Barf File from Left Firewall. firewall Sat Nov 30 21:45:46 UTC 2002 + _________________________ + + ipsec --version Linux FreeS/WAN 1.91 See `ipsec --copyright' for copyright information. + _________________________ + + cat /proc/version Linux version 2.2.19-3-LEAF (root@debian) (gcc version 2.7.2.3) #2 Sat Dec 1 12:34:52 CST 2001 + _________________________ + + cat /proc/net/ipsec_eroute 0 192.168.1.0/24 -> 192.168.2.0/24 => tun0x100a@208.180.134.7 + _________________________ + + cat /proc/net/ipsec_spi esp0x4edd642a@208.180.134.97 ESP_3DES_HMAC_MD5: dir=in src=208.180.134.7 iv_bits=64bits iv=0x42c3fd8f9a657618 ooowin=64 alen=128 aklen=128 eklen=192 life(c,s,h)=add(2994,0,0) esp0x4edd6429@208.180.134.97 ESP_3DES_HMAC_MD5: dir=in src=208.180.134.7 iv_bits=64bits iv=0x3c485a5ac315fc8f ooowin=64 alen=128 aklen=128 eklen=192 life(c,s,h)=add(3010,0,0) esp0x4edd6428@208.180.134.97 ESP_3DES_HMAC_MD5: dir=in src=208.180.134.7 iv_bits=64bits iv=0x3b37a1e376335265 ooowin=64 seq=13 bit=0x000001fff alen=128 aklen=128 eklen=192 life(c,s,h)=bytes(1068,0,0)add(17149,0,0)use(16801,0,0)packets(13,0,0) idle=16654 esp0x4edd6427@208.180.134.97 ESP_3DES_HMAC_MD5: dir=in src=208.180.134.7 iv_bits=64bits iv=0x00b8141065b7478e ooowin=64 alen=128 aklen=128 eklen=192 life(c,s,h)=add(22036,0,0) esp0x4edd6426@208.180.134.97 ESP_3DES_HMAC_MD5: dir=in src=208.180.134.7 iv_bits=64bits iv=0x9d7bc00e6a96e18d ooowin=64 alen=128 aklen=128 eklen=192 life(c,s,h)=add(22036,0,0) tun0x1009@208.180.134.97 IPIP: dir=in src=208.180.134.7 life(c,s,h)=add(2994,0,0) tun0x1007@208.180.134.97 IPIP: dir=in src=208.180.134.7 life(c,s,h)=add(3010,0,0) tun0x1005@208.180.134.97 IPIP: dir=in src=208.180.134.7 life(c,s,h)=bytes(1068,0,0)add(17149,0,0)use(16801,0,0)packets(13,0,0) idle=16654 tun0x1003@208.180.134.97 IPIP: dir=in src=208.180.134.7 life(c,s,h)=add(22036,0,0) tun0x1001@208.180.134.97 IPIP: dir=in src=208.180.134.7 life(c,s,h)=add(22036,0,0) esp0x291416a1@208.180.134.7 ESP_3DES_HMAC_MD5: dir=out src=208.180.134.97 iv_bits=64bits iv=0xc5709dfaedcc2158 ooowin=64 alen=128 aklen=128 eklen=192 life(c,s,h)=add(2994,0,0) esp0x291416a0@208.180.134.7 ESP_3DES_HMAC_MD5: dir=out src=208.180.134.97 iv_bits=64bits iv=0xf096032fe53d3394 ooowin=64 alen=128 aklen=128 eklen=192 life(c,s,h)=add(3010,0,0) esp0x2914169f@208.180.134.7 ESP_3DES_HMAC_MD5: dir=out src=208.180.134.97 iv_bits=64bits iv=0x8d441e97cdb5cd14 ooowin=64 alen=128 aklen=128 eklen=192 life(c,s,h)=add(17149,0,0) esp0xbee6e631@208.180.134.7 ESP_3DES_HMAC_MD5: dir=out src=208.180.134.97 iv_bits=64bits iv=0x6a06f19783bc5725 ooowin=64 alen=128 aklen=128 eklen=192 life(c,s,h)=add(22036,0,0) esp0xbee6e630@208.180.134.7 ESP_3DES_HMAC_MD5: dir=out src=208.180.134.97 iv_bits=64bits iv=0x1a4cfb442f8bda11 ooowin=64 alen=128 aklen=128 eklen=192 life(c,s,h)=add(22036,0,0) tun0x100a@208.180.134.7 IPIP: dir=out src=208.180.134.97 life(c,s,h)=add(2994,0,0) tun0x1008@208.180.134.7 IPIP: dir=out src=208.180.134.97 life(c,s,h)=add(3010,0,0) tun0x1006@208.180.134.7 IPIP: dir=out src=208.180.134.97 life(c,s,h)=add(17149,0,0) tun0x1004@208.180.134.7 IPIP: dir=out src=208.180.134.97 life(c,s,h)=add(22036,0,0) tun0x1002@208.180.134.7 IPIP: dir=out src=208.180.134.97 life(c,s,h)=add(22036,0,0) + _________________________ + + cat /proc/net/ipsec_spigrp tun0x1009@208.180.134.97 esp0x4edd642a@208.180.134.97 tun0x1007@208.180.134.97 esp0x4edd6429@208.180.134.97 tun0x1005@208.180.134.97 esp0x4edd6428@208.180.134.97 tun0x1003@208.180.134.97 esp0x4edd6427@208.180.134.97 tun0x1001@208.180.134.97 esp0x4edd6426@208.180.134.97 tun0x100a@208.180.134.7 esp0x291416a1@208.180.134.7 tun0x1008@208.180.134.7 esp0x291416a0@208.180.134.7 tun0x1006@208.180.134.7 esp0x2914169f@208.180.134.7 tun0x1004@208.180.134.7 esp0xbee6e631@208.180.134.7 tun0x1002@208.180.134.7 esp0xbee6e630@208.180.134.7 + _________________________ + + netstat -nr Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 208.180.134.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 208.180.134.0 0.0.0.0 255.255.255.0 U 0 0 0 ipsec0 192.168.2.0 208.180.134.1 255.255.255.0 UG 0 0 0 ipsec0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 0.0.0.0 208.180.134.1 0.0.0.0 UG 0 0 0 eth0 + _________________________ + + cat /proc/net/ipsec_tncfg ipsec0 -> eth0 mtu=16260(1500) -> 1500 ipsec1 -> NULL mtu=0(0) -> 0 ipsec2 -> NULL mtu=0(0) -> 0 ipsec3 -> NULL mtu=0(0) -> 0 + _________________________ + + cat /proc/net/pf_key sock pid socket next prev e n p sndbf Flags Type St c15f4200 1048 c163faa8 0 0 0 0 2 32767 00000000 3 1 + _________________________ + + cd /proc/net + egrep ^ pf_key_registered pf_key_supported pf_key_registered:satype socket pid sk pf_key_registered: 2 c163faa8 1048 c15f4200 pf_key_registered: 3 c163faa8 1048 c15f4200 pf_key_registered: 9 c163faa8 1048 c15f4200 pf_key_registered: 10 c163faa8 1048 c15f4200 pf_key_supported:satype exttype alg_id ivlen minbits maxbits pf_key_supported: 2 14 3 0 160 160 pf_key_supported: 2 14 2 0 128 128 pf_key_supported: 3 15 3 128 168 168 pf_key_supported: 3 14 3 0 160 160 pf_key_supported: 3 14 2 0 128 128 pf_key_supported: 9 15 1 0 32 32 pf_key_supported: 10 15 2 0 1 1 + _________________________ + + cd /proc/sys/net/ipsec + egrep ^ debug_ah debug_eroute debug_esp debug_ipcomp debug_netlink debug_pfkey debug_radij debug_rcv debug_spi debug_tunnel debug_verbose debug_xform icmp inbound_policy_check tos debug_ah:0 debug_eroute:0 debug_esp:0 debug_ipcomp:0 debug_netlink:0 debug_pfkey:0 debug_radij:0 debug_rcv:0 debug_spi:0 debug_tunnel:0 debug_verbose:0 debug_xform:0 icmp:0 inbound_policy_check:1 tos:1 + _________________________ + + ipsec auto --status 000 interface ipsec0/eth0 208.180.134.97 000 000 "net": 192.168.1.0/24===208.180.134.97---208.180.134.1... 000 "net": ...208.180.134.1---208.180.134.7===192.168.2.0/24 000 "net": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0 000 "net": policy: PSK+ENCRYPT+TUNNEL+PFS; interface: eth0; erouted 000 "net": newest ISAKMP SA: #15; newest IPsec SA: #14; eroute owner: #14 000 000 #3: "net" STATE_QUICK_I2 (sent QI2, IPsec SA established); EVENT_SA_REPLACE in 6012s 000 #3: "net" esp.bee6e630@208.180.134.7 esp.4edd6426@208.180.134.97 tun.1002@208.180.134.7 tun.1001@208.180.134.97 000 #4: "net" STATE_QUICK_R2 (IPsec SA established); EVENT_SA_REPLACE in 6494s 000 #4: "net" esp.bee6e631@208.180.134.7 esp.4edd6427@208.180.134.97 tun.1004@208.180.134.7 tun.1003@208.180.134.97 000 #7: "net" STATE_QUICK_R2 (IPsec SA established); EVENT_SA_REPLACE in 11381s 000 #7: "net" esp.2914169f@208.180.134.7 esp.4edd6428@208.180.134.97 tun.1006@208.180.134.7 tun.1005@208.180.134.97 000 #15: "net" STATE_MAIN_R3 (sent MR3, ISAKMP SA established); EVENT_SA_REPLACE in 2455s; newest ISAKMP 000 #14: "net" STATE_QUICK_R2 (IPsec SA established); EVENT_SA_REPLACE in 25536s; newest IPSEC; eroute owner 000 #14: "net" esp.291416a1@208.180.134.7 esp.4edd642a@208.180.134.97 tun.100a@208.180.134.7 tun.1009@208.180.134.97 000 #13: "net" STATE_QUICK_I2 (sent QI2, IPsec SA established); EVENT_SA_REPLACE in 24828s 000 #13: "net" esp.291416a0@208.180.134.7 esp.4edd6429@208.180.134.97 tun.1008@208.180.134.7 tun.1007@208.180.134.97 + _________________________ + + ifconfig -a lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:3924 Metric:1 RX packets:192 errors:0 dropped:0 overruns:0 frame:0 TX packets:192 errors:0 dropped:0 overruns:0 carrier:0 Collisions:0 ipsec0 Link encap:Ethernet HWaddr 00:A0:24:42:32:05 inet addr:208.180.134.97 Mask:255.255.255.0 UP RUNNING NOARP MTU:16260 Metric:1 RX packets:13 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:16 overruns:0 carrier:0 Collisions:0 ipsec1 Link encap:IPIP Tunnel HWaddr unspec addr:[NONE SET] Mask:[NONE SET] NOARP MTU:0 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 Collisions:0 ipsec2 Link encap:IPIP Tunnel HWaddr unspec addr:[NONE SET] Mask:[NONE SET] NOARP MTU:0 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 Collisions:0 ipsec3 Link encap:IPIP Tunnel HWaddr unspec addr:[NONE SET] Mask:[NONE SET] NOARP MTU:0 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 Collisions:0 eth0 Link encap:Ethernet HWaddr 00:A0:24:42:32:05 inet addr:208.180.134.97 Bcast:0.0.0.0 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:149850 errors:0 dropped:0 overruns:0 frame:0 TX packets:35351 errors:0 dropped:0 overruns:0 carrier:0 Collisions:109 Interrupt:10 Base address:0x300 eth1 Link encap:Ethernet HWaddr 00:A0:24:DB:73:07 inet addr:192.168.1.254 Bcast:192.168.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:87360 errors:0 dropped:0 overruns:0 frame:0 TX packets:37977 errors:0 dropped:0 overruns:0 carrier:0 Collisions:728 Interrupt:11 Base address:0x280 + _________________________ + + ipsec --directory /usr/local/lib/ipsec + _________________________ + + hostname --fqdn hostname: invalid option -- - BusyBox v0.60.1 (2001.10.18-21:35+0000) multi-call binary Usage: hostname [OPTION] {hostname | -F FILE} + _________________________ + + hostname --ip-address hostname: invalid option -- - BusyBox v0.60.1 (2001.10.18-21:35+0000) multi-call binary Usage: hostname [OPTION] {hostname | -F FILE} + _________________________ + + uptime 21:45:46 up 0 Days (6h), load average: 0.08 0.02 0.01 + _________________________ + + ipsec showdefaults routephys=eth0 routephys=eth0 routevirt=ipsec0 routevirt=ipsec0 routeaddr=208.180.134.97 routeaddr=208.180.134.97 routenexthop=208.180.134.1 routenexthop=208.180.134.1 defaultroutephys=eth0 defaultroutevirt=ipsec0 defaultrouteaddr=208.180.134.97 defaultroutenexthop=208.180.134.1 + _________________________ + + ipsec _include /etc/ipsec.conf + ipsec _keycensor #< /etc/ipsec.conf 1 # /etc/ipsec.conf - FreeS/WAN IPsec configuration file # More elaborate and more varied sample configurations can be found # in FreeS/WAN's doc/examples file, and in the HTML documentation. # basic configuration config setup # THIS SETTING MUST BE CORRECT or almost nothing will work; # %defaultroute is okay for most simple cases. interfaces=%defaultroute # Debug-logging controls: "none" for (almost) none, "all" for lots. klipsdebug=none plutodebug=none # Use auto= parameters in conn descriptions to control startup actions. plutoload=%search plutostart=%search # Close down old connection when new one using same ID shows up. uniqueids=yes # defaults for subsequent connection descriptions conn %default #type=tunnel #keyexchange=ike #keylife=8h # How persistent to be in (re)keying negotiations (0 means very). keyingtries=0 #disablearrivalcheck=no # RSA authentication with keys from DNS. #authby=rsasig #leftrsasigkey=%dns #rightrsasigkey=%dns # Preshared Secret Key authentication. authby=secret #pfs=no # Left security gateway, subnet behind it, next hope toward right. #left=10.0.0.1 #leftsubnet=192.168.1.0/24 #leftnexthop=10.22.33.44 #leftfirewall=yes # connection description for (experimental!) opportunistic encryption # (requires KEY record in your DNS reverse map; see doc/opportunism.howto) #conn me-to-anyone # left=%defaultroute # right=%opportunistic # # uncomment to enable incoming; change to auto=route for outgoing # #auto=add # sample VPN connection conn net #left left=208.180.134.97 leftsubnet=192.168.1.0/24 leftnexthop=%defaultroute # Right security gateway, subnet behind it, next hop toward left. right=208.180.134.7 rightsubnet=192.168.2.0/24 rightnexthop=%defaultroute #rightfirewall=yes # To authorize this connection, but not actually start it, at startup, # uncomment this. To start the connection, change "add" to "start". auto=start + _________________________ + + ipsec _include /etc/ipsec.secrets + ipsec _secretcensor #< /etc/ipsec.secrets 1 # This file holds shared secrets or RSA private keys for inter-Pluto # authentication. See ipsec_pluto(8) manpage, and HTML documentation. # RSA private key for this host, authenticating it to any other host # which knows the public part. Suitable public keys, for ipsec.conf, DNS, # or configuration of other implementations, can be extracted conveniently md5sum: not found # with "[sums to #...]". md5sum: not found # # -- Create your own RSA key with "[sums to #...]" # } md5sum: not found # do not change the indenting of that "[sums to #...]" # Preshared Secret Key authentication. You can have ipsec create a md5sum: not found # secret key with the "[sums to #...]" command. md5sum: not found : PSK "[sums to :...]" + _________________________ + + ls -l /usr/local/lib/ipsec -rwxr-xr-x 1 root staff 10884 Jul 19 2001 _confread -rwxr-xr-x 1 root staff 2163 Jul 19 2001 _include -rwxr-xr-x 1 root staff 1383 Jul 19 2001 _keycensor -rwxr-xr-x 1 root staff 3271 Jul 19 2001 _plutoload -rwxr-xr-x 1 root staff 3404 Jul 19 2001 _plutorun -rwxr-xr-x 1 root staff 6709 Jul 19 2001 _realsetup -rwxr-xr-x 1 root staff 1904 Jul 19 2001 _secretcensor -rwxr-xr-x 1 root staff 6097 Oct 18 2001 _startklips -rwxr-xr-x 1 root staff 5466 Oct 18 2001 _updown -rwxr-xr-x 1 root staff 9994 Jul 19 2001 auto -rwxr-xr-x 1 root staff 4670 Jul 19 2001 barf -rwxr-xr-x 1 root staff 57332 Jul 19 2001 eroute -rwxr-xr-x 1 root staff 2846 Jul 19 2001 ipsec -rwxr-xr-x 1 root staff 39820 Jul 19 2001 klipsdebug -rwxr-xr-x 1 root staff 2552 Oct 24 2001 look -rwxr-xr-x 1 root staff 16172 Jul 19 2001 manual -rwxr-xr-x 1 root staff 277828 Jul 19 2001 pluto -rwxr-xr-x 1 root staff 6620 Jul 19 2001 ranbits -rwxr-xr-x 1 root staff 45364 Jul 19 2001 rsasigkey lrwxrwxrwx 1 root staff 17 Nov 30 15:38 setup -> /etc/init.d/ipsec -rwxr-xr-x 1 root staff 1041 Jul 19 2001 showdefaults -rwxr-xr-x 1 root staff 3055 Jul 19 2001 showhostkey -rwxr-xr-x 1 root staff 62220 Jul 19 2001 spi -rwxr-xr-x 1 root staff 48980 Jul 19 2001 spigrp -rwxr-xr-x 1 root staff 9240 Jul 19 2001 tncfg -rwxr-xr-x 1 root staff 29776 Jul 19 2001 whack + _________________________ + + ls /usr/local/lib/ipsec + egrep updown + cat /usr/local/lib/ipsec/_updown #! /bin/sh # default updown script # Copyright (C) 2000, 2001 D. Hugh Redelmeier, Henry Spencer # # This program is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by the # Free Software Foundation; either version 2 of the License, or (at your # option) any later version. See . # # This program is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License # for more details. # # RCSID $Id: _updown,v 1.14 2001/04/07 22:42:54 henry Exp $ # CAUTION: Installing a new version of FreeS/WAN will install a new # copy of this script, wiping out any custom changes you make. If # you need changes, make a copy of this under another name, and customize # that, and use the (left/right)updown parameters in ipsec.conf to make # FreeS/WAN use yours instead of this default one. # check interface version case "$PLUTO_VERSION" in 1.[0]) # Older Pluto?!? Play it safe, script may be using new features. echo "$0: obsolete interface version `$PLUTO_VERSION'," >&2 echo "$0: called by obsolete Pluto?" >&2 exit 2 ;; 1.*) ;; *) echo "$0: unknown interface version `$PLUTO_VERSION'" >&2 exit 2 ;; esac # check parameter(s) case "$*" in '') ;; ipfwadm) # caused by (left/right)firewall=yes; for default script only ;; *) echo "$0: unknown parameter `$1'" >&2 exit 2 ;; esac # utility functions for route manipulation # Meddling with this stuff should not be necessary and requires great care. uproute() { doroute add } downroute() { doroute del } doroute() { parms="-net $PLUTO_PEER_CLIENT_NET netmask $PLUTO_PEER_CLIENT_MASK" parms2="dev $PLUTO_INTERFACE gw $PLUTO_NEXT_HOP" case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in "0.0.0.0/0.0.0.0") # horrible kludge for obscure routing bug with opportunistic route $1 -net 0.0.0.0 netmask 128.0.0.0 $parms2 && route $1 -net 128.0.0.0 netmask 128.0.0.0 $parms2 ;; *) route $1 $parms $parms2 ;; esac st=$? if test $st -ne 0 then # route has already given its own cryptic message echo "$0: `route $1 $parms' failed" >&2 fi return $st } # the big choice case "$PLUTO_VERB:$1" in prepare-host:*|prepare-client:*) # delete possibly-existing route (preliminary to adding a route) case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in "0.0.0.0/0.0.0.0") # horrible kludge for obscure routing bug with opportunistic parms1="-net 0.0.0.0 netmask 128.0.0.0" parms2="-net 128.0.0.0 netmask 128.0.0.0" oops="`route del $parms1 2>&1 ; route del $parms2 2>&1`" ;; *) parms="-net $PLUTO_PEER_CLIENT_NET netmask $PLUTO_PEER_CLIENT_MASK" oops="`route del $parms 2>&1`" ;; esac status="$?" if test " $oops" = " " -a " $status" != " 0" then oops="silent error, exit status $status" fi case "$oops" in 'SIOCDELRT: No such process'*) # This is what route (currently -- not documented!) gives # for "could not find such a route". oops= status=0 ;; esac if test " $oops" != " " -o " $status" != " 0" then echo "$0: `route del $parms' failed ($oops)" >&2 fi exit $status ;; route-host:*|route-client:*) # connection to me or my client subnet being routed uproute ;; unroute-host:*|unroute-client:*) # connection to me or my client subnet being unrouted downroute ;; up-host:*) # connection to me coming up # If you are doing a custom version, firewall commands go here. ;; down-host:*) # connection to me going down # If you are doing a custom version, firewall commands go here. ;; up-client:) # connection to my client subnet coming up # If you are doing a custom version, firewall commands go here. ;; down-client:) # connection to my client subnet going down # If you are doing a custom version, firewall commands go here. ;; up-client:ipfwadm) # connection to client subnet, with (left/right)firewall=yes, coming up # This is used only by the default updown script, not by your custom # ones, so do not mess with it; see CAUTION comment up at top. # ipfwadm -F -i accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK # -D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK ipchains -I forward -j ACCEPT -b -s $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK # Insert firewall rule to accept ESP (Protocol 50) and AH (Protocol 51) # packets from peer ipchains -I input -j ACCEPT -p 50 -s $PLUTO_PEER/32 -d $PLUTO_ME/32 ipchains -I input -j ACCEPT -p 51 -s $PLUTO_PEER/32 -d $PLUTO_ME/32 ;; down-client:ipfwadm) # connection to client subnet, with (left/right)firewall=yes, going down # This is used only by the default updown script, not by your custom # ones, so do not mess with it; see CAUTION comment up at top. # ipfwadm -F -d accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK # -D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK ipchains -D forward -j ACCEPT -b -s $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK # Delete firewall rule to accept ESP (Protocol 50) and AH (Protocol 51) # packets from peer ipchains -D input -j ACCEPT -p 50 -s $PLUTO_PEER/32 -d $PLUTO_ME/32 ipchains -D input -j ACCEPT -p 51 -s $PLUTO_PEER/32 -d $PLUTO_ME/32 ;; *) echo "$0: unknown verb `$PLUTO_VERB' or parameter `$1'" >&2 exit 1 ;; esac + _________________________ + + cat /proc/net/dev Inter-| Receive | Transmit face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed lo: 17318 192 0 0 0 0 0 0 17318 192 0 0 0 0 0 0 ipsec0: 808 13 0 0 0 0 0 0 0 0 0 16 0 0 0 0 ipsec1: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ipsec2: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ipsec3: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 eth0:37874207 149853 0 0 0 0 0 0 4193029 35352 0 0 0 109 0 0 eth1:71362665 87361 0 0 0 0 0 0 29289095 37977 0 0 0 728 0 0 + _________________________ + + cat /proc/net/route Iface Destination Gateway Flags RefCnt Use Metric Mask MTU Window IRTT eth0 0086B4D0 00000000 0001 0 0 0 00FFFFFF 0 0 0 ipsec0 0086B4D0 00000000 0001 0 0 0 00FFFFFF 0 0 0 ipsec0 0002A8C0 0186B4D0 0003 0 0 0 00FFFFFF 0 0 0 eth1 0001A8C0 00000000 0001 0 0 0 00FFFFFF 0 0 0 eth0 00000000 0186B4D0 0003 0 0 0 00000000 0 0 0 + _________________________ + + cat /proc/sys/net/ipv4/ip_forward 1 + _________________________ + + uname -a Linux firewall 2.2.19-3-LEAF #2 Sat Dec 1 12:34:52 CST 2001 i386 unknown + _________________________ + + test -r /etc/redhat-release + _________________________ + + cat /proc/net/ipsec_version FreeS/WAN version: 1.91 + _________________________ + + ipchains -L -v -n Chain input (policy DENY: 9 packets, 1523 bytes): pkts bytes target prot opt tosa tosx ifname mark outsize source destination ports 0 0 DENY icmp ----l- 0xFF 0x00 * 0.0.0.0/0 0.0.0.0/0 5 -> * 0 0 DENY icmp ----l- 0xFF 0x00 * 0.0.0.0/0 0.0.0.0/0 13 -> * 0 0 DENY icmp ----l- 0xFF 0x00 * 0.0.0.0/0 0.0.0.0/0 14 -> * 0 0 DENY all ----l- 0xFF 0x00 eth0 0.0.0.0 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 255.255.255.255 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 127.0.0.0/8 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 224.0.0.0/4 0.0.0.0/0 n/a 29 928 DENY all ----l- 0xFF 0x00 eth0 10.0.0.0/8 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 172.16.0.0/12 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 192.168.0.0/16 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 0.0.0.0/8 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 128.0.0.0/16 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 191.255.0.0/16 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 192.0.0.0/24 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 223.255.255.0/24 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 240.0.0.0/4 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 192.168.1.0/24 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 208.180.134.97 0.0.0.0/0 n/a 0 0 REJECT all ----l- 0xFF 0x00 eth0 0.0.0.0/0 127.0.0.0/8 n/a 0 0 REJECT all ----l- 0xFF 0x00 eth0 0.0.0.0/0 192.168.1.0/24 n/a 0 0 REJECT tcp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 * -> 137 0 0 REJECT tcp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 * -> 135 4 312 REJECT udp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 * -> 137 0 0 REJECT udp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 * -> 135 0 0 REJECT tcp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 * -> 138:139 0 0 REJECT udp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 * -> 138 0 0 REJECT udp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 137:138 -> * 0 0 REJECT udp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 135 -> * 0 0 REJECT tcp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 137:139 -> * 0 0 REJECT tcp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 135 -> * 0 0 REJECT tcp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 * -> 113 7781 9771K ACCEPT tcp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 * -> 1024:65535 0 0 REJECT udp ----l- 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 * -> 161:162 0 0 ACCEPT udp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 * -> 68 3 508 ACCEPT udp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 * -> 500 0 0 DENY udp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 * -> 67 786 246K ACCEPT udp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 * -> 1024:65535 25 1428 ACCEPT icmp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 * -> * 0 0 ACCEPT ospf ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 n/a 0 0 ACCEPT 50 ------ 0xFF 0x00 eth0 0.0.0.0/0 208.180.134.97 n/a 0 0 ACCEPT 51 ------ 0xFF 0x00 eth0 0.0.0.0/0 208.180.134.97 n/a 592 22370 DENY all ----l- 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 n/a 0 0 REJECT udp ----l- 0xFF 0x00 * 0.0.0.0/0 0.0.0.0/0 * -> 161:162 0 0 REJECT udp ----l- 0xFF 0x00 * 0.0.0.0/0 0.0.0.0/0 161:162 -> * 6215 938K ACCEPT all ------ 0xFF 0x00 * 0.0.0.0/0 0.0.0.0/0 n/a Chain forward (policy DENY: 0 packets, 0 bytes): pkts bytes target prot opt tosa tosx ifname mark outsize source destination ports 0 0 DENY icmp ----l- 0xFF 0x00 * 0.0.0.0/0 0.0.0.0/0 5 -> * 5917 900K MASQ all ------ 0xFF 0x00 eth0 192.168.1.0/24 0.0.0.0/0 n/a 0 0 DENY all ------ 0xFF 0x00 * 0.0.0.0/0 0.0.0.0/0 n/a Chain output (policy DENY: 0 packets, 0 bytes): pkts bytes target prot opt tosa tosx ifname mark outsize source destination ports 14350 11M fairq all ------ 0xFF 0x00 * 0.0.0.0/0 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 0.0.0.0 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 255.255.255.255 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 127.0.0.0/8 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 224.0.0.0/4 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 10.0.0.0/8 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 172.16.0.0/12 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 192.168.0.0/16 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 0.0.0.0/8 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 128.0.0.0/16 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 191.255.0.0/16 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 192.0.0.0/24 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 223.255.255.0/24 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 240.0.0.0/4 0.0.0.0/0 n/a 0 0 DENY all ------ 0xFF 0x00 eth0 192.168.1.0/24 0.0.0.0/0 n/a 0 0 REJECT tcp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 * -> 137 0 0 REJECT tcp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 * -> 135 0 0 REJECT udp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 * -> 137 0 0 REJECT udp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 * -> 135 0 0 REJECT tcp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 * -> 138:139 0 0 REJECT udp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 * -> 138 0 0 REJECT udp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 137:138 -> * 0 0 REJECT udp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 135 -> * 0 0 REJECT tcp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 137:139 -> * 0 0 REJECT tcp ------ 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 135 -> * 14350 11M ACCEPT all ------ 0xFF 0x00 * 0.0.0.0/0 0.0.0.0/0 n/a Chain fairq (1 references): pkts bytes target prot opt tosa tosx ifname mark outsize source destination ports 0 0 RETURN ospf ------ 0xFF 0x00 * 0x1 0.0.0.0/0 0.0.0.0/0 n/a 0 0 RETURN ospf ------ 0xFF 0x00 * 0x1 0.0.0.0/0 0.0.0.0/0 n/a 0 0 RETURN udp ------ 0xFF 0x00 * 0x1 0.0.0.0/0 0.0.0.0/0 * -> 520 0 0 RETURN udp ------ 0xFF 0x00 * 0x1 0.0.0.0/0 0.0.0.0/0 520 -> * 0 0 RETURN tcp ------ 0xFF 0x00 * 0x1 0.0.0.0/0 0.0.0.0/0 * -> 179 0 0 RETURN tcp ------ 0xFF 0x00 * 0x1 0.0.0.0/0 0.0.0.0/0 179 -> * 270 19008 RETURN tcp ------ 0xFF 0x00 * 0x1 0.0.0.0/0 0.0.0.0/0 * -> 53 216 10959 RETURN tcp ------ 0xFF 0x00 * 0x1 0.0.0.0/0 0.0.0.0/0 53 -> * 366 28839 RETURN udp ------ 0xFF 0x00 * 0x1 0.0.0.0/0 0.0.0.0/0 * -> 53 233 22099 RETURN udp ------ 0xFF 0x00 * 0x1 0.0.0.0/0 0.0.0.0/0 53 -> * 0 0 RETURN tcp ------ 0xFF 0x00 * 0x2 0.0.0.0/0 0.0.0.0/0 * -> 23 0 0 RETURN tcp ------ 0xFF 0x00 * 0x2 0.0.0.0/0 0.0.0.0/0 23 -> * 0 0 RETURN tcp ------ 0xFF 0x00 * 0x2 0.0.0.0/0 0.0.0.0/0 * -> 22 0 0 RETURN tcp ------ 0xFF 0x00 * 0x2 0.0.0.0/0 0.0.0.0/0 22 -> * + _________________________ + + ipfwadm -F -l -n -e ipfwadm: not found + _________________________ + + ipfwadm -I -l -n -e ipfwadm: not found + _________________________ + + ipfwadm -O -l -n -e ipfwadm: not found + _________________________ + + ipchains -M -L -v -n IP masquerading entries prot expire initseq delta prevd source destination ports TCP 01:34.81 0 0 0 192.168.1.3 205.188.165.249 2917 (64716) -> 80 TCP 01:02.66 0 0 0 192.168.1.3 205.188.165.249 2912 (64712) -> 80 TCP 01:03.17 0 0 0 192.168.1.3 205.188.165.249 2913 (64713) -> 80 TCP 239:18.08 0 0 0 192.168.1.2 205.188.1.91 3360 (63802) -> 5190 TCP 01:33.96 0 0 0 192.168.1.3 205.188.165.185 2916 (64715) -> 80 TCP 239:34.40 0 0 0 192.168.1.3 64.12.27.41 2645 (61006) -> 5190 TCP 239:32.70 0 0 0 192.168.1.2 64.12.27.87 3362 (63804) -> 5190 TCP 239:11.38 0 0 0 192.168.1.3 205.188.11.14 2643 (61003) -> 5190 TCP 00:17.19 0 0 0 192.168.1.2 128.121.26.136 4499 (64710) -> 80 UDP 01:49.24 0 0 0 192.168.1.202 64.242.242.2 2761 (64705) -> 53 TCP 00:50.09 0 0 0 192.168.1.2 64.242.243.104 4497 (64709) -> 110 TCP 01:31.86 0 0 0 192.168.1.3 64.242.243.104 2915 (64714) -> 110 TCP 00:56.47 0 0 0 192.168.1.2 204.56.250.4 4501 (64711) -> 110 UDP 01:25.50 0 0 0 192.168.1.202 64.242.242.2 2750 (64701) -> 53 + _________________________ + + ipfwadm -M -l -n -e ipfwadm: not found + _________________________ + + cat /proc/modules ip_masq_vdolive 1180 0 (unused) ip_masq_user 3708 0 (unused) ip_masq_mfw 3196 0 (unused) ip_masq_autofw 2476 0 (unused) 3c509 5628 2 pci-scan 2296 0 + _________________________ + + cat /proc/meminfo total: used: free: shared: buffers: cached: Mem: 31555584 17969152 13586432 9289728 6332416 5468160 Swap: 0 0 0 MemTotal: 30816 kB MemFree: 13268 kB MemShared: 9072 kB Buffers: 6184 kB Cached: 5340 kB SwapTotal: 0 kB SwapFree: 0 kB + _________________________ + + ls -l /dev/ipsec* ls: /dev/ipsec*: No such file or directory + _________________________ + + ls -l /proc/net/ipsec_eroute /proc/net/ipsec_klipsdebug /proc/net/ipsec_spi /proc/net/ipsec_spigrp /proc/net/ipsec_tncfg /proc/net/ipsec_version -r--r--r-- 1 root root 0 Nov 30 21:45 /proc/net/ipsec_eroute -r--r--r-- 1 root root 0 Nov 30 21:45 /proc/net/ipsec_klipsdebug -r--r--r-- 1 root root 0 Nov 30 21:45 /proc/net/ipsec_spi -r--r--r-- 1 root root 0 Nov 30 21:45 /proc/net/ipsec_spigrp -r--r--r-- 1 root root 0 Nov 30 21:45 /proc/net/ipsec_tncfg -r--r--r-- 1 root root 0 Nov 30 21:45 /proc/net/ipsec_version + _________________________ + + test -f /usr/src/linux/.config + _________________________ + + cat /etc/syslog.conf # /etc/syslog.conf Configuration file for syslogd. # # For more information see syslog.conf(5) # manpage. # # Log everything remotely. The other machine must run syslog with '-r'. # WARNING: Doing this is unsecure and can open you up to a DoS attack. # #*.* @host.ip.address-or-name.here # # First some standard logfiles. Log by facility. # auth,authpriv.* /var/log/auth.log *.*;auth,authpriv.none -/var/log/syslog daemon.* -/var/log/daemon.log kern.* -/var/log/kern.log #cron.* /var/log/cron.log #lpr.* -/var/log/lpr.log #mail.* /var/log/mail.log #user.* -/var/log/user.log #uucp.* -/var/log/uucp.log # # Some `catch-all' logfiles. # *.=debug; auth,authpriv.none; news.none;mail.none -/var/log/debug *.=info;*.=notice;*.=warn; auth,authpriv.none; cron,daemon.none; mail,news.none -/var/log/messages # # Emergencies are sent to everybody logged in. # *.emerg * #ppp local2.* -/var/log/ppp.log #portslave local6.* -/var/log/pslave.log + _________________________ + + test -f /var/log/kern.debug + _________________________ + + cat + egrep -i ipsec|klips|pluto + egrep -n Starting FreeS.WAN /var/log/syslog + sed -n $s/:.*//p + sed -n 61,$p /var/log/syslog Nov 30 15:38:27 firewall ipsec_setup: Starting FreeS/WAN IPsec 1.91... Nov 30 15:38:27 firewall ipsec_setup: KLIPS debug `none' Nov 30 15:38:28 firewall ipsec_setup: KLIPS ipsec0 on eth0 208.180.134.97/255.255.255.0 broadcast 0.0.0.0 Nov 30 15:38:28 firewall ipsec_setup: ...FreeS/WAN IPsec started Nov 30 15:38:30 firewall ipsec__plutorun: 104 "net" #1: STATE_MAIN_I1: initiate Nov 30 15:38:30 firewall ipsec__plutorun: 106 "net" #1: STATE_MAIN_I2: from STATE_MAIN_I1; sent MI2, expecting MR2 Nov 30 15:38:30 firewall ipsec__plutorun: 108 "net" #1: STATE_MAIN_I3: from STATE_MAIN_I2; sent MI3, expecting MR3 Nov 30 15:38:30 firewall ipsec__plutorun: 004 "net" #1: STATE_MAIN_I4: ISAKMP SA established Nov 30 15:38:30 firewall ipsec__plutorun: 112 "net" #3: STATE_QUICK_I1: initiate Nov 30 15:38:30 firewall ipsec__plutorun: 004 "net" #3: STATE_QUICK_I2: sent QI2, IPsec SA established + _________________________ + + egrep -i pluto + egrep -n Starting Pluto /var/log/auth.log + cat + sed -n $s/:.*//p + sed -n 1,$p /var/log/auth.log Nov 30 15:38:28 firewall Pluto[1048]: Starting Pluto (FreeS/WAN Version 1.91) Nov 30 15:38:29 firewall Pluto[1048]: added connection description "net" Nov 30 15:38:29 firewall Pluto[1048]: listening for IKE messages Nov 30 15:38:29 firewall Pluto[1048]: adding interface ipsec0/eth0 208.180.134.97 Nov 30 15:38:29 firewall Pluto[1048]: loading secrets from "/etc/ipsec.secrets" Nov 30 15:38:29 firewall Pluto[1048]: "net" #1: initiating Main Mode Nov 30 15:38:29 firewall Pluto[1048]: "net" #2: responding to Main Mode Nov 30 15:38:30 firewall Pluto[1048]: "net" #1: STATE_MAIN_I4: ISAKMP SA established Nov 30 15:38:30 firewall Pluto[1048]: "net" #3: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS Nov 30 15:38:30 firewall Pluto[1048]: "net" #2: STATE_MAIN_R3: sent MR3, ISAKMP SA established Nov 30 15:38:30 firewall Pluto[1048]: "net" #3: STATE_QUICK_I2: sent QI2, IPsec SA established Nov 30 15:38:30 firewall Pluto[1048]: "net" #4: responding to Quick Mode Nov 30 15:38:30 firewall Pluto[1048]: "net" #4: STATE_QUICK_R2: IPsec SA established Nov 30 16:21:56 firewall Pluto[1048]: "net" #5: responding to Main Mode Nov 30 16:21:57 firewall Pluto[1048]: "net" #1: not replacing stale ISAKMP SA: #2 will do Nov 30 16:21:57 firewall Pluto[1048]: "net" #5: STATE_MAIN_R3: sent MR3, ISAKMP SA established Nov 30 16:34:00 firewall Pluto[1048]: "net" #2: not replacing stale ISAKMP SA: #5 will do Nov 30 16:38:30 firewall Pluto[1048]: "net" #2: ISAKMP SA expired (superseded by #5) Nov 30 16:38:30 firewall Pluto[1048]: "net" #1: ISAKMP SA expired (superseded by #5) Nov 30 16:59:56 firewall Pluto[1048]: "net" #6: responding to Main Mode Nov 30 16:59:56 firewall Pluto[1048]: "net" #6: STATE_MAIN_R3: sent MR3, ISAKMP SA established Nov 30 16:59:56 firewall Pluto[1048]: "net" #7: responding to Quick Mode Nov 30 16:59:57 firewall Pluto[1048]: "net" #7: STATE_QUICK_R2: IPsec SA established Nov 30 17:17:27 firewall Pluto[1048]: "net" #5: not replacing stale ISAKMP SA: #6 will do Nov 30 17:21:57 firewall Pluto[1048]: "net" #5: ISAKMP SA expired (superseded by #6) Nov 30 17:43:22 firewall Pluto[1048]: "net" #8: responding to Main Mode Nov 30 17:43:23 firewall Pluto[1048]: "net" #8: STATE_MAIN_R3: sent MR3, ISAKMP SA established Nov 30 17:55:26 firewall Pluto[1048]: "net" #6: not replacing stale ISAKMP SA: #8 will do Nov 30 17:59:56 firewall Pluto[1048]: "net" #6: ISAKMP SA expired (superseded by #8) Nov 30 18:27:20 firewall Pluto[1048]: "net" #9: responding to Main Mode Nov 30 18:27:21 firewall Pluto[1048]: "net" #9: STATE_MAIN_R3: sent MR3, ISAKMP SA established Nov 30 18:38:53 firewall Pluto[1048]: "net" #8: not replacing stale ISAKMP SA: #9 will do Nov 30 18:43:23 firewall Pluto[1048]: "net" #8: ISAKMP SA expired (superseded by #9) Nov 30 19:11:09 firewall Pluto[1048]: "net" #10: responding to Main Mode Nov 30 19:11:10 firewall Pluto[1048]: "net" #10: STATE_MAIN_R3: sent MR3, ISAKMP SA established Nov 30 19:22:51 firewall Pluto[1048]: "net" #9: not replacing stale ISAKMP SA: #10 will do Nov 30 19:27:21 firewall Pluto[1048]: "net" #9: ISAKMP SA expired (superseded by #10) Nov 30 19:53:57 firewall Pluto[1048]: "net" #11: responding to Main Mode Nov 30 19:53:58 firewall Pluto[1048]: "net" #11: STATE_MAIN_R3: sent MR3, ISAKMP SA established Nov 30 20:06:40 firewall Pluto[1048]: "net" #10: not replacing stale ISAKMP SA: #11 will do Nov 30 20:11:10 firewall Pluto[1048]: "net" #10: ISAKMP SA expired (superseded by #11) Nov 30 20:43:11 firewall Pluto[1048]: "net" #12: responding to Main Mode Nov 30 20:43:12 firewall Pluto[1048]: "net" #12: STATE_MAIN_R3: sent MR3, ISAKMP SA established Nov 30 20:49:28 firewall Pluto[1048]: "net" #11: not replacing stale ISAKMP SA: #12 will do Nov 30 20:53:58 firewall Pluto[1048]: "net" #11: ISAKMP SA expired (superseded by #12) Nov 30 20:55:35 firewall Pluto[1048]: "net" #13: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS Nov 30 20:55:36 firewall Pluto[1048]: "net" #13: STATE_QUICK_I2: sent QI2, IPsec SA established Nov 30 20:55:52 firewall Pluto[1048]: "net" #14: responding to Quick Mode Nov 30 20:55:52 firewall Pluto[1048]: "net" #14: STATE_QUICK_R2: IPsec SA established Nov 30 21:31:11 firewall Pluto[1048]: "net" #15: responding to Main Mode Nov 30 21:31:11 firewall Pluto[1048]: "net" #15: STATE_MAIN_R3: sent MR3, ISAKMP SA established Nov 30 21:38:42 firewall Pluto[1048]: "net" #12: not replacing stale ISAKMP SA: #15 will do Nov 30 21:43:12 firewall Pluto[1048]: "net" #12: ISAKMP SA expired (superseded by #15) + _________________________ + + date Sat Nov 30 21:45:54 UTC 2002