec_tunnel_ioctl: calling ipsec_tunnel_attatch... Jun 12 18:17:29 gw1 kernel: klips_debug:ipsec_tunnel_attach: physical device eth0 being attached has HW address: 0:02:b3:86:28:6a Jun 12 18:17:29 gw1 kernel: klips_debug:ipsec_tunnel_open: dev = ipsec0, prv->dev = eth0 Jun 12 18:17:29 gw1 kernel: klips_debug:ipsec_device_event: NETDEV_UP dev=ipsec0 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_create: sock=c610de80 type:3 state:1 flags:0 protocol:2 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_create: sock->fasync_list=00000000 sk->sleep=c610de9c. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_insert_socket: sk=dfc9aa40 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_list_insert_socket: socketp=c610de80 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_create: Socket sock=c610de80 sk=dfc9aa40 initialised. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_sendmsg: . Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_sendmsg: msg sent for parsing. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_interp: parsing message ver=2, type=7, errno=0, satype=2(AH), len=2, res=0, seq=1, pid=20911. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_alloc_ipsec_sa: allocated tdb struct=dcb89e88. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_interp: allocated extr->tdb=c5012400. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_interp: parsing message type 7 with msg_parser c01df078. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: . Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_list_insert_socket: socketp=c610de80 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: SATYPE=02(AH) successfully registered by KMd (pid=20911). Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: pfkey_supported_list[2]=c1843320 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: checking supported=c1843320 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: adding auth alg. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: checking supported=c1843300 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: adding auth alg. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: found satype=2(AH) exttype=14 id=3 ivlen=0 minbits=160 maxbits=160. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: found satype=2(AH) exttype=14 id=2 ivlen=0 minbits=128 maxbits=128. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_hdr_build: Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_hdr_build: on_entry &pfkey_ext=dcb89db8 pfkey_ext=dcb89e00 *pfkey_ext=00000000. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_hdr_build: on_exit &pfkey_ext=dcb89db8 pfkey_ext=dcb89e00 *pfkey_ext=c65b8e80. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_build: pfkey_msg=de555760 allocated 40 bytes, &(extensions[0])=dcb89e00 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[14]=c65b8fa0 to=de555770 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_build: extensions permitted=0000c001, seen=00004001, required=00000001. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_upmsg: allocating 40 bytes... Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_upmsg: ...allocated at cd9cb3c0. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: sending up register reply message for satype=2(AH) to socket=c610de80 succeeded. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_sendmsg: . Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_sendmsg: msg sent for parsing. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_interp: parsing message ver=2, type=7, errno=0, satype=3(ESP), len=2, res=0, seq=2, pid=20911. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_alloc_ipsec_sa: allocated tdb struct=dcb89e88. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_interp: allocated extr->tdb=c5012400. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_interp: parsing message type 7 with msg_parser c01df078. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: . Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_list_insert_socket: socketp=c610de80 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: SATYPE=03(ESP) successfully registered by KMd (pid=20911). Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: pfkey_supported_list[3]=c1843380 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: checking supported=c1843380 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: adding encrypt alg. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: checking supported=c1843360 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: adding auth alg. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: checking supported=c1843340 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: adding auth alg. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: found satype=3(ESP) exttype=15 id=3 ivlen=128 minbits=168 maxbits=168. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: found satype=3(ESP) exttype=14 id=3 ivlen=0 minbits=160 maxbits=160. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: found satype=3(ESP) exttype=14 id=2 ivlen=0 minbits=128 maxbits=128. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_hdr_build: Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_hdr_build: on_entry &pfkey_ext=dcb89db8 pfkey_ext=dcb89e00 *pfkey_ext=00000000. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_hdr_build: on_exit &pfkey_ext=dcb89db8 pfkey_ext=dcb89e00 *pfkey_ext=c65b8dc0. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_build: pfkey_msg=de555a60 allocated 56 bytes, &(extensions[0])=dcb89e00 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[14]=c65b8f00 to=de555a70 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_build: copying 16 bytes from extensions[15]=c65b8f20 to=de555a88 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_build: extensions permitted=0000c001, seen=0000c001, required=00000001. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_upmsg: allocating 56 bytes... Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_upmsg: ...allocated at cd9cb480. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: sending up register reply message for satype=3(ESP) to socket=c610de80 succeeded. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_sendmsg: . Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_sendmsg: msg sent for parsing. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_interp: parsing message ver=2, type=7, errno=0, satype=10(COMP), len=2, res=0, seq=3, pid=20911. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_alloc_ipsec_sa: allocated tdb struct=dcb89e88. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_interp: allocated extr->tdb=c5012400. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_interp: parsing message type 7 with msg_parser c01df078. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: . Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_list_insert_socket: socketp=c610de80 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: SATYPE=10(COMP) successfully registered by KMd (pid=20911). Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: pfkey_supported_list[10]=c18433a0 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: checking supported=c18433a0 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: adding encrypt alg. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: found satype=10(COMP) exttype=15 id=2 ivlen=0 minbits=1 maxbits=1. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_hdr_build: Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_hdr_build: on_entry &pfkey_ext=dcb89db8 pfkey_ext=dcb89e00 *pfkey_ext=00000000. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_hdr_build: on_exit &pfkey_ext=dcb89db8 pfkey_ext=dcb89e00 *pfkey_ext=c65b8dc0. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_build: pfkey_msg=c65b8e80 allocated 32 bytes, &(extensions[0])=dcb89e00 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_build: copying 16 bytes from extensions[15]=c65b8ba0 to=c65b8e90 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_build: extensions permitted=0000c001, seen=00008001, required=00000001. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_upmsg: allocating 32 bytes... Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_upmsg: ...allocated at cd9cb480. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: sending up register reply message for satype=10(COMP) to socket=c610de80 succeeded. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_sendmsg: . Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_sendmsg: msg sent for parsing. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_interp: parsing message ver=2, type=7, errno=0, satype=9(IPIP), len=2, res=0, seq=4, pid=20911. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_alloc_ipsec_sa: allocated tdb struct=dcb89e88. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_interp: allocated extr->tdb=c5012400. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_interp: parsing message type 7 with msg_parser c01df078. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: . Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_list_insert_socket: socketp=c610de80 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: SATYPE=09(IPIP) successfully registered by KMd (pid=20911). Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: pfkey_supported_list[9]=c18433c0 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: checking supported=c18433c0 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: adding encrypt alg. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: found satype=9(IPIP) exttype=15 id=1 ivlen=0 minbits=32 maxbits=32. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_hdr_build: Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_hdr_build: on_entry &pfkey_ext=dcb89db8 pfkey_ext=dcb89e00 *pfkey_ext=00000000. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_hdr_build: on_exit &pfkey_ext=dcb89db8 pfkey_ext=dcb89e00 *pfkey_ext=c65b8e80. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_build: pfkey_msg=c65b8fc0 allocated 32 bytes, &(extensions[0])=dcb89e00 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_build: copying 16 bytes from extensions[15]=c65b8f00 to=c65b8fd0 Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_msg_build: extensions permitted=0000c001, seen=00008001, required=00000001. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_upmsg: allocating 32 bytes... Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_upmsg: ...allocated at c1845680. Jun 12 18:17:29 gw1 kernel: klips_debug:pfkey_register_parse: sending up register reply message for satype=9(IPIP) to socket=c610de80 succeeded. Jun 12 18:17:29 gw1 ipsec_setup: ...FreeS/WAN IPsec started Jun 12 18:19:29 gw1 kernel: klips_debug:@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:19:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:19:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:19:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xdc0dc000, *start=0x0, offset=0, length=3072 Jun 12 18:19:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:19:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:19:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:20:58 gw1 kernel: klips_debug:ipsec_version_get_info: buffer=0xdcd41000, *start=0x0, offset=0, length=3072 Jun 12 18:20:58 gw1 kernel: klips_debug:ipsec_version_get_info: buffer=0xdcd41000, *start=0x0, offset=24, length=3072 Jun 12 18:20:58 gw1 kernel: klips_debug:@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:20:58 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:20:58 gw1 kernel: klips_debug: off = 0 Jun 12 18:20:58 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xdd615000, *start=0x0, offset=0, length=3072 Jun 12 18:20:58 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:20:58 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:20:58 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:20:58 gw1 kernel: klips_debug:ipsec_spi_get_info: buffer=0xdcda1000, *start=0x0, offset=0, length=3072 Jun 12 18:20:58 gw1 kernel: klips_debug:ipsec_spigrp_get_info: buffer=0xdcda1000, *start=0x0, offset=0, length=3072 Jun 12 18:20:58 gw1 kernel: klips_debug:ipsec_tncfg_get_info: buffer=0xdcda1000, *start=0x0, offset=0, length=3072 Jun 12 18:20:58 gw1 kernel: klips_debug:ipsec_tncfg_get_info: buffer=0xdcda1000, *start=0x0, offset=126, length=3072 Jun 12 18:20:58 gw1 kernel: klips_debug:ipsec_version_get_info: buffer=0xc7b7c000, *start=0x0, offset=0, length=3072 Jun 12 18:20:58 gw1 kernel: klips_debug:ipsec_version_get_info: buffer=0xc7b7c000, *start=0x0, offset=24, length=3072 Jun 12 18:21:14 gw1 kernel: klips_debug:ipsec_version_get_info: buffer=0xdcfa7000, *start=0x0, offset=0, length=3072 Jun 12 18:21:14 gw1 kernel: klips_debug:ipsec_version_get_info: buffer=0xdcfa7000, *start=0x0, offset=24, length=3072 Jun 12 18:21:14 gw1 kernel: klips_debug:@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:21:14 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:21:14 gw1 kernel: klips_debug: off = 0 Jun 12 18:21:14 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xdd966000, *start=0x0, offset=0, length=3072 Jun 12 18:21:14 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:21:14 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:21:14 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:21:14 gw1 kernel: klips_debug:ipsec_spi_get_info: buffer=0xddacb000, *start=0x0, offset=0, length=3072 Jun 12 18:21:14 gw1 kernel: klips_debug:ipsec_spigrp_get_info: buffer=0xddacb000, *start=0x0, offset=0, length=3072 Jun 12 18:21:14 gw1 kernel: klips_debug:ipsec_tncfg_get_info: buffer=0xddacb000, *start=0x0, offset=0, length=3072 Jun 12 18:21:14 gw1 kernel: klips_debug:ipsec_tncfg_get_info: buffer=0xddacb000, *start=0x0, offset=126, length=3072 Jun 12 18:21:14 gw1 kernel: klips_debug:ipsec_version_get_info: buffer=0xc711b000, *start=0x0, offset=0, length=3072 Jun 12 18:21:14 gw1 kernel: klips_debug:ipsec_version_get_info: buffer=0xc711b000, *start=0x0, offset=24, length=3072 Jun 12 18:21:29 gw1 kernel: klips_debug:@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:21:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:21:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:21:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xc26f0000, *start=0x0, offset=0, length=3072 Jun 12 18:21:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:21:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:21:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:23:29 gw1 kernel: klips_debug:@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:23:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:23:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:23:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xc26f0000, *start=0x0, offset=0, length=3072 Jun 12 18:23:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:23:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:23:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:25:29 gw1 kernel: klips_debug:@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:25:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:25:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:25:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xc26f0000, *start=0x0, offset=0, length=3072 Jun 12 18:25:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:25:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:25:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:27:29 gw1 kernel: klips_debug:@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:27:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:27:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:27:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xc26f0000, *start=0x0, offset=0, length=3072 Jun 12 18:27:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:27:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:27:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:29:29 gw1 kernel: klips_debug:@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:29:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:29:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:29:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xdd791000, *start=0x0, offset=0, length=3072 Jun 12 18:29:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:29:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:29:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_sendmsg: . Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_sendmsg: msg sent for parsing. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: parsing message ver=2, type=3, errno=0, satype=3(ESP), len=17, res=0, seq=5, pid=20911. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_alloc_ipsec_sa: allocated tdb struct=dcb89e88. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: allocated extr->tdb=c5012a00. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: satype 3 lookups to proto=50. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: processing ext 1 ce145b90 with processor c01dbbf0. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_sa_process: . Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: processing ext 5 ce145ba0 with processor c01dbea8. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found address family=2, AF_INET, 149.2.24.213. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found src address. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: processing ext 6 ce145bb8 with processor c01dbea8. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found address family=2, AF_INET, 65.219.193.250. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found dst address. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: tdb_said.dst set to 65.219.193.250. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: processing ext 8 ce145bd0 with processor c01dc31c. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_key_process: . Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_key_process: success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: processing ext 9 ce145be8 with processor c01dc31c. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_key_process: . Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_key_process: success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: parsing message type 3 with msg_parser c01de0bc. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_add_parse: . Jun 12 18:30:02 gw1 kernel: klips_debug:gettdb: linked entry in tdb table for hash=133 of SA:esp0xd45babfe@65.219.193.250 requested. Jun 12 18:30:02 gw1 kernel: klips_debug:gettdb: no entries in tdb table for hash=133 of SA:esp0xd45babfe@65.219.193.250. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_add_parse: existing Tunnel Descriptor Block not found (this is good) for SAesp0xd45babfe@65.219.193.250, in-bound, allocating. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_ipsec_sa_init: (pfkey defined) called for SA:esp0xd45babfe@65.219.193.250 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_ipsec_sa_init: calling init routine of ESP_3DES_HMAC_MD5 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_hdr_build: Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_hdr_build: on_entry &pfkey_ext=dcb89da0 pfkey_ext=dcb89dd8 *pfkey_ext=00000000. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_hdr_build: on_exit &pfkey_ext=dcb89da0 pfkey_ext=dcb89dd8 *pfkey_ext=c65b8fc0. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_sa_build: spi=d45babfe replay=64 sa_state=1 auth=2 encrypt=3 flags=1 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: exttype=5 proto=0 prefixlen=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address family AF_INET. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address=149.2.24.213:500. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: exttype=6 proto=0 prefixlen=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address family AF_INET. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address=65.219.193.250:0. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: pfkey_msg=c578b5a0 allocated 80 bytes, &(extensions[0])=dcb89dd8 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: copying 16 bytes from extensions[1]=c65b8dc0 to=c578b5b0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[5]=dea5e200 to=c578b5c0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[6]=dea5e1e0 to=c578b5d8 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: extensions permitted=00001c7b, seen=00000063, required=00000063. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_upmsg: allocating 80 bytes... Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_upmsg: ...allocated at cd7dada0. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_add_parse: sending up add reply message for satype=3(ESP) to socket=c610de80 succeeded. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_add_parse: successful for SA: esp0xd45babfe@65.219.>klips_debug:pfkey_address_process: found address family=2, AF_INET, 65.219.193.250. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found dst address. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: tdb_said.dst set to 65.219.193.250. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: processing ext 18 c578b858 with processor c01dc700. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_x_satype_process: . Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_alloc_ipsec_sa: allocated tdb struct=dcb89e8c. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_x_satype_process: protocol==50 decoded from satype==3(ESP). Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: processing ext 19 c578b860 with processor c01dbbf0. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_sa_process: . Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_alloc_ipsec_sa: tdb struct already allocated Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: processing ext 20 c578b870 with processor c01dbea8. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found address family=2, AF_INET, 65.219.193.250. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found 2nd dst address. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_alloc_ipsec_sa: tdb struct already allocated Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: tdb_said.dst set to 65.219.193.250. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: parsing message type 13 with msg_parser c01df75c. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_x_grpsa_parse: . Jun 12 18:30:02 gw1 kernel: klips_debug:gettdb: linked entry in tdb table for hash=65 of SA:tun0x1001@65.219.193.250 requested. Jun 12 18:30:02 gw1 kernel: klips_debug:gettdb: linked entry in tdb table for hash=133 of SA:esp0xd45babfe@65.219.193.250 requested. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_hdr_build: Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_hdr_build: on_entry &pfkey_ext=dcb89d78 pfkey_ext=dcb89e00 *pfkey_ext=00000000. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_hdr_build: on_exit &pfkey_ext=dcb89d78 pfkey_ext=dcb89e00 *pfkey_ext=dea5e200. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_sa_build: spi=00001001 replay=0 sa_state=0 auth=0 encrypt=0 flags=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: exttype=6 proto=0 prefixlen=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address family AF_INET. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address=65.219.193.250:0. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_x_satype_build: Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_sa_build: spi=d45babfe replay=0 sa_state=0 auth=0 encrypt=0 flags=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: exttype=20 proto=0 prefixlen=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address family AF_INET. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address=65.219.193.250:0. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: pfkey_msg=c578baa0 allocated 104 bytes, &(extensions[0])=dcb89e00 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: copying 16 bytes from extensions[1]=dea5e1e0 to=c578bab0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[6]=dea5e260 to=c578bac0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: copying 8 bytes from extensions[18]=dea5e280 to=c578bad8 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: copying 16 bytes from extensions[19]=dea5e2a0 to=c578bae0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[20]=dea5e2c0 to=c578baf0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: extensions permitted=001c0043, seen=001c0043, required=00000043. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_upmsg: allocating 104 bytes... Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_upmsg: ...allocated at deb9d980. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_x_grpsa_parse: sending up x_grpsa reply message for satype=9(IPIP) to socket=c610de80 succeeded. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_x_grpsa_parse: succeeded in sending x_grpsa reply message. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_sendmsg: . Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_sendmsg: msg sent for parsing. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: parsing message ver=2, type=3, errno=0, satype=3(ESP), len=17, key_msg_build: pfkey_msg=c578baa0 allocated 80 bytes, &(extensions[0])=dcb89dd8 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: copying 16 bytes from extensions[1]=dea5e2a0 to=c578bab0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[5]=dea5e260 to=c578bac0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[6]=dea5e1e0 to=c578bad8 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: extensions permitted=00001c7b, seen=00000063, required=00000063. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_upmsg: allocating 80 bytes... Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_upmsg: ...allocated at cda166a0. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_add_parse: sending up add reply message for satype=3(ESP) to socket=c610de80 succeeded. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_add_parse: successful for SA: esp0x7fb0c88b@149.2.24.213 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_sendmsg: . Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_sendmsg: msg sent for parsing. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: parsing message ver=2, type=3, errno=0, satype=9(IPIP), len=10, res=0, seq=9, pid=20911. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_alloc_ipsec_sa: allocated tdb struct=dcb89e88. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: allocated extr->tdb=c5012600. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: satype 9 lookups to proto=4. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: processing ext 1 c578b830 with processor c01dbbf0. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_sa_process: . Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: processing ext 5 c578b840 with processor c01dbea8. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found address family=2, AF_INET, 65.219.193.250. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found src address. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: processing ext 6 c578b858 with processor c01dbea8. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found address family=2, AF_INET, 149.2.24.213. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found dst address. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: tdb_said.dst set to 149.2.24.213. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: parsing message type 3 with msg_parser c01de0bc. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_add_parse: . Jun 12 18:30:02 gw1 kernel: klips_debug:gettdb: linked entry in tdb table for hash=233 of SA:tun0x1002@149.2.24.213 requested. Jun 12 18:30:02 gw1 kernel: klips_debug:gettdb: no entries in tdb table for hash=233 of SA:tun0x1002@149.2.24.213. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_add_parse: existing Tunnel Descriptor Block not found (this is good) for SAtun0x1002@149.2.24.213, out-bound, allocating. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_ipsec_sa_init: (pfkey defined) called for SA:tun0x1002@149.2.24.213 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_ipsec_sa_init: calling init routine of IPIP Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_ipsec_sa_init: (pfkey defined) IPIP tdb set for 65.219.193.250->149.2.24.213. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_hdr_build: Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_hdr_build: on_entry &pfkey_ext=dcb89da0 pfkey_ext=dcb89dd8 *pfkey_ext=00000000. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_hdr_build: on_exit &pfkey_ext=dcb89da0 pfkey_ext=dcb89dd8 *pfkey_ext=dea5e2a0. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_sa_build: spi=00001002 replay=0 sa_state=1 auth=0 encrypt=0 flags=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: exttype=5 proto=0 prefixlen=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address family AF_INET. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address=65.219.193.250:0. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: exttype=6 proto=0 prefixlen=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address family AF_INET. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address=149.2.24.213:500. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: pfkey_msg=c578b5a0 allocated 80 bytes, &(extensions[0])=dcb89dd8 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: copying 16 bytes from extensions[1]=dea5e2c0 to=c578b5b0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[5]=dea5e200 to=c578b5c0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[6]=dea5e2e0 to=c578b5d8 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: extensions permitted=00001c7b, seen=00000063, required=00000063. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_upmsg: allocating 80 bytes... Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_upmsg: ...allocated at dc69a9c0. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_add_parse: sending up add reply message for satype=9(IPIP) to socket=c610de80 succeeded. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_add_parse: successful for SA: tun0x1002@149.2.24.213 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_sendmsg: . Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_sendmsg: msg sent for parsing. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: parsing message ver=2, type=13, errno=0, satype=9(IPIP), len=13, res=0, seq=10, pid=20911. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_alloc_ipsec_sa: allocated tdb struct=dcb89e88. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: allocated extr->tdb=c5012200. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: satype 9 lookups to proto=4. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: processing ext 1 c578b830 with processor c01dbbf0. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_sa_process: . Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: processing ext 6 c578b840 with processor c01dbea8. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found address family=2, AF_INET, 149.2.24.213. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found dst address. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: tdb_said.dst set to 149.2.24.213. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: processing ext 18 c578b858 with processor c01dc700. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_x_satype_process: . Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_alloc_ipsec_sa: allocated tdb struct=dcb89e8c. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_x_satype_process: protocol==50 decoded from satype==3(ESP). Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: processing ext 19 c578b860 with processor c01dbbf0. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_sa_process: . Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_alloc_ipsec_sa: tdb struct already allocated Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: processing ext 20 c578b870 with processor c01dbea8. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found address family=2, AF_INET, 149.2.24.213. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found 2nd dst address. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_alloc_ipsec_sa: tdb struct already allocated Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: tdb_said.dst set to 149.2.24.213. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: parsing message type 13 with msg_parser c01df75c. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_x_grpsa_parse: . Jun 12 18:30:02 gw1 kernel: klips_debug:gettdb: linked entry in tdb table for hash=233 of SA:tun0x1002@149.2.24.213 requested. Jun 12 18:30:02 gw1 kernel: klips_debug:gettdb: linked entry in tdb table for hash=19 of SA:esp0x7fb0c88b@149.2.24.213 requested. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_hdr_build: Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_hdr_build: on_entry &pfkey_ext=dcb89d78 pfkey_ext=dcb89e00 *pfkey_ext=00000000. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_hdr_build: on_exit &pfkey_ext=dcb89d78 pfkey_ext=dcb89e00 *pfkey_ext=dea5e2c0. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_sa_build: spi=00001002 replay=0 sa_state=0 auth=0 encrypt=0 flags=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: exttype=6 proto=0 prefixlen=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address family AF_INET. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address=149.2.24.213:500. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_x_satype_build: Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_sa_build: spi=7fb0c88b replay=0 sa_state=0 auth=0 encrypt=0 flags=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: exttype=20 proto=0 prefixlen=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address family AF_INET. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address=149.2.24.213:500. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: pfkey_msg=c578b5a0 allocated 104 bytes, &(extensions[0])=dcb89e00 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: copying 16 bytes from extensions[1]=dea5e2a0 to=c578b5b0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[6]=dea5e300 to=c578b5c0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: copying 8 bytes from extensions[18]=dea5e320 to=c578b5d8 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: copying 16 bytes from extensions[19]=dea5e340 to=c578b5e0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[20]=dea5e360 to=c578b5f0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: extensions permitted=001c0043, seen=001c0043, required=00000043. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_upmsg: allocating 104 bytes... Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_upmsg: ...allocated at de05c8e0. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_x_grpsa_parse: sending up x_grpsa reply message for satype=9(IPIP) to socket=c610de80 succeeded. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_x_grpsa_parse: succeeded in sending x_grpsa reply message. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_sendmsg: . Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_sendmsg: msg sent for parsing. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: parsing message ver=2, type=14, errno=0, satype=9(IPIP), len=22, res=0, seq=11, pid=20911. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_alloc_ipsec_sa: allocated tdb struct=dcb89e88. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: allocated extr->tdb=c5012200. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: satype 9 lookups to proto=4. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: processing ext 1 ce145a90 with processor c01dbbf0. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_sa_process: . Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: processing ext 5 ce145aa0 with processor c01dbea8. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found address family=2, AF_INET, 65.219.193.250. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found src address. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: processing ext 6 ce145ab8 with processor c01dbea8. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found address family=2, AF_INET, 149.2.24.213. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found dst address. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: tdb_said.dst set to 149.2.24.213. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: processing ext 21 ce145ad0 with processor c01dbea8. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found address family=2, AF_INET, 192.168.0.0. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found src flow address. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_alloc_eroute: allocated eroute struct=dcb89e90. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_parse: extr->eroute set to 192.168.0.0/0->0.0.0.0/0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: processing ext 22 ce145ae8 with processor c01dbea8. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found address family=2, AF_INET, 10.1.1.0. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found dst flow address. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_alloc_eroute: eroute struct already allocated Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_parse: extr->eroute set to 192.168.0.0/0->10.1.1.0/0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: processing ext 23 ce145b00 with processor c01dbea8. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found address family=2, AF_INET, 255.255.255.0. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found src mask address. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_alloc_eroute: eroute struct already allocated Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_parse: extr->eroute set to 192.168.0.0/24->10.1.1.0/0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: processing ext 24 ce145b18 with processor c01dbea8. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found address family=2, AF_INET, 255.255.255.0. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: found dst mask address. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_alloc_eroute: eroute struct already allocated Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_parse: extr->eroute set to 192.168.0.0/24->10.1.1.0/24 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_process: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_interp: parsing message type 14 with msg_parser c01dfcb4. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_x_addflow_parse: . Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_x_addflow_parse: calling breakeroute and/or makeroute for 192.168.0.0/24->10.1.1.0/24 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_x_addflow_parse: calling makeroute. Jun 12 18:30:02 gw1 kernel: klips_debug:ipsec_makeroute: attempting to insert eroute for 192.168.0.0/24->10.1.1.0/24, SA: tun0x1002@149.2.24.213, PID:20911, skb=00000000, ident:NULL->NULL Jun 12 18:30:02 gw1 kernel: klips_debug:ipsec_makeroute: succeeded, I think... Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_x_addflow_parse: makeroute call successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_hdr_build: Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_hdr_build: on_entry &pfkey_ext=dcb89c90 pfkey_ext=dcb89d80 *pfkey_ext=00000000. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_hdr_build: on_exit &pfkey_ext=dcb89c90 pfkey_ext=dcb89d80 *pfkey_ext=dea5e360. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_sa_build: spi=00001002 replay=0 sa_state=0 auth=0 encrypt=0 flags=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: exttype=5 proto=0 prefixlen=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address family AF_INET. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address=65.219.193.250:0. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: exttype=6 proto=0 prefixlen=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address family AF_INET. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address=149.2.24.213:500. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: exttype=21 proto=0 prefixlen=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address family AF_INET. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address=192.168.0.0:0. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: exttype=22 proto=0 prefixlen=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address family AF_INET. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address=10.1.1.0:0. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: exttype=23 proto=0 prefixlen=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address family AF_INET. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address=255.255.255.0:0. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: exttype=24 proto=0 prefixlen=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address family AF_INET. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: found address=255.255.255.0:0. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_address_build: successful. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build: error=0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_safe_build:success. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: pfkey_msg=decbf3a0 allocated 176 bytes, &(extensions[0])=dcb89d80 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: copying 16 bytes from extensions[1]=dea5e340 to=decbf3b0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[5]=dea5e320 to=decbf3c0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[6]=dea5e300 to=decbf3d8 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[21]=dea5e2a0 to=decbf3f0 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[22]=dea5e2c0 to=decbf408 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[23]=dea5e380 to=decbf420 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[24]=dea5e3a0 to=decbf438 Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_msg_build: extensions permitted=01e00063, seen=01e00063, required=01e00043. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_upmsg: allocating 176 bytes... Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_upmsg: ...allocated at de819480. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_x_addflow_parse: sending up x_addflow reply message for satype=9(IPIP) (proto=4) to socket=c610de80 succeeded. Jun 12 18:30:02 gw1 kernel: klips_debug:pfkey_x_addflow_parse: extr->tdb cleaned up and freed. Jun 12 18:30:20 gw1 kernel: klips_debug:ipsec_version_get_info: buffer=0xdcb51000, *start=0x0, offset=0, length=3072 Jun 12 18:30:20 gw1 kernel: klips_debug:ipsec_version_get_info: buffer=0xdcb51000, *start=0x0, offset=24, length=3072 Jun 12 18:30:20 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:30:20 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:30:20 gw1 kernel: klips_debug:* off = 0 Jun 12 18:30:20 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:30:20 gw1 kernel: klips_debug: off = 0 Jun 12 18:30:20 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xdd9dc000, *start=0x0, offset=0, length=3072 Jun 12 18:30:20 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:30:20 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:30:20 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:30:20 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:30:20 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:30:20 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:30:20 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=c796ff4c Jun 12 18:30:20 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:30:20 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:30:20 gw1 kernel: klips_debug:* off = 0 Jun 12 18:30:20 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:30:20 gw1 kernel: klips_debug: off = 0 Jun 12 18:30:20 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xdd510000, *start=0x0, offset=78, length=3072 Jun 12 18:30:20 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:30:20 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:30:20 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:30:20 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:30:20 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:30:20 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:30:20 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=c796ff4c Jun 12 18:30:20 gw1 kernel: klips_debug:ipsec_spi_get_info: buffer=0xdcc1d000, *start=0x0, offset=0, length=3072 Jun 12 18:30:20 gw1 kernel: klips_debug:ipsec_spi_get_info: buffer=0xdcc1d000, *start=0x0, offset=538, length=3072 Jun 12 18:30:20 gw1 kernel: klips_debug:ipsec_spigrp_get_info: buffer=0xdcc1d000, *start=0x0, offset=0, length=3072 Jun 12 18:30:20 gw1 kernel: klips_debug:ipsec_spigrp_get_info: buffer=0xdcc1d000, *start=0x0, offset=106, length=3072 Jun 12 18:30:20 gw1 kernel: klips_debug:ipsec_tncfg_get_info: buffer=0xdcc1d000, *start=0x0, offset=0, length=3072 Jun 12 18:30:20 gw1 kernel: klips_debug:ipsec_tncfg_get_info: buffer=0xdcc1d000, *start=0x0, offset=126, length=3072 Jun 12 18:30:20 gw1 kernel: klips_debug:ipsec_version_get_info: buffer=0xc369e000, *start=0x0, offset=0, length=3072 Jun 12 18:30:20 gw1 kernel: klips_debug:ipsec_version_get_info: buffer=0xdd9e3000, *start=0x0, offset=24, length=3072 Jun 12 18:31:29 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:31:29 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:31:29 gw1 kernel: klips_debug:* off = 0 Jun 12 18:31:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:31:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:31:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xdd510000, *start=0x0, offset=0, length=3072 Jun 12 18:31:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:31:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:31:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:31:29 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:31:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:31:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:31:29 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=dcb89f4c Jun 12 18:31:29 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:31:29 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:31:29 gw1 kernel: klips_debug:* off = 0 Jun 12 18:31:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:31:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:31:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xdd510000, *start=0x0, offset=78, length=3072 Jun 12 18:31:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:31:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:31:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:31:29 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:31:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:31:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:31:29 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=dcb89f4c Jun 12 18:33:29 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:33:29 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:33:29 gw1 kernel: klips_debug:* off = 0 Jun 12 18:33:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:33:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:33:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xdd5a0000, *start=0x0, offset=0, length=3072 Jun 12 18:33:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:33:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:33:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:33:29 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:33:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:33:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:33:29 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=dcb89f4c Jun 12 18:33:29 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:33:29 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:33:29 gw1 kernel: klips_debug:* off = 0 Jun 12 18:33:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:33:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:33:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xdd5a0000, *start=0x0, offset=78, length=3072 Jun 12 18:33:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:33:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:33:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:33:29 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:33:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:33:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:33:29 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=dcb89f4c Jun 12 18:35:29 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:35:29 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:35:29 gw1 kernel: klips_debug:* off = 0 Jun 12 18:35:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:35:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:35:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xdc2a0000, *start=0x0, offset=0, length=3072 Jun 12 18:35:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:35:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:35:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:35:29 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:35:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:35:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:35:29 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=dcb89f4c Jun 12 18:35:29 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:35:29 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:35:29 gw1 kernel: klips_debug:* off = 0 Jun 12 18:35:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:35:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:35:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xdc2a0000, *start=0x0, offset=78, length=3072 Jun 12 18:35:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:35:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:35:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:35:29 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:35:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:35:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:35:29 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=dcb89f4c Jun 12 18:37:29 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:37:29 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:37:29 gw1 kernel: klips_debug:* off = 0 Jun 12 18:37:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:37:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:37:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xdc2a0000, *start=0x0, offset=0, length=3072 Jun 12 18:37:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:37:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:37:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:37:29 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:37:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:37:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:37:29 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=dcb89f4c Jun 12 18:37:29 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:37:29 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:37:29 gw1 kernel: klips_debug:* off = 0 Jun 12 18:37:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:37:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:37:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xdc2a0000, *start=0x0, offset=78, length=3072 Jun 12 18:37:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:37:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:37:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:37:29 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:37:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:37:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:37:29 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=dcb89f4c Jun 12 18:39:29 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:39:29 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:39:29 gw1 kernel: klips_debug:* off = 0 Jun 12 18:39:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:39:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:39:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xdc21e000, *start=0x0, offset=0, length=3072 Jun 12 18:39:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:39:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:39:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:39:29 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:39:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:39:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:39:29 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=dcb89f4c Jun 12 18:39:29 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:39:29 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:39:29 gw1 kernel: klips_debug:* off = 0 Jun 12 18:39:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:39:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:39:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xdc21e000, *start=0x0, offset=78, length=3072 Jun 12 18:39:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:39:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:39:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:39:29 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:39:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:39:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:39:29 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=dcb89f4c Jun 12 18:41:29 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:41:29 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:41:29 gw1 kernel: klips_debug:* off = 0 Jun 12 18:41:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:41:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:41:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xdea74000, *start=0x0, offset=0, length=3072 Jun 12 18:41:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:41:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:41:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:41:29 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:41:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:41:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:41:29 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=dcb89f4c Jun 12 18:41:29 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:41:29 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:41:29 gw1 kernel: klips_debug:* off = 0 Jun 12 18:41:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:41:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:41:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xdea74000, *start=0x0, offset=78, length=3072 Jun 12 18:41:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:41:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:41:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:41:29 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:41:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:41:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:41:29 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=dcb89f4c Jun 12 18:43:29 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:43:29 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:43:29 gw1 kernel: klips_debug:* off = 0 Jun 12 18:43:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:43:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:43:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xdea74000, *start=0x0, offset=0, length=3072 Jun 12 18:43:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:43:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:43:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:43:29 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:43:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:43:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:43:29 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=dcb89f4c Jun 12 18:43:29 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:43:29 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:43:29 gw1 kernel: klips_debug:* off = 0 Jun 12 18:43:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:43:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:43:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xdea74000, *start=0x0, offset=78, length=3072 Jun 12 18:43:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:43:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:43:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:43:29 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:43:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:43:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:43:29 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=dcb89f4c Jun 12 18:45:29 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:45:29 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:45:29 gw1 kernel: klips_debug:* off = 0 Jun 12 18:45:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:45:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:45:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xc2963000, *start=0x0, offset=0, length=3072 Jun 12 18:45:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:45:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:45:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:45:29 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:45:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:45:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:45:29 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=dcb89f4c Jun 12 18:45:29 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:45:29 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:45:29 gw1 kernel: klips_debug:* off = 0 Jun 12 18:45:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:45:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:45:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xc2963000, *start=0x0, offset=78, length=3072 Jun 12 18:45:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:45:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:45:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:45:29 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:45:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:45:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:45:29 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=dcb89f4c Jun 12 18:47:29 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:47:29 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:47:29 gw1 kernel: klips_debug:* off = 0 Jun 12 18:47:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:47:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:47:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xde95b000, *start=0x0, offset=0, length=3072 Jun 12 18:47:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:47:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:47:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:47:29 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:47:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:47:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:47:29 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=dcb89f4c Jun 12 18:47:29 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:47:29 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:47:29 gw1 kernel: klips_debug:* off = 0 Jun 12 18:47:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:47:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:47:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xde95b000, *start=0x0, offset=78, length=3072 Jun 12 18:47:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:47:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:47:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:47:29 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:47:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:47:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:47:29 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=dcb89f4c Jun 12 18:49:27 gw1 kernel: klips_debug:ipsec_tunnel_neigh_setup: Jun 12 18:49:27 gw1 kernel: klips_debug:ipsec_tunnel_hard_header: skb->dev=ipsec0 dev=ipsec0. Jun 12 18:49:27 gw1 kernel: klips_debug:ipsec_tunnel_hard_header: Revectored 0x00000000->0xcdc49d48 len=84 type=2048 dev=ipsec0->eth0 dev_addr=00:02:b3:86:28:6a ip=41dbc1fa->0a01013a Jun 12 18:49:27 gw1 kernel: klips_debug:ipsec_tunnel_start_xmit: >>> skb->len=98 hard_header_len:14 00:02:b3:86:28:6a:00:02:b3:86:28:6a:08:00 Jun 12 18:49:27 gw1 kernel: klips_debug: IP: ihl:20 ver:4 tos:0 tlen:84 id:0 DF frag_off:0 ttl:64 proto:1 (ICMP) chk:11161 saddr:65.219.193.250 daddr:10.1.1.58 type:code=8:0 Jun 12 18:49:27 gw1 kernel: klips_debug:ipsec_findroute: 65.219.193.250->10.1.1.58 Jun 12 18:49:27 gw1 kernel: klips_debug:rj_match: * See if we match exactly as a host destination Jun 12 18:49:27 gw1 kernel: klips_debug:rj_match: ** try to match a leaf, t=0xdecbfca0 Jun 12 18:49:27 gw1 kernel: klips_debug:rj_match: *** start searching up the tree, t=0xdecbfca0 Jun 12 18:49:27 gw1 kernel: klips_debug:rj_match: **** t=0xdecbfcb8 Jun 12 18:49:27 gw1 kernel: klips_debug:rj_match: **** t=0xdfefc5e0 Jun 12 18:49:27 gw1 kernel: klips_debug:rj_match: ***** cp2=0xc1851578 cp3=0xde5551d0 Jun 12 18:49:27 gw1 kernel: klips_debug:rj_match: ***** not found. Jun 12 18:49:27 gw1 kernel: klips_debug:ipsec_tunnel_start_xmit: checking for local udp/500 IKE packet saddr=41dbc1fa, er=00000000, daddr=a01013a, er_dst=0, proto=1 sport=0 dport=0 Jun 12 18:49:27 gw1 kernel: klips_debug:ipsec_tunnel_start_xmit: Original head,tailroom: 2,28 Jun 12 18:49:27 gw1 kernel: klips_debug:ipsec_tunnel_start_xmit: shunt SA of DROP or no eroute: dropping. Jun 12 18:49:28 gw1 kernel: klips_debug:ipsec_tunnel_hard_header: skb->dev=ipsec0 dev=ipsec0. Jun 12 18:49:28 gw1 kernel: klips_debug:ipsec_tunnel_hard_header: Revectored 0x00000000->0xcdc49d48 len=84 type=2048 dev=ipsec0->eth0 dev_addr=00:02:b3:86:28:6a ip=41dbc1fa->0a01013a Jun 12 18:49:28 gw1 kernel: klips_debug:ipsec_tunnel_start_xmit: >>> skb->len=98 hard_header_len:14 00:02:b3:86:28:6a:00:02:b3:86:28:6a:08:00 Jun 12 18:49:28 gw1 kernel: klips_debug: IP: ihl:20 ver:4 tos:0 tlen:84 id:0 DF frag_off:0 ttl:64 proto:1 (ICMP) chk:11161 saddr:65.219.193.250 daddr:10.1.1.58 type:code=8:0 Jun 12 18:49:28 gw1 kernel: klips_debug:ipsec_findroute: 65.219.193.250->10.1.1.58 Jun 12 18:49:28 gw1 kernel: klips_debug:rj_match: * See if we match exactly as a host destination Jun 12 18:49:28 gw1 kernel: klips_debug:rj_match: ** try to match a leaf, t=0xdecbfca0 Jun 12 18:49:28 gw1 kernel: klips_debug:rj_match: *** start searching up the tree, t=0xdecbfca0 Jun 12 18:49:28 gw1 kernel: klips_debug:rj_match: **** t=0xdecbfcb8 Jun 12 18:49:28 gw1 kernel: klips_debug:rj_match: **** t=0xdfefc5e0 Jun 12 18:49:28 gw1 kernel: klips_debug:rj_match: ***** cp2=0xc1851578 cp3=0xde5551d0 Jun 12 18:49:28 gw1 kernel: klips_debug:rj_match: ***** not found. Jun 12 18:49:28 gw1 kernel: klips_debug:ipsec_tunnel_start_xmit: checking for local udp/500 IKE packet saddr=41dbc1fa, er=00000000, daddr=a01013a, er_dst=0, proto=1 sport=0 dport=0 Jun 12 18:49:28 gw1 kernel: klips_debug:ipsec_tunnel_start_xmit: Original head,tailroom: 2,28 Jun 12 18:49:28 gw1 kernel: klips_debug:ipsec_tunnel_start_xmit: shunt SA of DROP or no eroute: dropping. Jun 12 18:49:29 gw1 kernel: klips_debug:ipsec_tunnel_hard_header: skb->dev=ipsec0 dev=ipsec0. Jun 12 18:49:29 gw1 kernel: klips_debug:ipsec_tunnel_hard_header: Revectored 0x00000000->0xcdc49d48 len=84 type=2048 dev=ipsec0->eth0 dev_addr=00:02:b3:86:28:6a ip=41dbc1fa->0a01013a Jun 12 18:49:29 gw1 kernel: klips_debug:ipsec_tunnel_start_xmit: >>> skb->len=98 hard_header_len:14 00:02:b3:86:28:6a:00:02:b3:86:28:6a:08:00 Jun 12 18:49:29 gw1 kernel: klips_debug: IP: ihl:20 ver:4 tos:0 tlen:84 id:0 DF frag_off:0 ttl:64 proto:1 (ICMP) chk:11161 saddr:65.219.193.250 daddr:10.1.1.58 type:code=8:0 Jun 12 18:49:29 gw1 kernel: klips_debug:ipsec_findroute: 65.219.193.250->10.1.1.58 Jun 12 18:49:29 gw1 kernel: klips_debug:rj_match: * See if we match exactly as a host destination Jun 12 18:49:29 gw1 kernel: klips_debug:rj_match: ** try to match a leaf, t=0xdecbfca0 Jun 12 18:49:29 gw1 kernel: klips_debug:rj_match: *** start searching up the tree, t=0xdecbfca0 Jun 12 18:49:29 gw1 kernel: klips_debug:rj_match: **** t=0xdecbfcb8 Jun 12 18:49:29 gw1 kernel: klips_debug:rj_match: **** t=0xdfefc5e0 Jun 12 18:49:29 gw1 kernel: klips_debug:rj_match: ***** cp2=0xc1851578 cp3=0xde5551d0 Jun 12 18:49:29 gw1 kernel: klips_debug:rj_match: ***** not found. Jun 12 18:49:29 gw1 kernel: klips_debug:ipsec_tunnel_start_xmit: checking for local udp/500 IKE packet saddr=41dbc1fa, er=00000000, daddr=a01013a, er_dst=0, proto=1 sport=0 dport=0 Jun 12 18:49:29 gw1 kernel: klips_debug:ipsec_tunnel_start_xmit: Original head,tailroom: 2,28 Jun 12 18:49:29 gw1 kernel: klips_debug:ipsec_tunnel_start_xmit: shunt SA of DROP or no eroute: dropping. Jun 12 18:49:29 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:49:29 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:49:29 gw1 kernel: klips_debug:* off = 0 Jun 12 18:49:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:49:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:49:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xdc4e5000, *start=0x0, offset=0, length=3072 Jun 12 18:49:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:49:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:49:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:49:29 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:49:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:49:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:49:29 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=dcb89f4c Jun 12 18:49:29 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:49:29 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:49:29 gw1 kernel: klips_debug:* off = 0 Jun 12 18:49:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:49:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:49:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xdc4e5000, *start=0x0, offset=78, length=3072 Jun 12 18:49:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:49:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:49:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:49:29 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:49:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:49:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:49:29 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=dcb89f4c Jun 12 18:49:30 gw1 kernel: klips_debug:ipsec_tunnel_hard_header: skb->dev=ipsec0 dev=ipsec0. Jun 12 18:49:30 gw1 kernel: klips_debug:ipsec_tunnel_hard_header: Revectored 0x00000000->0xcdc49d48 len=84 type=2048 dev=ipsec0->eth0 dev_addr=00:02:b3:86:28:6a ip=41dbc1fa->0a01013a Jun 12 18:49:30 gw1 kernel: klips_debug:ipsec_tunnel_start_xmit: >>> skb->len=98 hard_header_len:14 00:02:b3:86:28:6a:00:02:b3:86:28:6a:08:00 Jun 12 18:49:30 gw1 kernel: klips_debug: IP: ihl:20 ver:4 tos:0 tlen:84 id:0 DF frag_off:0 ttl:64 proto:1 (ICMP) chk:11161 saddr:65.219.193.250 daddr:10.1.1.58 type:code=8:0 Jun 12 18:49:30 gw1 kernel: klips_debug:ipsec_findroute: 65.219.193.250->10.1.1.58 Jun 12 18:49:30 gw1 kernel: klips_debug:rj_match: * See if we match exactly as a host destination Jun 12 18:49:30 gw1 kernel: klips_debug:rj_match: ** try to match a leaf, t=0xdecbfca0 Jun 12 18:49:30 gw1 kernel: klips_debug:rj_match: *** start searching up the tree, t=0xdecbfca0 Jun 12 18:49:30 gw1 kernel: klips_debug:rj_match: **** t=0xdecbfcb8 Jun 12 18:49:30 gw1 kernel: klips_debug:rj_match: **** t=0xdfefc5e0 Jun 12 18:49:30 gw1 kernel: klips_debug:rj_match: ***** cp2=0xc1851578 cp3=0xde5551d0 Jun 12 18:49:30 gw1 kernel: klips_debug:rj_match: ***** not found. Jun 12 18:49:30 gw1 kernel: klips_debug:ipsec_tunnel_start_xmit: checking for local udp/500 IKE packet saddr=41dbc1fa, er=00000000, daddr=a01013a, er_dst=0, proto=1 sport=0 dport=0 Jun 12 18:49:30 gw1 kernel: klips_debug:ipsec_tunnel_start_xmit: Original head,tailroom: 2,28 Jun 12 18:49:30 gw1 kernel: klips_debug:ipsec_tunnel_start_xmit: shunt SA of DROP or no eroute: dropping. Jun 12 18:51:29 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:51:29 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:51:29 gw1 kernel: klips_debug:* off = 0 Jun 12 18:51:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:51:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:51:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xddae8000, *start=0x0, offset=0, length=3072 Jun 12 18:51:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:51:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:51:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:51:29 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:51:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:51:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:51:29 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=dcb89f4c Jun 12 18:51:29 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:51:29 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:51:29 gw1 kernel: klips_debug:* off = 0 Jun 12 18:51:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:51:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:51:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xddae8000, *start=0x0, offset=78, length=3072 Jun 12 18:51:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:51:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:51:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:51:29 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:51:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:51:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:51:29 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=dcb89f4c Jun 12 18:53:29 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:53:29 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:53:29 gw1 kernel: klips_debug:* off = 0 Jun 12 18:53:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:53:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:53:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xdd2e1000, *start=0x0, offset=0, length=3072 Jun 12 18:53:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:53:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:53:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:53:29 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:53:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:53:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:53:29 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=dcb89f4c Jun 12 18:53:29 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:53:29 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:53:29 gw1 kernel: klips_debug:* off = 0 Jun 12 18:53:29 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:53:29 gw1 kernel: klips_debug: off = 0 Jun 12 18:53:29 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xdd2e1000, *start=0x0, offset=78, length=3072 Jun 12 18:53:29 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:53:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:53:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:53:29 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:53:29 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:53:29 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:53:29 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=dcb89f4c Jun 12 18:53:56 gw1 kernel: klips_debug:ipsec_version_get_info: buffer=0xd8b84000, *start=0x0, offset=0, length=3072 Jun 12 18:53:56 gw1 kernel: klips_debug:ipsec_version_get_info: buffer=0xd8b84000, *start=0x0, offset=24, length=3072 Jun 12 18:53:56 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:53:56 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:53:56 gw1 kernel: klips_debug:* off = 0 Jun 12 18:53:56 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:53:56 gw1 kernel: klips_debug: off = 0 Jun 12 18:53:56 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xd8f3b000, *start=0x0, offset=0, length=3072 Jun 12 18:53:56 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:53:56 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:53:56 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:53:56 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:53:56 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:53:56 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:53:56 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=dc1adf4c Jun 12 18:53:56 gw1 kernel: klips_debug:@@ flags = 6 @key = c1851560 key = 00000000->00000000 @mask = 00000000 Jun 12 18:53:56 gw1 kernel: klips_debug:@@ flags = 4 @key = decbfcf0 key = c0a80000->0a010100 @mask = de5551d0 mask = ffffff00->ffffff00 Jun 12 18:53:56 gw1 kernel: klips_debug:* off = 0 Jun 12 18:53:56 gw1 kernel: klips_debug:@ flags = 6 @key = c185156c key = ffffffff->ffffffff @mask = 00000000 Jun 12 18:53:56 gw1 kernel: klips_debug: off = 0 Jun 12 18:53:56 gw1 kernel: klips_debug:ipsec_eroute_get_info: buffer=0xd8f17000, *start=0x0, offset=78, length=3072 Jun 12 18:53:56 gw1 kernel: klips_debug:rj_walktree: for: rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:53:56 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:53:56 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=dfefc5c8 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Jun 12 18:53:56 gw1 kernel: klips_debug:rj_walktree: for: rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:53:56 gw1 kernel: klips_debug:rj_walktree: processing leaves, rn=dfefc5f8 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Jun 12 18:53:56 gw1 kernel: klips_debug:rj_walktree: while: base=00000000 rn=decbfca0 rj_b=-1 rj_flags=4 leaf key = c0a80000->0a010100 Jun 12 18:53:56 gw1 kernel: klips_debug:ipsec_rj_walker_procprint: rn=decbfca0, w0=dc1adf4c Jun 12 18:53:56 gw1 kernel: klips_debug:ipsec_spi_get_info: buffer=0xd8f17000, *start=0x0, offset=0, length=3072 Jun 12 18:53:56 gw1 kernel: klips_debug:ipsec_spi_get_info: buffer=0xd8f17000, *start=0x0, offset=538, length=3072 Jun 12 18:53:56 gw1 kernel: klips_debug:ipsec_spigrp_get_info: buffer=0xd8cfc000, *start=0x0, offset=0, length=3072 Jun 12 18:53:56 gw1 kernel: klips_debug:ipsec_spigrp_get_info: buffer=0xd8e32000, *start=0x0, offset=106, length=3072 Jun 12 18:53:56 gw1 kernel: klips_debug:ipsec_tncfg_get_info: buffer=0xd8e32000, *start=0x0, offset=0, length=3072 Jun 12 18:53:56 gw1 kernel: klips_debug:ipsec_tncfg_get_info: buffer=0xd8e32000, *start=0x0, offset=126, length=3072 Jun 12 18:53:57 gw1 kernel: klips_debug:ipsec_version_get_info: buffer=0xdb68e000, *start=0x0, offset=0, length=3072 Jun 12 18:53:57 gw1 kernel: klips_debug:ipsec_version_get_info: buffer=0xdb68e000, *start=0x0, offset=24, length=3072 + _________________________ plog + sed -n '32297,$p' /var/log/auth.log + egrep -i pluto + cat Jun 12 18:17:29 gw1 ipsec__plutorun: Starting Pluto subsystem... Jun 12 18:17:29 gw1 Pluto[20911]: Starting Pluto (FreeS/WAN Version 1.97) Jun 12 18:17:29 gw1 Pluto[20911]: | opening /dev/urandom Jun 12 18:17:29 gw1 Pluto[20911]: | inserting event EVENT_REINIT_SECRET, timeout in 3600 seconds Jun 12 18:17:29 gw1 Pluto[20911]: | process 20911 listening for PF_KEY_V2 on file descriptor 6 Jun 12 18:17:29 gw1 Pluto[20911]: | finish_pfkey_msg: SADB_REGISTER message 1 for AH Jun 12 18:17:29 gw1 Pluto[20911]: | 02 07 00 02 02 00 00 00 01 00 00 00 af 51 00 00 Jun 12 18:17:29 gw1 Pluto[20911]: | pfkey_get: SADB_REGISTER message 1 Jun 12 18:17:29 gw1 Pluto[20911]: | AH registered with kernel. Jun 12 18:17:29 gw1 Pluto[20911]: | finish_pfkey_msg: SADB_REGISTER message 2 for ESP Jun 12 18:17:29 gw1 Pluto[20911]: | 02 07 00 03 02 00 00 00 02 00 00 00 af 51 00 00 Jun 12 18:17:29 gw1 Pluto[20911]: | pfkey_get: SADB_REGISTER message 2 Jun 12 18:17:29 gw1 Pluto[20911]: | ESP registered with kernel. Jun 12 18:17:29 gw1 Pluto[20911]: | finish_pfkey_msg: SADB_REGISTER message 3 for IPCOMP Jun 12 18:17:29 gw1 Pluto[20911]: | 02 07 00 0a 02 00 00 00 03 00 00 00 af 51 00 00 Jun 12 18:17:29 gw1 Pluto[20911]: | pfkey_get: SADB_REGISTER message 3 Jun 12 18:17:29 gw1 Pluto[20911]: | IPCOMP registered with kernel. Jun 12 18:17:29 gw1 Pluto[20911]: | finish_pfkey_msg: SADB_REGISTER message 4 for IPIP Jun 12 18:17:29 gw1 Pluto[20911]: | 02 07 00 09 02 00 00 00 04 00 00 00 af 51 00 00 Jun 12 18:17:29 gw1 Pluto[20911]: | pfkey_get: SADB_REGISTER message 4 Jun 12 18:17:29 gw1 Pluto[20911]: | IPIP registered with kernel. Jun 12 18:17:29 gw1 Pluto[20911]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds Jun 12 18:17:29 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 120 seconds Jun 12 18:17:29 gw1 Pluto[20911]: | Jun 12 18:17:29 gw1 Pluto[20911]: | *received whack message Jun 12 18:17:29 gw1 Pluto[20911]: listening for IKE messages Jun 12 18:17:29 gw1 Pluto[20911]: | found lo with address 127.0.0.1 Jun 12 18:17:29 gw1 Pluto[20911]: | found eth0 with address 65.219.193.226 Jun 12 18:17:29 gw1 Pluto[20911]: | found eth0:0 with address 65.219.193.230 Jun 12 18:17:29 gw1 Pluto[20911]: | found eth0:1 with address 65.219.193.231 Jun 12 18:17:29 gw1 Pluto[20911]: | found eth0:2 with address 65.219.193.235 Jun 12 18:17:29 gw1 Pluto[20911]: | found eth0:3 with address 65.219.193.236 Jun 12 18:17:29 gw1 Pluto[20911]: | found eth0:4 with address 65.219.193.237 Jun 12 18:17:29 gw1 Pluto[20911]: | found eth0:5 with address 65.219.193.250 Jun 12 18:17:29 gw1 Pluto[20911]: | found eth1 with address 192.168.0.254 Jun 12 18:17:29 gw1 Pluto[20911]: | found eth2 with address 192.168.100.1 Jun 12 18:17:29 gw1 Pluto[20911]: | found ipsec0 with address 65.219.193.250 Jun 12 18:17:29 gw1 Pluto[20911]: | IP interface eth2 192.168.100.1 has no matching ipsec* interface -- ignored Jun 12 18:17:29 gw1 Pluto[20911]: | IP interface eth1 192.168.0.254 has no matching ipsec* interface -- ignored Jun 12 18:17:29 gw1 Pluto[20911]: adding interface ipsec0/eth0:5 65.219.193.250 Jun 12 18:17:29 gw1 Pluto[20911]: | IP interface eth0:4 65.219.193.237 has no matching ipsec* interface -- ignored Jun 12 18:17:29 gw1 Pluto[20911]: | IP interface eth0:3 65.219.193.236 has no matching ipsec* interface -- ignored Jun 12 18:17:29 gw1 Pluto[20911]: | IP interface eth0:2 65.219.193.235 has no matching ipsec* interface -- ignored Jun 12 18:17:29 gw1 Pluto[20911]: | IP interface eth0:1 65.219.193.231 has no matching ipsec* interface -- ignored Jun 12 18:17:29 gw1 Pluto[20911]: | IP interface eth0:0 65.219.193.230 has no matching ipsec* interface -- ignored Jun 12 18:17:29 gw1 Pluto[20911]: | IP interface eth0 65.219.193.226 has no matching ipsec* interface -- ignored Jun 12 18:17:29 gw1 Pluto[20911]: | IP interface lo 127.0.0.1 has no matching ipsec* interface -- ignored Jun 12 18:17:29 gw1 Pluto[20911]: | could not open /proc/net/if_inet6 Jun 12 18:17:29 gw1 Pluto[20911]: loading secrets from "/etc/ipsec.secrets" Jun 12 18:17:29 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 120 seconds Jun 12 18:19:29 gw1 Pluto[20911]: | Jun 12 18:19:29 gw1 Pluto[20911]: | *time to handle event Jun 12 18:19:29 gw1 Pluto[20911]: | event after this is EVENT_REINIT_SECRET in 3480 seconds Jun 12 18:19:29 gw1 Pluto[20911]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds Jun 12 18:19:29 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 120 seconds Jun 12 18:20:58 gw1 Pluto[20911]: | Jun 12 18:20:58 gw1 Pluto[20911]: | *received whack message Jun 12 18:20:58 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 31 seconds Jun 12 18:21:14 gw1 Pluto[20911]: | Jun 12 18:21:14 gw1 Pluto[20911]: | *received whack message Jun 12 18:21:14 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 15 seconds Jun 12 18:21:29 gw1 Pluto[20911]: | Jun 12 18:21:29 gw1 Pluto[20911]: | *time to handle event Jun 12 18:21:29 gw1 Pluto[20911]: | event after this is EVENT_REINIT_SECRET in 3360 seconds Jun 12 18:21:29 gw1 Pluto[20911]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds Jun 12 18:21:29 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 120 seconds Jun 12 18:23:29 gw1 Pluto[20911]: | Jun 12 18:23:29 gw1 Pluto[20911]: | *time to handle event Jun 12 18:23:29 gw1 Pluto[20911]: | event after this is EVENT_REINIT_SECRET in 3240 seconds Jun 12 18:23:29 gw1 Pluto[20911]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds Jun 12 18:23:29 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 120 seconds Jun 12 18:25:29 gw1 Pluto[20911]: | Jun 12 18:25:29 gw1 Pluto[20911]: | *time to handle event Jun 12 18:25:29 gw1 Pluto[20911]: | event after this is EVENT_REINIT_SECRET in 3120 seconds Jun 12 18:25:29 gw1 Pluto[20911]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds Jun 12 18:25:29 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 120 seconds Jun 12 18:27:29 gw1 Pluto[20911]: | Jun 12 18:27:29 gw1 Pluto[20911]: | *time to handle event Jun 12 18:27:29 gw1 Pluto[20911]: | event after this is EVENT_REINIT_SECRET in 3000 seconds Jun 12 18:27:29 gw1 Pluto[20911]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds Jun 12 18:27:29 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 120 seconds Jun 12 18:29:18 gw1 Pluto[20911]: | Jun 12 18:29:18 gw1 Pluto[20911]: | *received whack message Jun 12 18:29:18 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 11 seconds Jun 12 18:29:29 gw1 Pluto[20911]: | Jun 12 18:29:29 gw1 Pluto[20911]: | *time to handle event Jun 12 18:29:29 gw1 Pluto[20911]: | event after this is EVENT_REINIT_SECRET in 2880 seconds Jun 12 18:29:29 gw1 Pluto[20911]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds Jun 12 18:29:29 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 120 seconds Jun 12 18:29:54 gw1 Pluto[20911]: | Jun 12 18:29:54 gw1 Pluto[20911]: | *received whack message Jun 12 18:29:54 gw1 Pluto[20911]: added connection description "db08" Jun 12 18:29:54 gw1 Pluto[20911]: | 192.168.0.0/24===65.219.193.250---65.219.193.225...149.2.24.1---149.2.24.213===10.1.1.0/24 Jun 12 18:29:54 gw1 Pluto[20911]: | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3; policy: PSK+ENCRYPT+TUNNEL+DISABLEARRIVALCHECK Jun 12 18:29:54 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 95 seconds Jun 12 18:30:01 gw1 Pluto[20911]: | Jun 12 18:30:01 gw1 Pluto[20911]: | *received whack message Jun 12 18:30:01 gw1 Pluto[20911]: | creating state object #1 at 0x809db30 Jun 12 18:30:01 gw1 Pluto[20911]: | ICOOKIE: 3b 5a 7e 11 a1 92 b3 33 Jun 12 18:30:01 gw1 Pluto[20911]: | RCOOKIE: 00 00 00 00 00 00 00 00 Jun 12 18:30:01 gw1 Pluto[20911]: | peer: 95 02 18 d5 Jun 12 18:30:01 gw1 Pluto[20911]: | state hash entry 11 Jun 12 18:30:01 gw1 Pluto[20911]: | inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #1 Jun 12 18:30:01 gw1 Pluto[20911]: | Queuing pending Quick Mode with 149.2.24.213 "db08" Jun 12 18:30:01 gw1 Pluto[20911]: "db08" #1: initiating Main Mode Jun 12 18:30:01 gw1 Pluto[20911]: | **emit ISAKMP Message: Jun 12 18:30:01 gw1 Pluto[20911]: | initiator cookie: Jun 12 18:30:01 gw1 Pluto[20911]: | 3b 5a 7e 11 a1 92 b3 33 Jun 12 18:30:01 gw1 Pluto[20911]: | responder cookie: Jun 12 18:30:01 gw1 Pluto[20911]: | 00 00 00 00 00 00 00 00 Jun 12 18:30:01 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_SA Jun 12 18:30:01 gw1 Pluto[20911]: | ISAKMP version: ISAKMP Version 1.0 Jun 12 18:30:01 gw1 Pluto[20911]: | exchange type: ISAKMP_XCHG_IDPROT Jun 12 18:30:01 gw1 Pluto[20911]: | flags: none Jun 12 18:30:01 gw1 Pluto[20911]: | message ID: 00 00 00 00 Jun 12 18:30:01 gw1 Pluto[20911]: | ***emit ISAKMP Security Association Payload: Jun 12 18:30:01 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_NONE Jun 12 18:30:01 gw1 Pluto[20911]: | DOI: ISAKMP_DOI_IPSEC Jun 12 18:30:01 gw1 Pluto[20911]: | ****emit IPsec DOI SIT: Jun 12 18:30:01 gw1 Pluto[20911]: | IPsec DOI SIT: SIT_IDENTITY_ONLY Jun 12 18:30:01 gw1 Pluto[20911]: | ****emit ISAKMP Proposal Payload: Jun 12 18:30:01 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_NONE Jun 12 18:30:01 gw1 Pluto[20911]: | proposal number: 0 Jun 12 18:30:01 gw1 Pluto[20911]: | protocol ID: PROTO_ISAKMP Jun 12 18:30:01 gw1 Pluto[20911]: | SPI size: 0 Jun 12 18:30:01 gw1 Pluto[20911]: | number of transforms: 4 Jun 12 18:30:01 gw1 Pluto[20911]: | *****emit ISAKMP Transform Payload (ISAKMP): Jun 12 18:30:01 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_T Jun 12 18:30:01 gw1 Pluto[20911]: | transform number: 0 Jun 12 18:30:01 gw1 Pluto[20911]: | transform ID: KEY_IKE Jun 12 18:30:01 gw1 Pluto[20911]: | ******emit ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_LIFE_TYPE Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 1 Jun 12 18:30:01 gw1 Pluto[20911]: | [1 is OAKLEY_LIFE_SECONDS] Jun 12 18:30:01 gw1 Pluto[20911]: | ******emit ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_LIFE_DURATION Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 3600 Jun 12 18:30:01 gw1 Pluto[20911]: | ******emit ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 5 Jun 12 18:30:01 gw1 Pluto[20911]: | [5 is OAKLEY_3DES_CBC] Jun 12 18:30:01 gw1 Pluto[20911]: | ******emit ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_HASH_ALGORITHM Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 1 Jun 12 18:30:01 gw1 Pluto[20911]: | [1 is OAKLEY_MD5] Jun 12 18:30:01 gw1 Pluto[20911]: | ******emit ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_AUTHENTICATION_METHOD Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 1 Jun 12 18:30:01 gw1 Pluto[20911]: | [1 is OAKLEY_PRESHARED_KEY] Jun 12 18:30:01 gw1 Pluto[20911]: | ******emit ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_GROUP_DESCRIPTION Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 5 Jun 12 18:30:01 gw1 Pluto[20911]: | [5 is OAKLEY_GROUP_MODP1536 (extension)] Jun 12 18:30:01 gw1 Pluto[20911]: | emitting length of ISAKMP Transform Payload (ISAKMP): 32 Jun 12 18:30:01 gw1 Pluto[20911]: | *****emit ISAKMP Transform Payload (ISAKMP): Jun 12 18:30:01 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_T Jun 12 18:30:01 gw1 Pluto[20911]: | transform number: 1 Jun 12 18:30:01 gw1 Pluto[20911]: | transform ID: KEY_IKE Jun 12 18:30:01 gw1 Pluto[20911]: | ******emit ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_LIFE_TYPE Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 1 Jun 12 18:30:01 gw1 Pluto[20911]: | [1 is OAKLEY_LIFE_SECONDS] Jun 12 18:30:01 gw1 Pluto[20911]: | ******emit ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_LIFE_DURATION Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 3600 Jun 12 18:30:01 gw1 Pluto[20911]: | ******emit ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 5 Jun 12 18:30:01 gw1 Pluto[20911]: | [5 is OAKLEY_3DES_CBC] Jun 12 18:30:01 gw1 Pluto[20911]: | ******emit ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_HASH_ALGORITHM Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 2 Jun 12 18:30:01 gw1 Pluto[20911]: | [2 is OAKLEY_SHA] Jun 12 18:30:01 gw1 Pluto[20911]: | ******emit ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_AUTHENTICATION_METHOD Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 1 Jun 12 18:30:01 gw1 Pluto[20911]: | [1 is OAKLEY_PRESHARED_KEY] Jun 12 18:30:01 gw1 Pluto[20911]: | ******emit ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_GROUP_DESCRIPTION Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 5 Jun 12 18:30:01 gw1 Pluto[20911]: | [5 is OAKLEY_GROUP_MODP1536 (extension)] Jun 12 18:30:01 gw1 Pluto[20911]: | emitting length of ISAKMP Transform Payload (ISAKMP): 32 Jun 12 18:30:01 gw1 Pluto[20911]: | *****emit ISAKMP Transform Payload (ISAKMP): Jun 12 18:30:01 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_T Jun 12 18:30:01 gw1 Pluto[20911]: | transform number: 2 Jun 12 18:30:01 gw1 Pluto[20911]: | transform ID: KEY_IKE Jun 12 18:30:01 gw1 Pluto[20911]: | ******emit ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_LIFE_TYPE Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 1 Jun 12 18:30:01 gw1 Pluto[20911]: | [1 is OAKLEY_LIFE_SECONDS] Jun 12 18:30:01 gw1 Pluto[20911]: | ******emit ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_LIFE_DURATION Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 3600 Jun 12 18:30:01 gw1 Pluto[20911]: | ******emit ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 5 Jun 12 18:30:01 gw1 Pluto[20911]: | [5 is OAKLEY_3DES_CBC] Jun 12 18:30:01 gw1 Pluto[20911]: | ******emit ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_HASH_ALGORITHM Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 2 Jun 12 18:30:01 gw1 Pluto[20911]: | [2 is OAKLEY_SHA] Jun 12 18:30:01 gw1 Pluto[20911]: | ******emit ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_AUTHENTICATION_METHOD Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 1 Jun 12 18:30:01 gw1 Pluto[20911]: | [1 is OAKLEY_PRESHARED_KEY] Jun 12 18:30:01 gw1 Pluto[20911]: | ******emit ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_GROUP_DESCRIPTION Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 2 Jun 12 18:30:01 gw1 Pluto[20911]: | [2 is OAKLEY_GROUP_MODP1024] Jun 12 18:30:01 gw1 Pluto[20911]: | emitting length of ISAKMP Transform Payload (ISAKMP): 32 Jun 12 18:30:01 gw1 Pluto[20911]: | *****emit ISAKMP Transform Payload (ISAKMP): Jun 12 18:30:01 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_NONE Jun 12 18:30:01 gw1 Pluto[20911]: | transform number: 3 Jun 12 18:30:01 gw1 Pluto[20911]: | transform ID: KEY_IKE Jun 12 18:30:01 gw1 Pluto[20911]: | ******emit ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_LIFE_TYPE Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 1 Jun 12 18:30:01 gw1 Pluto[20911]: | [1 is OAKLEY_LIFE_SECONDS] Jun 12 18:30:01 gw1 Pluto[20911]: | ******emit ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_LIFE_DURATION Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 3600 Jun 12 18:30:01 gw1 Pluto[20911]: | ******emit ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 5 Jun 12 18:30:01 gw1 Pluto[20911]: | [5 is OAKLEY_3DES_CBC] Jun 12 18:30:01 gw1 Pluto[20911]: | ******emit ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_HASH_ALGORITHM Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 1 Jun 12 18:30:01 gw1 Pluto[20911]: | [1 is OAKLEY_MD5] Jun 12 18:30:01 gw1 Pluto[20911]: | ******emit ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_AUTHENTICATION_METHOD Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 1 Jun 12 18:30:01 gw1 Pluto[20911]: | [1 is OAKLEY_PRESHARED_KEY] Jun 12 18:30:01 gw1 Pluto[20911]: | ******emit ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_GROUP_DESCRIPTION Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 2 Jun 12 18:30:01 gw1 Pluto[20911]: | [2 is OAKLEY_GROUP_MODP1024] Jun 12 18:30:01 gw1 Pluto[20911]: | emitting length of ISAKMP Transform Payload (ISAKMP): 32 Jun 12 18:30:01 gw1 Pluto[20911]: | emitting length of ISAKMP Proposal Payload: 136 Jun 12 18:30:01 gw1 Pluto[20911]: | emitting length of ISAKMP Security Association Payload: 148 Jun 12 18:30:01 gw1 Pluto[20911]: | emitting length of ISAKMP Message: 176 Jun 12 18:30:01 gw1 Pluto[20911]: | sending 176 bytes for main_outI1 through eth0:5 to 149.2.24.213:500: Jun 12 18:30:01 gw1 Pluto[20911]: | 3b 5a 7e 11 a1 92 b3 33 00 00 00 00 00 00 00 00 Jun 12 18:30:01 gw1 Pluto[20911]: | 01 10 02 00 00 00 00 00 00 00 00 b0 00 00 00 94 Jun 12 18:30:01 gw1 Pluto[20911]: | 00 00 00 01 00 00 00 01 00 00 00 88 00 01 00 04 Jun 12 18:30:01 gw1 Pluto[20911]: | 03 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10 Jun 12 18:30:01 gw1 Pluto[20911]: | 80 01 00 05 80 02 00 01 80 03 00 01 80 04 00 05 Jun 12 18:30:01 gw1 Pluto[20911]: | 03 00 00 20 01 01 00 00 80 0b 00 01 80 0c 0e 10 Jun 12 18:30:01 gw1 Pluto[20911]: | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 05 Jun 12 18:30:01 gw1 Pluto[20911]: | 03 00 00 20 02 01 00 00 80 0b 00 01 80 0c 0e 10 Jun 12 18:30:01 gw1 Pluto[20911]: | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 02 Jun 12 18:30:01 gw1 Pluto[20911]: | 00 00 00 20 03 01 00 00 80 0b 00 01 80 0c 0e 10 Jun 12 18:30:01 gw1 Pluto[20911]: | 80 01 00 05 80 02 00 01 80 03 00 01 80 04 00 02 Jun 12 18:30:01 gw1 Pluto[20911]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1 Jun 12 18:30:01 gw1 Pluto[20911]: | next event EVENT_RETRANSMIT in 10 seconds for #1 Jun 12 18:30:01 gw1 Pluto[20911]: | Jun 12 18:30:01 gw1 Pluto[20911]: | *received 80 bytes from 149.2.24.213:500 on eth0:5 Jun 12 18:30:01 gw1 Pluto[20911]: | 3b 5a 7e 11 a1 92 b3 33 6f 2b f9 13 18 85 d0 48 Jun 12 18:30:01 gw1 Pluto[20911]: | 01 10 02 00 00 00 00 00 00 00 00 50 00 00 00 34 Jun 12 18:30:01 gw1 Pluto[20911]: | 00 00 00 01 00 00 00 01 00 00 00 28 01 01 00 01 Jun 12 18:30:01 gw1 Pluto[20911]: | 00 00 00 20 01 01 00 00 80 0b 00 01 80 0c 0e 10 Jun 12 18:30:01 gw1 Pluto[20911]: | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 02 Jun 12 18:30:01 gw1 Pluto[20911]: | **parse ISAKMP Message: Jun 12 18:30:01 gw1 Pluto[20911]: | initiator cookie: Jun 12 18:30:01 gw1 Pluto[20911]: | 3b 5a 7e 11 a1 92 b3 33 Jun 12 18:30:01 gw1 Pluto[20911]: | responder cookie: Jun 12 18:30:01 gw1 Pluto[20911]: | 6f 2b f9 13 18 85 d0 48 Jun 12 18:30:01 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_SA Jun 12 18:30:01 gw1 Pluto[20911]: | ISAKMP version: ISAKMP Version 1.0 Jun 12 18:30:01 gw1 Pluto[20911]: | exchange type: ISAKMP_XCHG_IDPROT Jun 12 18:30:01 gw1 Pluto[20911]: | flags: none Jun 12 18:30:01 gw1 Pluto[20911]: | message ID: 00 00 00 00 Jun 12 18:30:01 gw1 Pluto[20911]: | length: 80 Jun 12 18:30:01 gw1 Pluto[20911]: | ICOOKIE: 3b 5a 7e 11 a1 92 b3 33 Jun 12 18:30:01 gw1 Pluto[20911]: | RCOOKIE: 6f 2b f9 13 18 85 d0 48 Jun 12 18:30:01 gw1 Pluto[20911]: | peer: 95 02 18 d5 Jun 12 18:30:01 gw1 Pluto[20911]: | state hash entry 6 Jun 12 18:30:01 gw1 Pluto[20911]: | state object not found Jun 12 18:30:01 gw1 Pluto[20911]: | ICOOKIE: 3b 5a 7e 11 a1 92 b3 33 Jun 12 18:30:01 gw1 Pluto[20911]: | RCOOKIE: 00 00 00 00 00 00 00 00 Jun 12 18:30:01 gw1 Pluto[20911]: | peer: 95 02 18 d5 Jun 12 18:30:01 gw1 Pluto[20911]: | state hash entry 11 Jun 12 18:30:01 gw1 Pluto[20911]: | state object #1 found, in STATE_MAIN_I1 Jun 12 18:30:01 gw1 Pluto[20911]: | ***parse ISAKMP Security Association Payload: Jun 12 18:30:01 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_NONE Jun 12 18:30:01 gw1 Pluto[20911]: | length: 52 Jun 12 18:30:01 gw1 Pluto[20911]: | DOI: ISAKMP_DOI_IPSEC Jun 12 18:30:01 gw1 Pluto[20911]: | ****parse IPsec DOI SIT: Jun 12 18:30:01 gw1 Pluto[20911]: | IPsec DOI SIT: SIT_IDENTITY_ONLY Jun 12 18:30:01 gw1 Pluto[20911]: | ****parse ISAKMP Proposal Payload: Jun 12 18:30:01 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_NONE Jun 12 18:30:01 gw1 Pluto[20911]: | length: 40 Jun 12 18:30:01 gw1 Pluto[20911]: | proposal number: 1 Jun 12 18:30:01 gw1 Pluto[20911]: | protocol ID: PROTO_ISAKMP Jun 12 18:30:01 gw1 Pluto[20911]: | SPI size: 0 Jun 12 18:30:01 gw1 Pluto[20911]: | number of transforms: 1 Jun 12 18:30:01 gw1 Pluto[20911]: | *****parse ISAKMP Transform Payload (ISAKMP): Jun 12 18:30:01 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_NONE Jun 12 18:30:01 gw1 Pluto[20911]: | length: 32 Jun 12 18:30:01 gw1 Pluto[20911]: | transform number: 1 Jun 12 18:30:01 gw1 Pluto[20911]: | transform ID: KEY_IKE Jun 12 18:30:01 gw1 Pluto[20911]: | ******parse ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_LIFE_TYPE Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 1 Jun 12 18:30:01 gw1 Pluto[20911]: | [1 is OAKLEY_LIFE_SECONDS] Jun 12 18:30:01 gw1 Pluto[20911]: | ******parse ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_LIFE_DURATION Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 3600 Jun 12 18:30:01 gw1 Pluto[20911]: | ******parse ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 5 Jun 12 18:30:01 gw1 Pluto[20911]: | [5 is OAKLEY_3DES_CBC] Jun 12 18:30:01 gw1 Pluto[20911]: | ******parse ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_HASH_ALGORITHM Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 2 Jun 12 18:30:01 gw1 Pluto[20911]: | [2 is OAKLEY_SHA] Jun 12 18:30:01 gw1 Pluto[20911]: | ******parse ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_AUTHENTICATION_METHOD Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 1 Jun 12 18:30:01 gw1 Pluto[20911]: | [1 is OAKLEY_PRESHARED_KEY] Jun 12 18:30:01 gw1 Pluto[20911]: | ******parse ISAKMP Oakley attribute: Jun 12 18:30:01 gw1 Pluto[20911]: | af+type: OAKLEY_GROUP_DESCRIPTION Jun 12 18:30:01 gw1 Pluto[20911]: | length/value: 2 Jun 12 18:30:01 gw1 Pluto[20911]: | [2 is OAKLEY_GROUP_MODP1024] Jun 12 18:30:01 gw1 Pluto[20911]: | Oakley Transform 1 accepted Jun 12 18:30:01 gw1 Pluto[20911]: | **emit ISAKMP Message: Jun 12 18:30:01 gw1 Pluto[20911]: | initiator cookie: Jun 12 18:30:01 gw1 Pluto[20911]: | 3b 5a 7e 11 a1 92 b3 33 Jun 12 18:30:01 gw1 Pluto[20911]: | responder cookie: Jun 12 18:30:01 gw1 Pluto[20911]: | 6f 2b f9 13 18 85 d0 48 Jun 12 18:30:01 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_KE Jun 12 18:30:01 gw1 Pluto[20911]: | ISAKMP version: ISAKMP Version 1.0 Jun 12 18:30:01 gw1 Pluto[20911]: | exchange type: ISAKMP_XCHG_IDPROT Jun 12 18:30:01 gw1 Pluto[20911]: | flags: none Jun 12 18:30:01 gw1 Pluto[20911]: | message ID: 00 00 00 00 Jun 12 18:30:01 gw1 Pluto[20911]: | Local DH secret: Jun 12 18:30:01 gw1 Pluto[20911]: | 36 0a e2 9c 0e e6 a7 27 3e 99 af 8f d2 c7 c2 e3 Jun 12 18:30:01 gw1 Pluto[20911]: | 6b 73 1d 8c 1d 7e 4b 76 47 da eb 80 47 59 78 54 Jun 12 18:30:01 gw1 Pluto[20911]: | Public DH value sent: Jun 12 18:30:01 gw1 Pluto[20911]: | 10 80 2b ef 9c 39 f1 90 5f da 08 dd ce d0 de e7 Jun 12 18:30:01 gw1 Pluto[20911]: | cd 65 93 88 6b da 5c 6c 81 ba d7 c2 34 3d 5b 18 Jun 12 18:30:01 gw1 Pluto[20911]: | 3b 31 dd f3 3e d7 b4 96 69 5d 43 ed 9b a9 0b 7c Jun 12 18:30:01 gw1 Pluto[20911]: | be 8a 77 1b f5 ce 83 cc 83 62 3b 57 06 b5 b1 6a Jun 12 18:30:01 gw1 Pluto[20911]: | 9f 00 5a 4b cc 1e 89 d5 fb 2d 84 04 c5 d8 37 19 Jun 12 18:30:01 gw1 Pluto[20911]: | b3 51 f5 d1 e5 82 e3 27 b7 b7 d3 75 bc 18 91 ce Jun 12 18:30:01 gw1 Pluto[20911]: | bb 01 6d ed 48 e9 cc c0 81 db b1 38 9f bc 89 00 Jun 12 18:30:01 gw1 Pluto[20911]: | f1 2d e7 ca 31 82 00 5f 87 79 c7 65 4d 6b 35 3d Jun 12 18:30:01 gw1 Pluto[20911]: | ***emit ISAKMP Key Exchange Payload: Jun 12 18:30:01 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_NONCE Jun 12 18:30:01 gw1 Pluto[20911]: | emitting 128 raw bytes of keyex value into ISAKMP Key Exchange Payload Jun 12 18:30:01 gw1 Pluto[20911]: | keyex value 10 80 2b ef 9c 39 f1 90 5f da 08 dd ce d0 de e7 Jun 12 18:30:01 gw1 Pluto[20911]: | cd 65 93 88 6b da 5c 6c 81 ba d7 c2 34 3d 5b 18 Jun 12 18:30:01 gw1 Pluto[20911]: | 3b 31 dd f3 3e d7 b4 96 69 5d 43 ed 9b a9 0b 7c Jun 12 18:30:01 gw1 Pluto[20911]: | be 8a 77 1b f5 ce 83 cc 83 62 3b 57 06 b5 b1 6a Jun 12 18:30:01 gw1 Pluto[20911]: | 9f 00 5a 4b cc 1e 89 d5 fb 2d 84 04 c5 d8 37 19 Jun 12 18:30:01 gw1 Pluto[20911]: | b3 51 f5 d1 e5 82 e3 27 b7 b7 d3 75 bc 18 91 ce Jun 12 18:30:01 gw1 Pluto[20911]: | bb 01 6d ed 48 e9 cc c0 81 db b1 38 9f bc 89 00 Jun 12 18:30:01 gw1 Pluto[20911]: | f1 2d e7 ca 31 82 00 5f 87 79 c7 65 4d 6b 35 3d Jun 12 18:30:01 gw1 Pluto[20911]: | emitting length of ISAKMP Key Exchange Payload: 132 Jun 12 18:30:01 gw1 Pluto[20911]: | ***emit ISAKMP Nonce Payload: Jun 12 18:30:01 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_NONE Jun 12 18:30:01 gw1 Pluto[20911]: | emitting 16 raw bytes of Ni into ISAKMP Nonce Payload Jun 12 18:30:01 gw1 Pluto[20911]: | Ni 33 9e 87 56 a3 40 1e 6d b9 dd cc d1 af 85 f8 48 Jun 12 18:30:01 gw1 Pluto[20911]: | emitting length of ISAKMP Nonce Payload: 20 Jun 12 18:30:01 gw1 Pluto[20911]: | emitting length of ISAKMP Message: 180 Jun 12 18:30:01 gw1 Pluto[20911]: | ICOOKIE: 3b 5a 7e 11 a1 92 b3 33 Jun 12 18:30:01 gw1 Pluto[20911]: | RCOOKIE: 00 00 00 00 00 00 00 00 Jun 12 18:30:01 gw1 Pluto[20911]: | peer: 95 02 18 d5 Jun 12 18:30:01 gw1 Pluto[20911]: | state hash entry 11 Jun 12 18:30:01 gw1 Pluto[20911]: | ICOOKIE: 3b 5a 7e 11 a1 92 b3 33 Jun 12 18:30:01 gw1 Pluto[20911]: | RCOOKIE: 6f 2b f9 13 18 85 d0 48 Jun 12 18:30:01 gw1 Pluto[20911]: | peer: 95 02 18 d5 Jun 12 18:30:01 gw1 Pluto[20911]: | state hash entry 6 Jun 12 18:30:01 gw1 Pluto[20911]: | sending 180 bytes for STATE_MAIN_I1 through eth0:5 to 149.2.24.213:500: Jun 12 18:30:01 gw1 Pluto[20911]: | 3b 5a 7e 11 a1 92 b3 33 6f 2b f9 13 18 85 d0 48 Jun 12 18:30:01 gw1 Pluto[20911]: | 04 10 02 00 00 00 00 00 00 00 00 b4 0a 00 00 84 Jun 12 18:30:01 gw1 Pluto[20911]: | 10 80 2b ef 9c 39 f1 90 5f da 08 dd ce d0 de e7 Jun 12 18:30:01 gw1 Pluto[20911]: | cd 65 93 88 6b da 5c 6c 81 ba d7 c2 34 3d 5b 18 Jun 12 18:30:01 gw1 Pluto[20911]: | 3b 31 dd f3 3e d7 b4 96 69 5d 43 ed 9b a9 0b 7c Jun 12 18:30:01 gw1 Pluto[20911]: | be 8a 77 1b f5 ce 83 cc 83 62 3b 57 06 b5 b1 6a Jun 12 18:30:01 gw1 Pluto[20911]: | 9f 00 5a 4b cc 1e 89 d5 fb 2d 84 04 c5 d8 37 19 Jun 12 18:30:01 gw1 Pluto[20911]: | b3 51 f5 d1 e5 82 e3 27 b7 b7 d3 75 bc 18 91 ce Jun 12 18:30:01 gw1 Pluto[20911]: | bb 01 6d ed 48 e9 cc c0 81 db b1 38 9f bc 89 00 Jun 12 18:30:01 gw1 Pluto[20911]: | f1 2d e7 ca 31 82 00 5f 87 79 c7 65 4d 6b 35 3d Jun 12 18:30:01 gw1 Pluto[20911]: | 00 00 00 14 33 9e 87 56 a3 40 1e 6d b9 dd cc d1 Jun 12 18:30:01 gw1 Pluto[20911]: | af 85 f8 48 Jun 12 18:30:01 gw1 Pluto[20911]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1 Jun 12 18:30:01 gw1 Pluto[20911]: | next event EVENT_RETRANSMIT in 10 seconds for #1 Jun 12 18:30:01 gw1 Pluto[20911]: | Jun 12 18:30:01 gw1 Pluto[20911]: | *received 184 bytes from 149.2.24.213:500 on eth0:5 Jun 12 18:30:01 gw1 Pluto[20911]: | 3b 5a 7e 11 a1 92 b3 33 6f 2b f9 13 18 85 d0 48 Jun 12 18:30:01 gw1 Pluto[20911]: | 04 10 02 00 00 00 00 00 00 00 00 b8 0a 00 00 84 Jun 12 18:30:01 gw1 Pluto[20911]: | 13 52 23 12 a3 02 b8 65 51 52 8a 43 bb 5d 3a d6 Jun 12 18:30:01 gw1 Pluto[20911]: | d1 54 f9 70 99 4d 7a a4 f9 8e 79 e8 60 fe 6d 86 Jun 12 18:30:01 gw1 Pluto[20911]: | e7 1f fe ae 1f 1f a4 32 53 c9 25 a1 51 58 d2 96 Jun 12 18:30:01 gw1 Pluto[20911]: | 75 a6 78 28 44 70 2a 70 95 b4 4c bc 2e 32 f0 72 Jun 12 18:30:01 gw1 Pluto[20911]: | 53 40 f6 69 ca 99 29 69 b7 48 74 df ef 3c ef fd Jun 12 18:30:01 gw1 Pluto[20911]: | d4 84 a4 78 af 7c f9 02 2f 9b b2 69 f1 ec 6a 64 Jun 12 18:30:01 gw1 Pluto[20911]: | 02 fa 54 9f 0f d3 0a 3f 1d b4 0f 35 96 e3 7f d7 Jun 12 18:30:01 gw1 Pluto[20911]: | 65 58 12 fd 11 20 90 dc 81 6f aa 99 36 bd 34 f4 Jun 12 18:30:01 gw1 Pluto[20911]: | 00 00 00 18 5b 14 46 6d a6 78 6f f3 f9 f9 0f a1 Jun 12 18:30:01 gw1 Pluto[20911]: | 3f c8 52 87 ed 1c 67 d6 Jun 12 18:30:01 gw1 Pluto[20911]: | **parse ISAKMP Message: Jun 12 18:30:01 gw1 Pluto[20911]: | initiator cookie: Jun 12 18:30:01 gw1 Pluto[20911]: | 3b 5a 7e 11 a1 92 b3 33 Jun 12 18:30:01 gw1 Pluto[20911]: | responder cookie: Jun 12 18:30:01 gw1 Pluto[20911]: | 6f 2b f9 13 18 85 d0 48 Jun 12 18:30:01 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_KE Jun 12 18:30:01 gw1 Pluto[20911]: | ISAKMP version: ISAKMP Version 1.0 Jun 12 18:30:01 gw1 Pluto[20911]: | exchange type: ISAKMP_XCHG_IDPROT Jun 12 18:30:01 gw1 Pluto[20911]: | flags: none Jun 12 18:30:01 gw1 Pluto[20911]: | message ID: 00 00 00 00 Jun 12 18:30:01 gw1 Pluto[20911]: | length: 184 Jun 12 18:30:01 gw1 Pluto[20911]: | ICOOKIE: 3b 5a 7e 11 a1 92 b3 33 Jun 12 18:30:01 gw1 Pluto[20911]: | RCOOKIE: 6f 2b f9 13 18 85 d0 48 Jun 12 18:30:01 gw1 Pluto[20911]: | peer: 95 02 18 d5 Jun 12 18:30:01 gw1 Pluto[20911]: | state hash entry 6 Jun 12 18:30:01 gw1 Pluto[20911]: | state object #1 found, in STATE_MAIN_I2 Jun 12 18:30:01 gw1 Pluto[20911]: | ***parse ISAKMP Key Exchange Payload: Jun 12 18:30:01 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_NONCE Jun 12 18:30:01 gw1 Pluto[20911]: | length: 132 Jun 12 18:30:01 gw1 Pluto[20911]: | ***parse ISAKMP Nonce Payload: Jun 12 18:30:01 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_NONE Jun 12 18:30:01 gw1 Pluto[20911]: | length: 24 Jun 12 18:30:01 gw1 Pluto[20911]: | **emit ISAKMP Message: Jun 12 18:30:01 gw1 Pluto[20911]: | initiator cookie: Jun 12 18:30:01 gw1 Pluto[20911]: | 3b 5a 7e 11 a1 92 b3 33 Jun 12 18:30:01 gw1 Pluto[20911]: | responder cookie: Jun 12 18:30:01 gw1 Pluto[20911]: | 6f 2b f9 13 18 85 d0 48 Jun 12 18:30:01 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_ID Jun 12 18:30:01 gw1 Pluto[20911]: | ISAKMP version: ISAKMP Version 1.0 Jun 12 18:30:01 gw1 Pluto[20911]: | exchange type: ISAKMP_XCHG_IDPROT Jun 12 18:30:01 gw1 Pluto[20911]: | flags: ISAKMP_FLAG_ENCRYPTION Jun 12 18:30:01 gw1 Pluto[20911]: | message ID: 00 00 00 00 Jun 12 18:30:01 gw1 Pluto[20911]: | DH public value received: Jun 12 18:30:01 gw1 Pluto[20911]: | 13 52 23 12 a3 02 b8 65 51 52 8a 43 bb 5d 3a d6 Jun 12 18:30:01 gw1 Pluto[20911]: | d1 54 f9 70 99 4d 7a a4 f9 8e 79 e8 60 fe 6d 86 Jun 12 18:30:01 gw1 Pluto[20911]: | e7 1f fe ae 1f 1f a4 32 53 c9 25 a1 51 58 d2 96 Jun 12 18:30:01 gw1 Pluto[20911]: | 75 a6 78 28 44 70 2a 70 95 b4 4c bc 2e 32 f0 72 Jun 12 18:30:01 gw1 Pluto[20911]: | 53 40 f6 69 ca 99 29 69 b7 48 74 df ef 3c ef fd Jun 12 18:30:01 gw1 Pluto[20911]: | d4 84 a4 78 af 7c f9 02 2f 9b b2 69 f1 ec 6a 64 Jun 12 18:30:01 gw1 Pluto[20911]: | 02 fa 54 9f 0f d3 0a 3f 1d b4 0f 35 96 e3 7f d7 Jun 12 18:30:01 gw1 Pluto[20911]: | 65 58 12 fd 11 20 90 dc 81 6f aa 99 36 bd 34 f4 Jun 12 18:30:01 gw1 Pluto[20911]: | DH shared secret: Jun 12 18:30:01 gw1 Pluto[20911]: | 95 dc 2b 13 4a 9c 70 6f 3e f7 1b 07 a1 8d 1e fa Jun 12 18:30:01 gw1 Pluto[20911]: | fd 9e 73 44 bb 87 f4 1f d6 ba 2b 8f c9 e3 d0 4c Jun 12 18:30:01 gw1 Pluto[20911]: | 62 c9 bc 03 b2 ad 7d 75 2f f1 86 b4 bb 06 ca 9b Jun 12 18:30:01 gw1 Pluto[20911]: | db 8e 71 02 25 2d ec 52 8f 4d 3d 32 ce d8 c1 e1 Jun 12 18:30:01 gw1 Pluto[20911]: | 50 d2 68 14 eb 43 de a9 68 5b 32 58 78 0e da 0a Jun 12 18:30:01 gw1 Pluto[20911]: | a7 d1 ac 7b 6a 4a 08 e4 2b 57 18 ab 0f ee ff 29 Jun 12 18:30:01 gw1 Pluto[20911]: | 37 f6 17 ae ca 74 9c ee de f4 83 37 84 5e e9 07 Jun 12 18:30:01 gw1 Pluto[20911]: | 27 92 b3 8a a8 cf 8b d7 c6 31 4d d0 ee b1 89 07 Jun 12 18:30:01 gw1 Pluto[20911]: | Skeyid: 3d a7 a9 b9 dd 41 f1 e4 0b b7 28 7f 99 10 12 0b Jun 12 18:30:01 gw1 Pluto[20911]: | 21 35 4e 30 Jun 12 18:30:01 gw1 Pluto[20911]: | Skeyid_d: f4 c9 c7 83 98 10 8d 42 e9 72 c6 6d 1e 0f ac 5b Jun 12 18:30:01 gw1 Pluto[20911]: | 0a 99 58 05 Jun 12 18:30:01 gw1 Pluto[20911]: | Skeyid_a: 99 48 2b 5c 7a 4e 38 b0 e7 aa bb 67 45 92 68 ef Jun 12 18:30:01 gw1 Pluto[20911]: | 61 c9 91 cc Jun 12 18:30:01 gw1 Pluto[20911]: | Skeyid_e: 16 bf ce d8 a2 39 0f b4 0b e7 18 07 f1 47 22 b1 Jun 12 18:30:01 gw1 Pluto[20911]: | 1a 10 1c bd Jun 12 18:30:01 gw1 Pluto[20911]: | enc key: 99 7f 7b 0e 0f 94 56 78 e7 72 47 b6 ab e0 d2 00 Jun 12 18:30:01 gw1 Pluto[20911]: | b1 ad 22 13 26 82 f9 c9 Jun 12 18:30:02 gw1 Pluto[20911]: | IV: 49 12 bf 12 bd 73 5e 92 e8 24 74 1e f3 db 1d 57 Jun 12 18:30:02 gw1 Pluto[20911]: | 1b 6f e3 da Jun 12 18:30:02 gw1 Pluto[20911]: | ***emit ISAKMP Identification Payload (IPsec DOI): Jun 12 18:30:02 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_HASH Jun 12 18:30:02 gw1 Pluto[20911]: | ID type: ID_IPV4_ADDR Jun 12 18:30:02 gw1 Pluto[20911]: | Protocol ID: 0 Jun 12 18:30:02 gw1 Pluto[20911]: | port: 0 Jun 12 18:30:02 gw1 Pluto[20911]: | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) Jun 12 18:30:02 gw1 Pluto[20911]: | my identity 41 db c1 fa Jun 12 18:30:02 gw1 Pluto[20911]: | emitting length of ISAKMP Identification Payload (IPsec DOI): 12 Jun 12 18:30:02 gw1 Pluto[20911]: | hashing 144 bytes of SA Jun 12 18:30:02 gw1 Pluto[20911]: | Hashing my ID: Type ID_IPV4_ADDR, Protocol 0, Port 0 Jun 12 18:30:02 gw1 Pluto[20911]: | ***emit ISAKMP Hash Payload: Jun 12 18:30:02 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_NONE Jun 12 18:30:02 gw1 Pluto[20911]: | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload Jun 12 18:30:02 gw1 Pluto[20911]: | HASH_I 1c dd 61 58 65 0c 4c bb b6 c2 4f 11 0f 66 2d 97 Jun 12 18:30:02 gw1 Pluto[20911]: | ff 41 ae ad Jun 12 18:30:02 gw1 Pluto[20911]: | emitting length of ISAKMP Hash Payload: 24 Jun 12 18:30:02 gw1 Pluto[20911]: | encrypting: Jun 12 18:30:02 gw1 Pluto[20911]: | 08 00 00 0c 01 00 00 00 41 db c1 fa 00 00 00 18 Jun 12 18:30:02 gw1 Pluto[20911]: | 1c dd 61 58 65 0c 4c bb b6 c2 4f 11 0f 66 2d 97 Jun 12 18:30:02 gw1 Pluto[20911]: | ff 41 ae ad Jun 12 18:30:02 gw1 Pluto[20911]: | emitting 4 zero bytes of encryption padding into ISAKMP Message Jun 12 18:30:02 gw1 Pluto[20911]: | encrypting using OAKLEY_3DES_CBC Jun 12 18:30:02 gw1 Pluto[20911]: | next IV: 9c e1 46 5c 7e 94 73 93 Jun 12 18:30:02 gw1 Pluto[20911]: | emitting length of ISAKMP Message: 68 Jun 12 18:30:02 gw1 Pluto[20911]: | sending 68 bytes for STATE_MAIN_I2 through eth0:5 to 149.2.24.213:500: Jun 12 18:30:02 gw1 Pluto[20911]: | 3b 5a 7e 11 a1 92 b3 33 6f 2b f9 13 18 85 d0 48 Jun 12 18:30:02 gw1 Pluto[20911]: | 05 10 02 01 00 00 00 00 00 00 00 44 73 e2 69 91 Jun 12 18:30:02 gw1 Pluto[20911]: | 84 bb a3 d5 c4 46 9f a7 fe d0 0e 89 cc 1d 08 ad Jun 12 18:30:02 gw1 Pluto[20911]: | 35 0c e6 14 0c ea 17 db c0 07 55 08 9c e1 46 5c Jun 12 18:30:02 gw1 Pluto[20911]: | 7e 94 73 93 Jun 12 18:30:02 gw1 Pluto[20911]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1 Jun 12 18:30:02 gw1 Pluto[20911]: | next event EVENT_RETRANSMIT in 10 seconds for #1 Jun 12 18:30:02 gw1 Pluto[20911]: | Jun 12 18:30:02 gw1 Pluto[20911]: | *received 68 bytes from 149.2.24.213:500 on eth0:5 Jun 12 18:30:02 gw1 Pluto[20911]: | 3b 5a 7e 11 a1 92 b3 33 6f 2b f9 13 18 85 d0 48 Jun 12 18:30:02 gw1 Pluto[20911]: | 05 10 02 01 00 00 00 00 00 00 00 44 f3 5c 9e 1e Jun 12 18:30:02 gw1 Pluto[20911]: | 39 38 47 e9 1f cd 7b 73 82 91 a3 e4 77 b4 60 12 Jun 12 18:30:02 gw1 Pluto[20911]: | d4 c3 26 cd 19 e5 3d 7c e1 32 a3 95 3a 12 ca 6b Jun 12 18:30:02 gw1 Pluto[20911]: | 31 b6 e0 ca Jun 12 18:30:02 gw1 Pluto[20911]: | **parse ISAKMP Message: Jun 12 18:30:02 gw1 Pluto[20911]: | initiator cookie: Jun 12 18:30:02 gw1 Pluto[20911]: | 3b 5a 7e 11 a1 92 b3 33 Jun 12 18:30:02 gw1 Pluto[20911]: | responder cookie: Jun 12 18:30:02 gw1 Pluto[20911]: | 6f 2b f9 13 18 85 d0 48 Jun 12 18:30:02 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_ID Jun 12 18:30:02 gw1 Pluto[20911]: | ISAKMP version: ISAKMP Version 1.0 Jun 12 18:30:02 gw1 Pluto[20911]: | exchange type: ISAKMP_XCHG_IDPROT Jun 12 18:30:02 gw1 Pluto[20911]: | flags: ISAKMP_FLAG_ENCRYPTION Jun 12 18:30:02 gw1 Pluto[20911]: | message ID: 00 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | length: 68 Jun 12 18:30:02 gw1 Pluto[20911]: | ICOOKIE: 3b 5a 7e 11 a1 92 b3 33 Jun 12 18:30:02 gw1 Pluto[20911]: | RCOOKIE: 6f 2b f9 13 18 85 d0 48 Jun 12 18:30:02 gw1 Pluto[20911]: | peer: 95 02 18 d5 Jun 12 18:30:02 gw1 Pluto[20911]: | state hash entry 6 Jun 12 18:30:02 gw1 Pluto[20911]: | state object #1 found, in STATE_MAIN_I3 Jun 12 18:30:02 gw1 Pluto[20911]: | received encrypted packet from 149.2.24.213:500 Jun 12 18:30:02 gw1 Pluto[20911]: | decrypting 40 bytes using algorithm OAKLEY_3DES_CBC Jun 12 18:30:02 gw1 Pluto[20911]: | decrypted: Jun 12 18:30:02 gw1 Pluto[20911]: | 08 00 00 0c 01 00 00 00 95 02 18 d5 00 00 00 18 Jun 12 18:30:02 gw1 Pluto[20911]: | 5e 77 0e 89 0d 33 6e 22 d7 c6 36 b2 da a6 d2 ad Jun 12 18:30:02 gw1 Pluto[20911]: | dd 20 8a 46 00 00 00 03 Jun 12 18:30:02 gw1 Pluto[20911]: | next IV: 3a 12 ca 6b 31 b6 e0 ca Jun 12 18:30:02 gw1 Pluto[20911]: | ***parse ISAKMP Identification Payload: Jun 12 18:30:02 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_HASH Jun 12 18:30:02 gw1 Pluto[20911]: | length: 12 Jun 12 18:30:02 gw1 Pluto[20911]: | ID type: 1 Jun 12 18:30:02 gw1 Pluto[20911]: | DOI specific A: 0 Jun 12 18:30:02 gw1 Pluto[20911]: | DOI specific B: 0 Jun 12 18:30:02 gw1 Pluto[20911]: | ***parse ISAKMP Hash Payload: Jun 12 18:30:02 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_NONE Jun 12 18:30:02 gw1 Pluto[20911]: | length: 24 Jun 12 18:30:02 gw1 Pluto[20911]: | removing 4 bytes of padding Jun 12 18:30:02 gw1 Pluto[20911]: | Peer's ID is ID_IPV4_ADDR: '149.2.24.213' Jun 12 18:30:02 gw1 Pluto[20911]: | hashing 144 bytes of SA Jun 12 18:30:02 gw1 Pluto[20911]: | Hashing his ID: Type ID_IPV4_ADDR, Protocol 0, Port 0 Jun 12 18:30:02 gw1 Pluto[20911]: | authentication succeeded Jun 12 18:30:02 gw1 Pluto[20911]: | inserting event EVENT_SA_REPLACE, timeout in 2606 seconds for #1 Jun 12 18:30:02 gw1 Pluto[20911]: "db08" #1: ISAKMP SA established Jun 12 18:30:02 gw1 Pluto[20911]: | unqueuing pending Quick Mode with 149.2.24.213 "db08" Jun 12 18:30:02 gw1 Pluto[20911]: | duplicating state object #1 Jun 12 18:30:02 gw1 Pluto[20911]: | creating state object #2 at 0x809e700 Jun 12 18:30:02 gw1 Pluto[20911]: | ICOOKIE: 3b 5a 7e 11 a1 92 b3 33 Jun 12 18:30:02 gw1 Pluto[20911]: | RCOOKIE: 6f 2b f9 13 18 85 d0 48 Jun 12 18:30:02 gw1 Pluto[20911]: | peer: 95 02 18 d5 Jun 12 18:30:02 gw1 Pluto[20911]: | state hash entry 6 Jun 12 18:30:02 gw1 Pluto[20911]: | inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #2 Jun 12 18:30:02 gw1 Pluto[20911]: "db08" #2: initiating Quick Mode PSK+ENCRYPT+TUNNEL+DISABLEARRIVALCHECK Jun 12 18:30:02 gw1 Pluto[20911]: | **emit ISAKMP Message: Jun 12 18:30:02 gw1 Pluto[20911]: | initiator cookie: Jun 12 18:30:02 gw1 Pluto[20911]: | 3b 5a 7e 11 a1 92 b3 33 Jun 12 18:30:02 gw1 Pluto[20911]: | responder cookie: Jun 12 18:30:02 gw1 Pluto[20911]: | 6f 2b f9 13 18 85 d0 48 Jun 12 18:30:02 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_HASH Jun 12 18:30:02 gw1 Pluto[20911]: | ISAKMP version: ISAKMP Version 1.0 Jun 12 18:30:02 gw1 Pluto[20911]: | exchange type: ISAKMP_XCHG_QUICK Jun 12 18:30:02 gw1 Pluto[20911]: | flags: ISAKMP_FLAG_ENCRYPTION Jun 12 18:30:02 gw1 Pluto[20911]: | message ID: 3b 1d 4f fc Jun 12 18:30:02 gw1 Pluto[20911]: | ***emit ISAKMP Hash Payload: Jun 12 18:30:02 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_SA Jun 12 18:30:02 gw1 Pluto[20911]: | emitting 20 zero bytes of HASH into ISAKMP Hash Payload Jun 12 18:30:02 gw1 Pluto[20911]: | emitting length of ISAKMP Hash Payload: 24 Jun 12 18:30:02 gw1 Pluto[20911]: | ***emit ISAKMP Security Association Payload: Jun 12 18:30:02 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_NONCE Jun 12 18:30:02 gw1 Pluto[20911]: | DOI: ISAKMP_DOI_IPSEC Jun 12 18:30:02 gw1 Pluto[20911]: | ****emit IPsec DOI SIT: Jun 12 18:30:02 gw1 Pluto[20911]: | IPsec DOI SIT: SIT_IDENTITY_ONLY Jun 12 18:30:02 gw1 Pluto[20911]: | ****emit ISAKMP Proposal Payload: Jun 12 18:30:02 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_NONE Jun 12 18:30:02 gw1 Pluto[20911]: | proposal number: 0 Jun 12 18:30:02 gw1 Pluto[20911]: | protocol ID: PROTO_IPSEC_ESP Jun 12 18:30:02 gw1 Pluto[20911]: | SPI size: 4 Jun 12 18:30:02 gw1 Pluto[20911]: | number of transforms: 2 Jun 12 18:30:02 gw1 Pluto[20911]: | generate SPI: d4 5b ab fe Jun 12 18:30:02 gw1 Pluto[20911]: | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload Jun 12 18:30:02 gw1 Pluto[20911]: | SPI d4 5b ab fe Jun 12 18:30:02 gw1 Pluto[20911]: | *****emit ISAKMP Transform Payload (ESP): Jun 12 18:30:02 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_T Jun 12 18:30:02 gw1 Pluto[20911]: | transform number: 0 Jun 12 18:30:02 gw1 Pluto[20911]: | transform ID: ESP_3DES Jun 12 18:30:02 gw1 Pluto[20911]: | ******emit ISAKMP IPsec DOI attribute: Jun 12 18:30:02 gw1 Pluto[20911]: | af+type: ENCAPSULATION_MODE Jun 12 18:30:02 gw1 Pluto[20911]: | length/value: 1 Jun 12 18:30:02 gw1 Pluto[20911]: | [1 is ENCAPSULATION_MODE_TUNNEL] Jun 12 18:30:02 gw1 Pluto[20911]: | ******emit ISAKMP IPsec DOI attribute: Jun 12 18:30:02 gw1 Pluto[20911]: | af+type: SA_LIFE_TYPE Jun 12 18:30:02 gw1 Pluto[20911]: | length/value: 1 Jun 12 18:30:02 gw1 Pluto[20911]: | [1 is SA_LIFE_TYPE_SECONDS] Jun 12 18:30:02 gw1 Pluto[20911]: | ******emit ISAKMP IPsec DOI attribute: Jun 12 18:30:02 gw1 Pluto[20911]: | af+type: SA_LIFE_DURATION Jun 12 18:30:02 gw1 Pluto[20911]: | length/value: 28800 Jun 12 18:30:02 gw1 Pluto[20911]: | ******emit ISAKMP IPsec DOI attribute: Jun 12 18:30:02 gw1 Pluto[20911]: | af+type: AUTH_ALGORITHM Jun 12 18:30:02 gw1 Pluto[20911]: | length/value: 1 Jun 12 18:30:02 gw1 Pluto[20911]: | [1 is AUTH_ALGORITHM_HMAC_MD5] Jun 12 18:30:02 gw1 Pluto[20911]: | emitting length of ISAKMP Transform Payload (ESP): 24 Jun 12 18:30:02 gw1 Pluto[20911]: | *****emit ISAKMP Transform Payload (ESP): Jun 12 18:30:02 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_NONE Jun 12 18:30:02 gw1 Pluto[20911]: | transform number: 1 Jun 12 18:30:02 gw1 Pluto[20911]: | transform ID: ESP_3DES Jun 12 18:30:02 gw1 Pluto[20911]: | ******emit ISAKMP IPsec DOI attribute: Jun 12 18:30:02 gw1 Pluto[20911]: | af+type: ENCAPSULATION_MODE Jun 12 18:30:02 gw1 Pluto[20911]: | length/value: 1 Jun 12 18:30:02 gw1 Pluto[20911]: | [1 is ENCAPSULATION_MODE_TUNNEL] Jun 12 18:30:02 gw1 Pluto[20911]: | ******emit ISAKMP IPsec DOI attribute: Jun 12 18:30:02 gw1 Pluto[20911]: | af+type: SA_LIFE_TYPE Jun 12 18:30:02 gw1 Pluto[20911]: | length/value: 1 Jun 12 18:30:02 gw1 Pluto[20911]: | [1 is SA_LIFE_TYPE_SECONDS] Jun 12 18:30:02 gw1 Pluto[20911]: | ******emit ISAKMP IPsec DOI attribute: Jun 12 18:30:02 gw1 Pluto[20911]: | af+type: SA_LIFE_DURATION Jun 12 18:30:02 gw1 Pluto[20911]: | length/value: 28800 Jun 12 18:30:02 gw1 Pluto[20911]: | ******emit ISAKMP IPsec DOI attribute: Jun 12 18:30:02 gw1 Pluto[20911]: | af+type: AUTH_ALGORITHM Jun 12 18:30:02 gw1 Pluto[20911]: | length/value: 2 Jun 12 18:30:02 gw1 Pluto[20911]: | [2 is AUTH_ALGORITHM_HMAC_SHA1] Jun 12 18:30:02 gw1 Pluto[20911]: | emitting length of ISAKMP Transform Payload (ESP): 24 Jun 12 18:30:02 gw1 Pluto[20911]: | emitting length of ISAKMP Proposal Payload: 60 Jun 12 18:30:02 gw1 Pluto[20911]: | emitting length of ISAKMP Security Association Payload: 72 Jun 12 18:30:02 gw1 Pluto[20911]: | ***emit ISAKMP Nonce Payload: Jun 12 18:30:02 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_ID Jun 12 18:30:02 gw1 Pluto[20911]: | emitting 16 raw bytes of Ni into ISAKMP Nonce Payload Jun 12 18:30:02 gw1 Pluto[20911]: | Ni 77 28 d5 08 bf ed 1c a0 66 61 e9 04 26 d9 3b fe Jun 12 18:30:02 gw1 Pluto[20911]: | emitting length of ISAKMP Nonce Payload: 20 Jun 12 18:30:02 gw1 Pluto[20911]: | ***emit ISAKMP Identification Payload (IPsec DOI): Jun 12 18:30:02 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_ID Jun 12 18:30:02 gw1 Pluto[20911]: | ID type: ID_IPV4_ADDR_SUBNET Jun 12 18:30:02 gw1 Pluto[20911]: | Protocol ID: 0 Jun 12 18:30:02 gw1 Pluto[20911]: | port: 0 Jun 12 18:30:02 gw1 Pluto[20911]: | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) Jun 12 18:30:02 gw1 Pluto[20911]: | client network c0 a8 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) Jun 12 18:30:02 gw1 Pluto[20911]: | client mask ff ff ff 00 Jun 12 18:30:02 gw1 Pluto[20911]: | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 Jun 12 18:30:02 gw1 Pluto[20911]: | ***emit ISAKMP Identification Payload (IPsec DOI): Jun 12 18:30:02 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_NONE Jun 12 18:30:02 gw1 Pluto[20911]: | ID type: ID_IPV4_ADDR_SUBNET Jun 12 18:30:02 gw1 Pluto[20911]: | Protocol ID: 0 Jun 12 18:30:02 gw1 Pluto[20911]: | port: 0 Jun 12 18:30:02 gw1 Pluto[20911]: | emitting 4 raw bytes of client network into ISAKMP Identification Payload (IPsec DOI) Jun 12 18:30:02 gw1 Pluto[20911]: | client network 0a 01 01 00 Jun 12 18:30:02 gw1 Pluto[20911]: | emitting 4 raw bytes of client mask into ISAKMP Identification Payload (IPsec DOI) Jun 12 18:30:02 gw1 Pluto[20911]: | client mask ff ff ff 00 Jun 12 18:30:02 gw1 Pluto[20911]: | emitting length of ISAKMP Identification Payload (IPsec DOI): 16 Jun 12 18:30:02 gw1 Pluto[20911]: | HASH(1) computed: Jun 12 18:30:02 gw1 Pluto[20911]: | a0 f0 ad 6c 0c 0e 56 a0 32 81 09 be 52 e6 1a 4c Jun 12 18:30:02 gw1 Pluto[20911]: | 89 5a 4b a3 Jun 12 18:30:02 gw1 Pluto[20911]: | computed Phase 2 IV: Jun 12 18:30:02 gw1 Pluto[20911]: | 2d 90 85 75 6d 46 a6 f0 ce f7 86 76 73 06 06 ea Jun 12 18:30:02 gw1 Pluto[20911]: | 6d c4 7b 8f Jun 12 18:30:02 gw1 Pluto[20911]: | encrypting: Jun 12 18:30:02 gw1 Pluto[20911]: | 01 00 00 18 a0 f0 ad 6c 0c 0e 56 a0 32 81 09 be Jun 12 18:30:02 gw1 Pluto[20911]: | 52 e6 1a 4c 89 5a 4b a3 0a 00 00 48 00 00 00 01 Jun 12 18:30:02 gw1 Pluto[20911]: | 00 00 00 01 00 00 00 3c 00 03 04 02 d4 5b ab fe Jun 12 18:30:02 gw1 Pluto[20911]: | 03 00 00 18 00 03 00 00 80 04 00 01 80 01 00 01 Jun 12 18:30:02 gw1 Pluto[20911]: | 80 02 70 80 80 05 00 01 00 00 00 18 01 03 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 80 04 00 01 80 01 00 01 80 02 70 80 80 05 00 02 Jun 12 18:30:02 gw1 Pluto[20911]: | 05 00 00 14 77 28 d5 08 bf ed 1c a0 66 61 e9 04 Jun 12 18:30:02 gw1 Pluto[20911]: | 26 d9 3b fe 05 00 00 10 04 00 00 00 c0 a8 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | ff ff ff 00 00 00 00 10 04 00 00 00 0a 01 01 00 Jun 12 18:30:02 gw1 Pluto[20911]: | ff ff ff 00 Jun 12 18:30:02 gw1 Pluto[20911]: | emitting 4 zero bytes of encryption padding into ISAKMP Message Jun 12 18:30:02 gw1 Pluto[20911]: | encrypting using OAKLEY_3DES_CBC Jun 12 18:30:02 gw1 Pluto[20911]: | next IV: d4 2e 12 2c 19 65 15 86 Jun 12 18:30:02 gw1 Pluto[20911]: | emitting length of ISAKMP Message: 180 Jun 12 18:30:02 gw1 Pluto[20911]: | sending 180 bytes for quick_outI1 through eth0:5 to 149.2.24.213:500: Jun 12 18:30:02 gw1 Pluto[20911]: | 3b 5a 7e 11 a1 92 b3 33 6f 2b f9 13 18 85 d0 48 Jun 12 18:30:02 gw1 Pluto[20911]: | 08 10 20 01 3b 1d 4f fc 00 00 00 b4 bb 41 38 c7 Jun 12 18:30:02 gw1 Pluto[20911]: | 9e 37 7a 8c 0f 34 63 d3 84 76 62 41 7c 72 8f 2e Jun 12 18:30:02 gw1 Pluto[20911]: | 04 a2 60 cf a6 64 21 13 1a 98 7e ac 30 ab 09 6f Jun 12 18:30:02 gw1 Pluto[20911]: | 51 ec 7f 2f 99 d4 89 b2 54 b6 06 f7 a2 d2 77 6d Jun 12 18:30:02 gw1 Pluto[20911]: | 26 04 fb c1 7b 78 f2 f6 3f f9 63 5b 9a a0 c7 19 Jun 12 18:30:02 gw1 Pluto[20911]: | 56 7a 54 49 70 f2 7d eb bf 44 3e 27 35 e3 e3 7f Jun 12 18:30:02 gw1 Pluto[20911]: | fa f8 ae a8 19 d1 f3 4c f1 79 cc d3 cd 83 7e a5 Jun 12 18:30:02 gw1 Pluto[20911]: | 4c f7 92 aa 6e 0d 55 d8 9d c4 61 bc 7b 26 c4 58 Jun 12 18:30:02 gw1 Pluto[20911]: | 60 54 6c 78 ca 9a d0 ca 6d 24 f3 d8 b4 81 fe bb Jun 12 18:30:02 gw1 Pluto[20911]: | 12 49 53 93 2e 2b 17 66 ca 73 53 14 d4 2e 12 2c Jun 12 18:30:02 gw1 Pluto[20911]: | 19 65 15 86 Jun 12 18:30:02 gw1 Pluto[20911]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #2 Jun 12 18:30:02 gw1 Pluto[20911]: | next event EVENT_RETRANSMIT in 10 seconds for #2 Jun 12 18:30:02 gw1 Pluto[20911]: | Jun 12 18:30:02 gw1 Pluto[20911]: | *received 68 bytes from 149.2.24.213:500 on eth0:5 Jun 12 18:30:02 gw1 Pluto[20911]: | 3b 5a 7e 11 a1 92 b3 33 6f 2b f9 13 18 85 d0 48 Jun 12 18:30:02 gw1 Pluto[20911]: | 05 10 02 01 00 00 00 00 00 00 00 44 f3 5c 9e 1e Jun 12 18:30:02 gw1 Pluto[20911]: | 39 38 47 e9 1f cd 7b 73 82 91 a3 e4 77 b4 60 12 Jun 12 18:30:02 gw1 Pluto[20911]: | d4 c3 26 cd 19 e5 3d 7c e1 32 a3 95 3a 12 ca 6b Jun 12 18:30:02 gw1 Pluto[20911]: | 31 b6 e0 ca Jun 12 18:30:02 gw1 Pluto[20911]: | **parse ISAKMP Message: Jun 12 18:30:02 gw1 Pluto[20911]: | initiator cookie: Jun 12 18:30:02 gw1 Pluto[20911]: | 3b 5a 7e 11 a1 92 b3 33 Jun 12 18:30:02 gw1 Pluto[20911]: | responder cookie: Jun 12 18:30:02 gw1 Pluto[20911]: | 6f 2b f9 13 18 85 d0 48 Jun 12 18:30:02 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_ID Jun 12 18:30:02 gw1 Pluto[20911]: | ISAKMP version: ISAKMP Version 1.0 Jun 12 18:30:02 gw1 Pluto[20911]: | exchange type: ISAKMP_XCHG_IDPROT Jun 12 18:30:02 gw1 Pluto[20911]: | flags: ISAKMP_FLAG_ENCRYPTION Jun 12 18:30:02 gw1 Pluto[20911]: | message ID: 00 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | length: 68 Jun 12 18:30:02 gw1 Pluto[20911]: | ICOOKIE: 3b 5a 7e 11 a1 92 b3 33 Jun 12 18:30:02 gw1 Pluto[20911]: | RCOOKIE: 6f 2b f9 13 18 85 d0 48 Jun 12 18:30:02 gw1 Pluto[20911]: | peer: 95 02 18 d5 Jun 12 18:30:02 gw1 Pluto[20911]: | state hash entry 6 Jun 12 18:30:02 gw1 Pluto[20911]: | state object #1 found, in STATE_MAIN_I4 Jun 12 18:30:02 gw1 Pluto[20911]: "db08" #1: discarding duplicate packet; already STATE_MAIN_I4 Jun 12 18:30:02 gw1 Pluto[20911]: | next event EVENT_RETRANSMIT in 10 seconds for #2 Jun 12 18:30:02 gw1 Pluto[20911]: | Jun 12 18:30:02 gw1 Pluto[20911]: | *received 164 bytes from 149.2.24.213:500 on eth0:5 Jun 12 18:30:02 gw1 Pluto[20911]: | 3b 5a 7e 11 a1 92 b3 33 6f 2b f9 13 18 85 d0 48 Jun 12 18:30:02 gw1 Pluto[20911]: | 08 10 20 01 3b 1d 4f fc 00 00 00 a4 70 29 32 b4 Jun 12 18:30:02 gw1 Pluto[20911]: | 25 bb d3 41 20 82 f5 3e 37 fa 26 3c 51 97 6a 09 Jun 12 18:30:02 gw1 Pluto[20911]: | 28 be ec cd 8f 1f d1 18 59 94 63 eb b3 c4 11 72 Jun 12 18:30:02 gw1 Pluto[20911]: | 86 76 f2 45 7b a0 63 70 c2 3f 52 00 90 0c fb ce Jun 12 18:30:02 gw1 Pluto[20911]: | 2a 0c 3f a5 e6 2f a8 1a 4a a5 f5 0c 00 51 dc 72 Jun 12 18:30:02 gw1 Pluto[20911]: | c6 35 7c 03 20 f7 ab 2d 93 8a 04 c1 bc f2 b7 48 Jun 12 18:30:02 gw1 Pluto[20911]: | d8 a2 7b 2a bd 56 f4 f4 3e 00 ce 05 a2 27 0f 01 Jun 12 18:30:02 gw1 Pluto[20911]: | 17 ef 4b 11 30 d2 f8 11 fe 26 bd 5d 8f b9 d5 09 Jun 12 18:30:02 gw1 Pluto[20911]: | d9 4d 23 6c 5b d6 a1 5e 45 4d a7 36 0b 2a 38 ce Jun 12 18:30:02 gw1 Pluto[20911]: | d0 bf eb aa Jun 12 18:30:02 gw1 Pluto[20911]: | **parse ISAKMP Message: Jun 12 18:30:02 gw1 Pluto[20911]: | initiator cookie: Jun 12 18:30:02 gw1 Pluto[20911]: | 3b 5a 7e 11 a1 92 b3 33 Jun 12 18:30:02 gw1 Pluto[20911]: | responder cookie: Jun 12 18:30:02 gw1 Pluto[20911]: | 6f 2b f9 13 18 85 d0 48 Jun 12 18:30:02 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_HASH Jun 12 18:30:02 gw1 Pluto[20911]: | ISAKMP version: ISAKMP Version 1.0 Jun 12 18:30:02 gw1 Pluto[20911]: | exchange type: ISAKMP_XCHG_QUICK Jun 12 18:30:02 gw1 Pluto[20911]: | flags: ISAKMP_FLAG_ENCRYPTION Jun 12 18:30:02 gw1 Pluto[20911]: | message ID: 3b 1d 4f fc Jun 12 18:30:02 gw1 Pluto[20911]: | length: 164 Jun 12 18:30:02 gw1 Pluto[20911]: | ICOOKIE: 3b 5a 7e 11 a1 92 b3 33 Jun 12 18:30:02 gw1 Pluto[20911]: | RCOOKIE: 6f 2b f9 13 18 85 d0 48 Jun 12 18:30:02 gw1 Pluto[20911]: | peer: 95 02 18 d5 Jun 12 18:30:02 gw1 Pluto[20911]: | state hash entry 6 Jun 12 18:30:02 gw1 Pluto[20911]: | state object #2 found, in STATE_QUICK_I1 Jun 12 18:30:02 gw1 Pluto[20911]: | received encrypted packet from 149.2.24.213:500 Jun 12 18:30:02 gw1 Pluto[20911]: | decrypting 136 bytes using algorithm OAKLEY_3DES_CBC Jun 12 18:30:02 gw1 Pluto[20911]: | decrypted: Jun 12 18:30:02 gw1 Pluto[20911]: | 01 00 00 18 71 24 b2 08 99 c0 e1 18 e0 07 bf 51 Jun 12 18:30:02 gw1 Pluto[20911]: | 4e 18 56 ce e8 6c 13 00 0a 00 00 30 00 00 00 01 Jun 12 18:30:02 gw1 Pluto[20911]: | 00 00 00 01 00 00 00 24 01 03 04 01 7f b0 c8 8b Jun 12 18:30:02 gw1 Pluto[20911]: | 00 00 00 18 01 03 00 00 80 04 00 01 80 01 00 01 Jun 12 18:30:02 gw1 Pluto[20911]: | 80 02 70 80 80 05 00 01 05 00 00 18 98 bf 40 dd Jun 12 18:30:02 gw1 Pluto[20911]: | 8e ac ce 0d 4b 66 9e 40 ff fe af bd 4a cd 91 ee Jun 12 18:30:02 gw1 Pluto[20911]: | 05 00 00 10 04 00 00 00 c0 a8 00 00 ff ff ff 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 00 00 00 10 04 00 00 00 0a 01 01 00 ff ff ff 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 00 00 00 00 00 00 00 07 Jun 12 18:30:02 gw1 Pluto[20911]: | next IV: 0b 2a 38 ce d0 bf eb aa Jun 12 18:30:02 gw1 Pluto[20911]: | ***parse ISAKMP Hash Payload: Jun 12 18:30:02 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_SA Jun 12 18:30:02 gw1 Pluto[20911]: | length: 24 Jun 12 18:30:02 gw1 Pluto[20911]: | ***parse ISAKMP Security Association Payload: Jun 12 18:30:02 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_NONCE Jun 12 18:30:02 gw1 Pluto[20911]: | length: 48 Jun 12 18:30:02 gw1 Pluto[20911]: | DOI: ISAKMP_DOI_IPSEC Jun 12 18:30:02 gw1 Pluto[20911]: | ***parse ISAKMP Nonce Payload: Jun 12 18:30:02 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_ID Jun 12 18:30:02 gw1 Pluto[20911]: | length: 24 Jun 12 18:30:02 gw1 Pluto[20911]: | ***parse ISAKMP Identification Payload (IPsec DOI): Jun 12 18:30:02 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_ID Jun 12 18:30:02 gw1 Pluto[20911]: | length: 16 Jun 12 18:30:02 gw1 Pluto[20911]: | ID type: ID_IPV4_ADDR_SUBNET Jun 12 18:30:02 gw1 Pluto[20911]: | Protocol ID: 0 Jun 12 18:30:02 gw1 Pluto[20911]: | port: 0 Jun 12 18:30:02 gw1 Pluto[20911]: | ***parse ISAKMP Identification Payload (IPsec DOI): Jun 12 18:30:02 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_NONE Jun 12 18:30:02 gw1 Pluto[20911]: | length: 16 Jun 12 18:30:02 gw1 Pluto[20911]: | ID type: ID_IPV4_ADDR_SUBNET Jun 12 18:30:02 gw1 Pluto[20911]: | Protocol ID: 0 Jun 12 18:30:02 gw1 Pluto[20911]: | port: 0 Jun 12 18:30:02 gw1 Pluto[20911]: | removing 8 bytes of padding Jun 12 18:30:02 gw1 Pluto[20911]: | **emit ISAKMP Message: Jun 12 18:30:02 gw1 Pluto[20911]: | initiator cookie: Jun 12 18:30:02 gw1 Pluto[20911]: | 3b 5a 7e 11 a1 92 b3 33 Jun 12 18:30:02 gw1 Pluto[20911]: | responder cookie: Jun 12 18:30:02 gw1 Pluto[20911]: | 6f 2b f9 13 18 85 d0 48 Jun 12 18:30:02 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_HASH Jun 12 18:30:02 gw1 Pluto[20911]: | ISAKMP version: ISAKMP Version 1.0 Jun 12 18:30:02 gw1 Pluto[20911]: | exchange type: ISAKMP_XCHG_QUICK Jun 12 18:30:02 gw1 Pluto[20911]: | flags: ISAKMP_FLAG_ENCRYPTION Jun 12 18:30:02 gw1 Pluto[20911]: | message ID: 3b 1d 4f fc Jun 12 18:30:02 gw1 Pluto[20911]: | HASH(2) computed: Jun 12 18:30:02 gw1 Pluto[20911]: | 71 24 b2 08 99 c0 e1 18 e0 07 bf 51 4e 18 56 ce Jun 12 18:30:02 gw1 Pluto[20911]: | e8 6c 13 00 Jun 12 18:30:02 gw1 Pluto[20911]: | ****parse IPsec DOI SIT: Jun 12 18:30:02 gw1 Pluto[20911]: | IPsec DOI SIT: SIT_IDENTITY_ONLY Jun 12 18:30:02 gw1 Pluto[20911]: | ****parse ISAKMP Proposal Payload: Jun 12 18:30:02 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_NONE Jun 12 18:30:02 gw1 Pluto[20911]: | length: 36 Jun 12 18:30:02 gw1 Pluto[20911]: | proposal number: 1 Jun 12 18:30:02 gw1 Pluto[20911]: | protocol ID: PROTO_IPSEC_ESP Jun 12 18:30:02 gw1 Pluto[20911]: | SPI size: 4 Jun 12 18:30:02 gw1 Pluto[20911]: | number of transforms: 1 Jun 12 18:30:02 gw1 Pluto[20911]: | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI Jun 12 18:30:02 gw1 Pluto[20911]: | SPI 7f b0 c8 8b Jun 12 18:30:02 gw1 Pluto[20911]: | *****parse ISAKMP Transform Payload (ESP): Jun 12 18:30:02 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_NONE Jun 12 18:30:02 gw1 Pluto[20911]: | length: 24 Jun 12 18:30:02 gw1 Pluto[20911]: | transform number: 1 Jun 12 18:30:02 gw1 Pluto[20911]: | transform ID: ESP_3DES Jun 12 18:30:02 gw1 Pluto[20911]: | ******parse ISAKMP IPsec DOI attribute: Jun 12 18:30:02 gw1 Pluto[20911]: | af+type: ENCAPSULATION_MODE Jun 12 18:30:02 gw1 Pluto[20911]: | length/value: 1 Jun 12 18:30:02 gw1 Pluto[20911]: | [1 is ENCAPSULATION_MODE_TUNNEL] Jun 12 18:30:02 gw1 Pluto[20911]: | ******parse ISAKMP IPsec DOI attribute: Jun 12 18:30:02 gw1 Pluto[20911]: | af+type: SA_LIFE_TYPE Jun 12 18:30:02 gw1 Pluto[20911]: | length/value: 1 Jun 12 18:30:02 gw1 Pluto[20911]: | [1 is SA_LIFE_TYPE_SECONDS] Jun 12 18:30:02 gw1 Pluto[20911]: | ******parse ISAKMP IPsec DOI attribute: Jun 12 18:30:02 gw1 Pluto[20911]: | af+type: SA_LIFE_DURATION Jun 12 18:30:02 gw1 Pluto[20911]: | length/value: 28800 Jun 12 18:30:02 gw1 Pluto[20911]: | ******parse ISAKMP IPsec DOI attribute: Jun 12 18:30:02 gw1 Pluto[20911]: | af+type: AUTH_ALGORITHM Jun 12 18:30:02 gw1 Pluto[20911]: | length/value: 1 Jun 12 18:30:02 gw1 Pluto[20911]: | [1 is AUTH_ALGORITHM_HMAC_MD5] Jun 12 18:30:02 gw1 Pluto[20911]: | our client is subnet 192.168.0.0/24 Jun 12 18:30:02 gw1 Pluto[20911]: | peer client is subnet 10.1.1.0/24 Jun 12 18:30:02 gw1 Pluto[20911]: | ***emit ISAKMP Hash Payload: Jun 12 18:30:02 gw1 Pluto[20911]: | next payload type: ISAKMP_NEXT_NONE Jun 12 18:30:02 gw1 Pluto[20911]: | emitting 20 zero bytes of HASH into ISAKMP Hash Payload Jun 12 18:30:02 gw1 Pluto[20911]: | emitting length of ISAKMP Hash Payload: 24 Jun 12 18:30:02 gw1 Pluto[20911]: | HASH(3) computed: 25 45 e7 6a 6e 11 90 55 66 31 37 23 c8 68 5e f3 Jun 12 18:30:02 gw1 Pluto[20911]: | 0f df a6 f4 Jun 12 18:30:02 gw1 Pluto[20911]: | KEYMAT computed: Jun 12 18:30:02 gw1 Pluto[20911]: | 8e e3 49 0d c2 84 49 91 8f 51 39 ca 1b 64 a4 3b Jun 12 18:30:02 gw1 Pluto[20911]: | 2d 94 3c f2 8c 78 6b 77 21 f4 88 aa 12 4e 02 e9 Jun 12 18:30:02 gw1 Pluto[20911]: | 39 5a c6 39 79 8a a1 52 Jun 12 18:30:02 gw1 Pluto[20911]: | Peer KEYMAT computed: Jun 12 18:30:02 gw1 Pluto[20911]: | 6d cc d6 87 c7 5d 84 fb 53 8d d2 65 c2 54 0a 31 Jun 12 18:30:02 gw1 Pluto[20911]: | 18 29 41 0f ff 2f be 09 a1 14 53 31 68 47 08 c4 Jun 12 18:30:02 gw1 Pluto[20911]: | cc 7c 14 2b 5b 06 46 7e Jun 12 18:30:02 gw1 Pluto[20911]: | route owner of "db08" CK_PERMANENT unrouted: NULL; eroute owner: NULL Jun 12 18:30:02 gw1 Pluto[20911]: | finish_pfkey_msg: SADB_ADD message 5 for Add ESP SA esp.d45babfe@65.219.193.250 Jun 12 18:30:02 gw1 Pluto[20911]: | 02 03 00 03 11 00 00 00 05 00 00 00 af 51 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 02 00 01 00 d4 5b ab fe 40 01 02 03 00 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 03 00 05 00 00 00 00 00 02 00 01 f4 95 02 18 d5 Jun 12 18:30:02 gw1 Pluto[20911]: | 00 00 00 00 00 00 00 00 03 00 06 00 00 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 02 00 00 00 41 db c1 fa 00 00 00 00 00 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 03 00 08 00 80 00 00 00 21 f4 88 aa 12 4e 02 e9 Jun 12 18:30:02 gw1 Pluto[20911]: | 39 5a c6 39 79 8a a1 52 04 00 09 00 c0 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 8e e3 49 0d c2 84 49 91 8f 51 39 ca 1b 64 a4 3b Jun 12 18:30:02 gw1 Pluto[20911]: | 2d 94 3c f2 8c 78 6b 77 Jun 12 18:30:02 gw1 Pluto[20911]: | pfkey_get: SADB_ADD message 5 Jun 12 18:30:02 gw1 Pluto[20911]: | finish_pfkey_msg: SADB_ADD message 6 for Add IPIP SA tun.1001@149.2.24.213 Jun 12 18:30:02 gw1 Pluto[20911]: | 02 03 00 09 0a 00 00 00 06 00 00 00 af 51 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 02 00 01 00 00 00 10 01 00 01 00 00 00 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 03 00 05 00 00 00 00 00 02 00 01 f4 95 02 18 d5 Jun 12 18:30:02 gw1 Pluto[20911]: | 00 00 00 00 00 00 00 00 03 00 06 00 00 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 02 00 00 00 41 db c1 fa 00 00 00 00 00 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | pfkey_get: SADB_ADD message 6 Jun 12 18:30:02 gw1 Pluto[20911]: | grouping tun.1001@65.219.193.250 and esp.d45babfe@65.219.193.250 Jun 12 18:30:02 gw1 Pluto[20911]: | finish_pfkey_msg: SADB_X_GRPSA message 7 for group tun.1001@65.219.193.250 Jun 12 18:30:02 gw1 Pluto[20911]: | 02 0d 00 09 0d 00 00 00 07 00 00 00 af 51 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 02 00 01 00 00 00 10 01 00 00 00 00 00 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 03 00 06 00 00 00 00 00 02 00 00 00 41 db c1 fa Jun 12 18:30:02 gw1 Pluto[20911]: | 00 00 00 00 00 00 00 00 01 00 12 00 03 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 02 00 13 00 d4 5b ab fe 00 00 00 00 00 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 03 00 14 00 00 00 00 00 02 00 00 00 41 db c1 fa Jun 12 18:30:02 gw1 Pluto[20911]: | 00 00 00 00 00 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | pfkey_get: SADB_X_GRPSA message 7 Jun 12 18:30:02 gw1 Pluto[20911]: | finish_pfkey_msg: SADB_ADD message 8 for Add ESP SA esp.7fb0c88b@149.2.24.213 Jun 12 18:30:02 gw1 Pluto[20911]: | 02 03 00 03 11 00 00 00 08 00 00 00 af 51 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 02 00 01 00 7f b0 c8 8b 40 01 02 03 00 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 03 00 05 00 00 00 00 00 02 00 00 00 41 db c1 fa Jun 12 18:30:02 gw1 Pluto[20911]: | 00 00 00 00 00 00 00 00 03 00 06 00 00 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 02 00 01 f4 95 02 18 d5 00 00 00 00 00 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 03 00 08 00 80 00 00 00 a1 14 53 31 68 47 08 c4 Jun 12 18:30:02 gw1 Pluto[20911]: | cc 7c 14 2b 5b 06 46 7e 04 00 09 00 c0 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 6d cc d6 87 c7 5d 84 fb 53 8d d2 65 c2 54 0a 31 Jun 12 18:30:02 gw1 Pluto[20911]: | 18 29 41 0f ff 2f be 09 Jun 12 18:30:02 gw1 Pluto[20911]: | pfkey_get: SADB_ADD message 8 Jun 12 18:30:02 gw1 Pluto[20911]: | finish_pfkey_msg: SADB_ADD message 9 for Add IPIP SA tun.1002@149.2.24.213 Jun 12 18:30:02 gw1 Pluto[20911]: | 02 03 00 09 0a 00 00 00 09 00 00 00 af 51 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 02 00 01 00 00 00 10 02 00 01 00 00 00 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 03 00 05 00 00 00 00 00 02 00 00 00 41 db c1 fa Jun 12 18:30:02 gw1 Pluto[20911]: | 00 00 00 00 00 00 00 00 03 00 06 00 00 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 02 00 01 f4 95 02 18 d5 00 00 00 00 00 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | pfkey_get: SADB_ADD message 9 Jun 12 18:30:02 gw1 Pluto[20911]: | grouping tun.1002@149.2.24.213 and esp.7fb0c88b@149.2.24.213 Jun 12 18:30:02 gw1 Pluto[20911]: | finish_pfkey_msg: SADB_X_GRPSA message 10 for group tun.1002@149.2.24.213 Jun 12 18:30:02 gw1 Pluto[20911]: | 02 0d 00 09 0d 00 00 00 0a 00 00 00 af 51 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 02 00 01 00 00 00 10 02 00 00 00 00 00 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 03 00 06 00 00 00 00 00 02 00 01 f4 95 02 18 d5 Jun 12 18:30:02 gw1 Pluto[20911]: | 00 00 00 00 00 00 00 00 01 00 12 00 03 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 02 00 13 00 7f b0 c8 8b 00 00 00 00 00 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 03 00 14 00 00 00 00 00 02 00 01 f4 95 02 18 d5 Jun 12 18:30:02 gw1 Pluto[20911]: | 00 00 00 00 00 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | pfkey_get: SADB_X_GRPSA message 10 Jun 12 18:30:02 gw1 Pluto[20911]: | route owner of "db08" CK_PERMANENT unrouted: NULL; eroute owner: NULL Jun 12 18:30:02 gw1 Pluto[20911]: | add eroute 192.168.0.0/24 -> 10.1.1.0/24 => tun.1002@149.2.24.213 Jun 12 18:30:02 gw1 Pluto[20911]: | finish_pfkey_msg: SADB_X_ADDFLOW message 11 for flow tun.1002@149.2.24.213 Jun 12 18:30:02 gw1 Pluto[20911]: | 02 0e 00 09 16 00 00 00 0b 00 00 00 af 51 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 02 00 01 00 00 00 10 02 00 00 00 00 00 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 03 00 05 00 00 00 00 00 02 00 00 00 41 db c1 fa Jun 12 18:30:02 gw1 Pluto[20911]: | 00 00 00 00 00 00 00 00 03 00 06 00 00 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 02 00 01 f4 95 02 18 d5 00 00 00 00 00 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 03 00 15 00 00 00 00 00 02 00 00 00 c0 a8 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 34 f1 ff bf cc f0 ff bf 03 00 16 00 00 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 02 00 00 00 0a 01 01 00 cc 35 01 40 24 fa ff bf Jun 12 18:30:02 gw1 Pluto[20911]: | 03 00 17 00 00 00 00 00 02 00 00 00 ff ff ff 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 33 00 30 00 00 00 00 00 03 00 18 00 00 00 00 00 Jun 12 18:30:02 gw1 Pluto[20911]: | 02 00 00 00 ff ff ff 00 98 e5 09 08 74 75 6e 2e Jun 12 18:30:02 gw1 Pluto[20911]: | pfkey_get: SADB_X_ADDFLOW message 11 Jun 12 18:30:02 gw1 Pluto[20911]: | executing up-client: 2>&1 PLUTO_VERSION='1.1' PLUTO_VERB='up-client' PLUTO_CONNECTION='db08' PLUTO_NEXT_HOP='65.219.193.225' PLUTO_INTERFACE='ipsec0' PLUTO_ME='65.219.193.250' PLUTO_MY_CLIENT='192.168.0.0/24' PLUTO_MY_CLIENT_NET='192.168.0.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_PEER='149.2.24.213' PLUTO_PEER_CLIENT='10.1.1.0/24' PLUTO_PEER_CLIENT_NET='10.1.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' ipsec _updown Jun 12 18:30:02 gw1 Pluto[20911]: | executing prepare-client: 2>&1 PLUTO_VERSION='1.1' PLUTO_VERB='prepare-client' PLUTO_CONNECTION='db08' PLUTO_NEXT_HOP='65.219.193.225' PLUTO_INTERFACE='ipsec0' PLUTO_ME='65.219.193.250' PLUTO_MY_CLIENT='192.168.0.0/24' PLUTO_MY_CLIENT_NET='192.168.0.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_PEER='149.2.24.213' PLUTO_PEER_CLIENT='10.1.1.0/24' PLUTO_PEER_CLIENT_NET='10.1.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' ipsec _updown Jun 12 18:30:02 gw1 Pluto[20911]: | executing route-client: 2>&1 PLUTO_VERSION='1.1' PLUTO_VERB='route-client' PLUTO_CONNECTION='db08' PLUTO_NEXT_HOP='65.219.193.225' PLUTO_INTERFACE='ipsec0' PLUTO_ME='65.219.193.250' PLUTO_MY_CLIENT='192.168.0.0/24' PLUTO_MY_CLIENT_NET='192.168.0.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_PEER='149.2.24.213' PLUTO_PEER_CLIENT='10.1.1.0/24' PLUTO_PEER_CLIENT_NET='10.1.1.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' ipsec _updown Jun 12 18:30:02 gw1 Pluto[20911]: | encrypting: Jun 12 18:30:02 gw1 Pluto[20911]: | 00 00 00 18 25 45 e7 6a 6e 11 90 55 66 31 37 23 Jun 12 18:30:02 gw1 Pluto[20911]: | c8 68 5e f3 0f df a6 f4 Jun 12 18:30:02 gw1 Pluto[20911]: | encrypting using OAKLEY_3DES_CBC Jun 12 18:30:02 gw1 Pluto[20911]: | next IV: 81 8b 45 16 8b d1 33 ac Jun 12 18:30:02 gw1 Pluto[20911]: | emitting length of ISAKMP Message: 52 Jun 12 18:30:02 gw1 Pluto[20911]: | sending 52 bytes for STATE_QUICK_I1 through eth0:5 to 149.2.24.213:500: Jun 12 18:30:02 gw1 Pluto[20911]: | 3b 5a 7e 11 a1 92 b3 33 6f 2b f9 13 18 85 d0 48 Jun 12 18:30:02 gw1 Pluto[20911]: | 08 10 20 01 3b 1d 4f fc 00 00 00 34 06 88 4d c8 Jun 12 18:30:02 gw1 Pluto[20911]: | 5d 00 f3 4e 29 e0 ca b3 d4 1e a7 8f 81 8b 45 16 Jun 12 18:30:02 gw1 Pluto[20911]: | 8b d1 33 ac Jun 12 18:30:02 gw1 Pluto[20911]: | inserting event EVENT_SA_REPLACE, timeout in 27979 seconds for #2 Jun 12 18:30:02 gw1 Pluto[20911]: "db08" #2: sent QI2, IPsec SA established Jun 12 18:30:02 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 87 seconds Jun 12 18:30:20 gw1 Pluto[20911]: | Jun 12 18:30:20 gw1 Pluto[20911]: | *received whack message Jun 12 18:30:20 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 69 seconds Jun 12 18:31:29 gw1 Pluto[20911]: | Jun 12 18:31:29 gw1 Pluto[20911]: | *time to handle event Jun 12 18:31:29 gw1 Pluto[20911]: | event after this is EVENT_SA_REPLACE in 2519 seconds Jun 12 18:31:29 gw1 Pluto[20911]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds Jun 12 18:31:29 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 120 seconds Jun 12 18:33:29 gw1 Pluto[20911]: | Jun 12 18:33:29 gw1 Pluto[20911]: | *time to handle event Jun 12 18:33:29 gw1 Pluto[20911]: | event after this is EVENT_SA_REPLACE in 2399 seconds Jun 12 18:33:29 gw1 Pluto[20911]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds Jun 12 18:33:29 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 120 seconds Jun 12 18:35:29 gw1 Pluto[20911]: | Jun 12 18:35:29 gw1 Pluto[20911]: | *time to handle event Jun 12 18:35:29 gw1 Pluto[20911]: | event after this is EVENT_SA_REPLACE in 2279 seconds Jun 12 18:35:29 gw1 Pluto[20911]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds Jun 12 18:35:29 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 120 seconds Jun 12 18:37:29 gw1 Pluto[20911]: | Jun 12 18:37:29 gw1 Pluto[20911]: | *time to handle event Jun 12 18:37:29 gw1 Pluto[20911]: | event after this is EVENT_SA_REPLACE in 2159 seconds Jun 12 18:37:29 gw1 Pluto[20911]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds Jun 12 18:37:29 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 120 seconds Jun 12 18:39:29 gw1 Pluto[20911]: | Jun 12 18:39:29 gw1 Pluto[20911]: | *time to handle event Jun 12 18:39:29 gw1 Pluto[20911]: | event after this is EVENT_SA_REPLACE in 2039 seconds Jun 12 18:39:29 gw1 Pluto[20911]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds Jun 12 18:39:29 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 120 seconds Jun 12 18:41:29 gw1 Pluto[20911]: | Jun 12 18:41:29 gw1 Pluto[20911]: | *time to handle event Jun 12 18:41:29 gw1 Pluto[20911]: | event after this is EVENT_SA_REPLACE in 1919 seconds Jun 12 18:41:29 gw1 Pluto[20911]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds Jun 12 18:41:29 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 120 seconds Jun 12 18:43:29 gw1 Pluto[20911]: | Jun 12 18:43:29 gw1 Pluto[20911]: | *time to handle event Jun 12 18:43:29 gw1 Pluto[20911]: | event after this is EVENT_SA_REPLACE in 1799 seconds Jun 12 18:43:29 gw1 Pluto[20911]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds Jun 12 18:43:29 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 120 seconds Jun 12 18:45:29 gw1 Pluto[20911]: | Jun 12 18:45:29 gw1 Pluto[20911]: | *time to handle event Jun 12 18:45:29 gw1 Pluto[20911]: | event after this is EVENT_SA_REPLACE in 1679 seconds Jun 12 18:45:29 gw1 Pluto[20911]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds Jun 12 18:45:29 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 120 seconds Jun 12 18:47:29 gw1 Pluto[20911]: | Jun 12 18:47:29 gw1 Pluto[20911]: | *time to handle event Jun 12 18:47:29 gw1 Pluto[20911]: | event after this is EVENT_SA_REPLACE in 1559 seconds Jun 12 18:47:29 gw1 Pluto[20911]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds Jun 12 18:47:29 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 120 seconds Jun 12 18:49:29 gw1 Pluto[20911]: | Jun 12 18:49:29 gw1 Pluto[20911]: | *time to handle event Jun 12 18:49:29 gw1 Pluto[20911]: | event after this is EVENT_SA_REPLACE in 1439 seconds Jun 12 18:49:29 gw1 Pluto[20911]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds Jun 12 18:49:29 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 120 seconds Jun 12 18:51:29 gw1 Pluto[20911]: | Jun 12 18:51:29 gw1 Pluto[20911]: | *time to handle event Jun 12 18:51:29 gw1 Pluto[20911]: | event after this is EVENT_SA_REPLACE in 1319 seconds Jun 12 18:51:29 gw1 Pluto[20911]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds Jun 12 18:51:29 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 120 seconds Jun 12 18:53:29 gw1 Pluto[20911]: | Jun 12 18:53:29 gw1 Pluto[20911]: | *time to handle event Jun 12 18:53:29 gw1 Pluto[20911]: | event after this is EVENT_SA_REPLACE in 1199 seconds Jun 12 18:53:29 gw1 Pluto[20911]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds Jun 12 18:53:29 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 120 seconds Jun 12 18:53:35 gw1 Pluto[20911]: | Jun 12 18:53:35 gw1 Pluto[20911]: | *received whack message Jun 12 18:53:35 gw1 Pluto[20911]: | base debugging = debug-raw+debug-crypt+debug-parsing+debug-emitting+debug-control+debug-lifecycle+debug-klips+ Jun 12 18:53:35 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 114 seconds Jun 12 18:53:56 gw1 Pluto[20911]: | Jun 12 18:53:56 gw1 Pluto[20911]: | *received whack message Jun 12 18:53:56 gw1 Pluto[20911]: | next event EVENT_SHUNT_SCAN in 93 seconds + _________________________ date + date Wed Jun 12 18:53:57 EDT 2002